4 configuring idp signatures – ZyXEL Communications Centralized Network Management Vantage CNM User Manual
Page 155
Chapter 6 Device Security Settings
Vantage CNM User’s Guide
155
The following table describes signature actions.
6.9.4 Configuring IDP Signatures
Use this screen to see the device’s “group view” signature screen where you can view
signatures by attack type. To search for signatures based on other criteria such as signature
name or ID, then click the Switch to query view link to go to the “query view” screen.
You can take actions on these signatures as described in
. To revert to
the default actions or to save sets of actions, go to the Device Operation > Configuration
Management > Signature Profile Management > Reset to Factory or Backup & Restore
screen.
Figure 73 Device Operation > Device Configuration > Security > IDP > Signature
Table 62 Device Operation > Device Configuration > Security > IDP > Signature > Actions
ACTION
DESCRIPTION
No Action
The intrusion is detected but no action is taken.
Drop Packet
The packet is silently discarded.
Drop Session
When the firewall is enabled, subsequent TCP/IP packets belonging to the
same connection are dropped. Neither sender nor receiver are sent TCP RST
packets. If the firewall is not enabled only the packet that matched the
signature is dropped.
Reset Sender
When the firewall is enabled, the TCP/IP connection is silently torn down. Just
the sender is sent TCP RST packets. If the firewall is not enabled only the
packet that matched the signature is dropped.
Reset Receiver
When the firewall is enabled, the TCP/IP connection is silently torn down. Just
the receiver is sent TCP RST packets. If the firewall is not enabled only the
packet that matched the signature is dropped.
Reset Both
When the firewall is enabled, the TCP/IP connection is silently torn down. Both
sender and receiver are sent TCP RST packets. If the firewall is not enabled
only the packet that matched the signature is dropped.