Use the Responses area
of the User
Defined Events page for the Network IPS appliance to configure
how the appliance notifies you about your user-defined events.
About this task
Navigating
in the Network IPS Local Management Interface:
Navigating
in the SiteProtector™ system:
select the User Defined Events policy
Procedure
- Click the Add icon.
- Click the appropriate tab in the Responses area
and configure the following options:
Option |
Description |
Email |
Specifies the email address that receives alerts about events. Note: If
the email address does not appear in the list, you can configure email
in .
|
Quarantine |
Specifies responses that block intruders, including worms
and Trojan horses, when the appliance detects events.Notes: - Quarantine responses work only when you
have configured the appliance to run in inline protection mode.
- If
the quarantine response does not appear in the list, you can
configure quarantine responses in .
|
SNMP |
Sends an SNMP trap including pertinent information about the
event. Note: If the SNMP trap does not appear in the list, you can
configure SNMP traps in .
|
User Specified |
Specifies a user-specified response. Note: If the user-specified
response does not appear in the list, you can configure user-specified
responses in .
|
What to do next
On the Add User Defined Events window,
configure general settings, such as logging evidence, event throttling,
and specifying the context for your user-defined events.