Responses determine how the Network IPS appliance
will
notify you when it detects an intrusion or other important event.
Create responses and then apply them to events as necessary.
About this task
The
Responses policy does not support IPv6 addresses.
Configuring email responses
Use the Email tab on
the Responses
page for the Network IPS appliance to configure email notifications
for individuals or groups when events occur. You can also select the
event parameters to include in the message to provide important information
about detected events.
Configuring log evidence responses
Use the Log
Evidence tab on the
Responses page for the Network IPS appliance to log the summary of
an event. The appliance copies the suspect packet and records information
such as event name, event date, and event ID.
Configuring quarantine responses
Use the Quarantine tab
on the Responses
page for the Network IPS appliance to configure responses that block
intruders, including worms and Trojan horses, when the appliance detects
events.
Configuring SNMP responses
Use the SNMP tab on
the Responses
page for the Network IPS appliance to configure simple network management
protocol (SNMP) notification responses for events that pull certain
values and send them to an SNMP manager.
Configuring user-specified responses
Use the User
Specified tab on the
Responses page for the Network IPS appliance to configure user-specified
responses to events, such as executing an application in response
to an event on the system.