The Network IPS appliance provides response
tuning to configure
quarantine rules, to set responses to events, to tune responses in
your security policies with response filters, and to configure rolling
packet capture settings.
Configuring quarantine rules
Use the Quarantine
Rules page for
the Network IPS appliance to add new rules and to view rules that
are dynamically generated in response to detected intruder events.
These rules prevent worms from spreading and deny access to systems
that are infected with backdoors or Trojan horses.
Configuring responses
Responses determine how the Network IPS appliance
will
notify you when it detects an intrusion or other important event.
Create responses and then apply them to events as necessary.
Configuring response filters
Response filters control
response numbers, PAM parameters,
and how the Network IPS appliance responds to events that are triggered
by PAM parameters.
Configuring rolling packet capture settings
The Network IPS appliance
captures and stores network packet
information for you to use for forensic research and troubleshooting.
Configuring the firewall
The Network IPS appliance uses firewall rules
to drop or
block attacks before the attacks enter the network.