You monitor the security alert log information for the Network IPS appliance to effectively manage the amount of generated system and event data. If a serious event occurs, you can find the information and solve the problem quickly and immediately block the intruder by using single-click blocking.
Navigating in the Network IPS Local Management Interface:
Level | Description |
---|---|
High | Security issues that allow immediate
remote or local access, or immediate execution of code or commands
with unauthorized privileges. Examples: Most
buffer overflows, back doors, default or no password, and bypassing
security on firewalls or other network components
|
Medium | Security issues that have the potential
of granting access or allowing code execution with complex or lengthy
exploit procedures, or low risk issues that are applied to major Internet
components. Examples: Cross-site scripting,
man-in-the-middle attacks, SQL injection, denial of service of major
applications, and denial of service that result in system information
disclosure (such as core files)
|
Low | Security
issues that deny service or
provide non-system information that might be used to formulate structured
attacks on a target, but not directly gain unauthorized access. Examples: Brute force attacks, non-system
information disclosure (like configurations and paths), and denial
of service attacks
|