IDS Configuration Scenario Using OA-700
Except on the first page, right running head:
Heading1 or Heading1NewPage text (automatic)
835
Alcatel-Lucent
Beta
Beta
CLI Configuration Guide
IDS C
ONFIGURATION
S
CENARIO
U
SING
OA-700
The step-by-step procedure to configure IDS using the OA-700 is given below.
C
ONFIGURATION
S
TEPS
Q
UICK
S
TEPS
1.
Create match-list.
2.
Create intrusion sensor.
3.
Create firewall policy.
4.
Attach match-list and intrusion sensor to the firewall policy.
5.
Attach firewall policy to an interface.
D
ETAILED
S
TEPS
Step 1:
Configure rule using match-list for any packet that matches classification.
ALU(config)#match-list m1
ALU(config-match-list-m1)#ip any any
ALU(config-match-list-m1)#exit
Step 2:
Create an intrusion sensor.
ALU(config)#firewall
ALU(config-firewall)#intrusion sensor ids1 snort
ALU(config-intrusion-sensor-ids1)#exit
Step 3:
Create a firewall policy.
ALU(config)#firewall
ALU(config-firewall)#policy p1
ALU(config-firewall-p1)#
Step 4:
Attach match-list and intrusion sensor to the firewall policy and specify the
action (detection or prevention).
ALU(config-firewall-p1)#match m1 intrusion ids1 prevention
Step 5:
Apply the firewall policy to ingress of WAN interface.
ALU(config)#interface GigabitEthernet 7/1
ALU(config-if GigabitEthernet7/1)#firewall policy in p1
ALU(config-if GigabitEthernet7/1)#exit
S
HOW
C
OMMANDS
1.
To check firewall policy with IDS sensor information
ALU#show firewall policy p1
ALU#show firewall intrusion sensor ids1
2.
To verify firewall intrusion statistics and counters when device detects the
intrusion
ALU#show firewall intrusion snort statistics
Содержание OmniAccess 700
Страница 38: ...Left running head Chapter name automatic 12 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 176: ...Left running head Chapter name automatic 150 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 224: ...Per VLAN Spanning Tree Left running head Chapter name automatic 198 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 258: ...Port Monitoring Left running head Chapter name automatic 232 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 260: ...Left running head Chapter name automatic 234 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 296: ...T1E1 Line Card Left running head Chapter name automatic 270 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 360: ...Point to Point Protocol Left running head Chapter name automatic 334 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 434: ...Left running head Chapter name automatic 408 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 462: ...Common Classifiers Left running head Chapter name automatic 436 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 464: ...Left running head Chapter name automatic 438 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 534: ...Border Gateway Protocol Left running head Chapter name automatic 508 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 638: ...Left running head Chapter name automatic 612 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 762: ...Filter and Firewall Left running head Chapter name automatic 736 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 890: ...Transparent Firewall Left running head Chapter name automatic 864 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 940: ...Left running head Chapter name automatic 914 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1000: ...Quality of Service Left running head Chapter name automatic 974 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1002: ...Left running head Chapter name automatic 976 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1044: ...DNS Domain Name Service Client Left running head Chapter name automatic 1018 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1046: ...Left running head Chapter name automatic 1020 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1058: ...Left running head Chapter name automatic 1032 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1074: ...Lifeline Left running head Chapter name automatic 1048 Beta Beta CLI Configuration Guide Alcatel Lucent line con 0 end ...
Страница 1076: ...Left running head Chapter name automatic 1050 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1118: ...Web Cache Server Left running head Chapter name automatic 1092 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1120: ...Left running head Chapter name automatic 2 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1140: ...QoS Values and Mnemonics Left running head Chapter name automatic 22 Beta Beta CLI Configuration Guide Alcatel Lucent ...
Страница 1156: ...IPsec Interoperability of OA 700 Left running head Chapter name automatic 38 Beta Beta CLI Configuration Guide Alcatel Lucent ...