No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - Security

AR500, AR510, AR531, AR550, AR1500, and AR2500 V200R010

This document provides the basic concepts, configuration procedures, and configuration examples in different application scenarios of the network management feature supported by the device.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Default Settings for IPS

Default Settings for IPS

Table 6-3 describes the default settings for IPS.

Table 6-3  Default settings for IPS

Parameter

Default Setting

Security policy

Unspecified

IPS profile

The device has multiple default intrusion prevention profiles for different application scenarios. The default intrusion prevention profiles can be displayed, cloned, or referenced in security policies, but cannot be modified or deleted.
  • strict: It contains all signatures and the action is block. Apply to all protocols and categories. The intrusion prevention profile applies to the scenarios in which the device is required to block all matched packets.
  • web_server: It contains all signatures and the action is the default actions. Apply to DNS, HTTP, FTP protocols and all categories. The intrusion prevention profile applies to the scenarios in which the device is deployed in front of a web server.
  • file_server: It contains all signatures and the action is the default actions. Apply to DNS, SMB, NETBIOS, NFS, SUNRPC, MSRPC, FILE, TELNET protocols and all categories. The intrusion prevention profile applies to the scenarios in which the device is deployed in front of a file server.
  • dns_server: It contains all signatures and the action is the default actions. Apply to DNS protocol and all categories. The intrusion prevention profile applies to the scenarios in which the device is deployed in front of a DNS server.
  • mail_server: It contains all signatures and the action is the default actions. Apply to DNS, IMAP4, SMTP, POP3 protocols and all categories. The intrusion prevention profile applies to the scenarios in which the device is deployed in front of a mail server.
  • inside_firewall: It contains all signatures and the action is the default actions. Apply to all protocols and categories. The intrusion prevention profile applies to the scenarios in which the device is deployed behind a firewall.
  • dmz: It contains all signatures and the action is the default actions. Apply to all protocols except NETBIOS, NFS, SMB, TELNET TFTP and categories. The intrusion prevention profile applies to the scenarios in which the device is deployed behind a firewall. The intrusion prevention profile applies to the scenarios in which the device is deployed in front of a DMZ.
  • outside_firewall: It contains all signatures and the action is the default actions. Apply to all protocols and categories except Scanner. The intrusion prevention profile applies to the scenarios in which the device is deployed in front of a firewall.
  • ids: It contains all signatures and the action is alert. Apply to all protocols and categories. The intrusion prevention profile applies to the scenarios in which the device is deployed offline as an IDS.
  • default: It contains all signatures and the action is the default actions. Apply to all protocols and categories. The intrusion prevention profile applies to the scenarios in which the device is deployed in-line as an IPS.

IPS log caching function

Enabled.

Output time of IPS logs in the cache

1 minute.

Translation
Download
Updated: 2019-05-20

Document ID: EDOC1100034236

Views: 95454

Downloads: 58

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next