FWX120 Operation Manual
89
4
Enhancing security
Configuring Intrusion
Detection System
In the “Configure Intrusion Detection System”
screen, you can set the types of packets to be
detected and the processing method upon
detection (discard or pass) for each connection
type, such as the DHCP or PPPoE connection.
NOTE
Intrusion Detection System can apply to each
interface, but the larger number of applications may
decrease the speed of accessing the Internet, etc.
For more details on the types of unauthorized
access that this function can detect and its settings,
click “Help” on the setup screen and refer to the
description displayed.
To open the “Configure Intrusion Detection
System” screen
From “Basic configuration page”, click the buttons
on the setup screen in the following order:
“Advanced settings” in the top page
“Configure” in “Configure Intrusion Detection
System”
“Configure” of the interface for which you want
to configure Intrusion Detection System
Checking the history of
unauthorized access detection
In the “Status of Intrusion Detection System”
screen, you can view the number of detected
unauthorized access attempts and the history of
detection.
NOTE
• Note that new unauthorized access methods and
intrusion/attack patterns are constantly being
discovered and thus no completely infallible
prevention method exists. We would like you to
understand that not all unauthorized accesses can
be detected by this function.
• As this function detects accesses that are similar
to intrusions/attack patterns, some unauthorized
accesses may not be detected due to timing or
a range of other reasons. On the other hand, a
detected pattern does not automatically mean that
a serious unauthorized access has occurred. Please
understand this and use this function only as a guide
for your security management.
Tip
The detection results of unauthorized access attempts
are also output to Syslog in Info level (page 160).
Detecting unauthorized accesses and warning
(Continued from the previous page)