- dynamic-attack-group dynamic-attack-group-name {
-
-
filters {
-
-
category {
-
values [list-of-values];
- }
-
-
direction {
-
values [any | client-to-server | exclude-any | exclude-client-to-server
|
-
exclude-server-to-client | server-to-client];
- }
-
-
false-positives {
-
values [frequently | occasionally | rarely | unknown];
- }
-
-
performance {
-
values [fast | normal | slow | unknown];
- }
-
-
products {
-
values [list-of-values];
- }
-
recommended;
-
-
service {
-
values [list-of-values];
- }
-
-
severity {
-
values [critical | info | major | minor | warning];
- }
-
-
type {
-
values [anomaly | signature];
- }
- }
- }
- [edit security idp]
Statement introduced in Release 9.3 of JUNOS software.
Configure dynamic attack group. Dynamic attack groups select its members based on the filters specified in the group. Hence the list of attacks get updated (added or removed) when a new signature database is used.
This statement is supported on SRX-series devices.
dynamic-attack-group-name —Name of the dynamic attack group.
The remaining statements are explained separately.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.