[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

CLI Configuration

To define rules for an IPS rulebase:

  1. Create a policy by assigning a meaningful name to it. The following statement specifies base-policy as the policy name:
    user@host# set security idp idp-policy base-policy
  2. Associate a rulebase with the policy. The following statement associates an IPS rulebase with base-policy:
    user@host# set security idp idp-policy base-policy rulebase-ips
  3. Add rules to the rulebase The following statement adds a rule R1 to the rulebase:
    user@host# set security idp idp-policy base-policy rulebase-ips rule R1
  4. Define the match criteria for the rule. The following statements specify that any traffic from trust zone to untrust zone that includes a predefined attack Critical - TELNET matches the criteria for rule R1. The default application setting matches any application configured in the attack object.
    user@host# set security idp idp-policy base-policy rulebase-ips R1 match from-zone trust to-zone untrust source-address any destination-address any application default
    user@host# set security idp idp-policy base-policy rulebase-ips R1 match attacks predefined-attack-group “Critical - TELNET”
  5. Specify an action for the rule. The following statement specifies that the connection be dropped for any traffic that matches the criteria defined for rule R1:
    user@host# set security idp idp-policy base-policy rulebase-ips R1 then action drop-connection
  6. Specify notification and logging options for the rule. The following statement enables logging for this attack and specifies that an alert flag is added to the attack log:
    user@host# set security idp idp-policy base-policy rulebase-ips R1 then notification log-attacks alert
  7. Set the severity level for the rule. The following statement sets a critical severity level for rule R1:
    user@host# set security idp idp-policy base-policy rulebase-ips R1 then severity critical
  8. Activate the policy. The following specifies base-policy as the active policy:
    user@host# set security idp active-policy base-policy
  9. If you are finished configuring the router, commit the configuration.
  10. From configuration mode in the CLI, enter the show security idp command to verify the configuration. For more information, see the JUNOS Software CLI Reference.
[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

[an error occurred while processing this directive]