Use the OpenSignatures page
for the
Network IPS appliance to write pattern-matching signatures that detect
specific threats to the appliance.
About this task
Navigating in the Network
IPS Local Management Interface:
Navigating
in the SiteProtector™ system:
select the OpenSignature Events policy
Procedure
- Click the Add icon.
- Configure the following options:
Option |
Description |
Enabled |
Enables
the rule. |
Comment |
Specifies
a unique description for the rule. |
Rule
String |
Specifies the criteria that the appliance
monitors for as
it inspects traffic that could trigger the OpenSignature event. |
- Click OK.
- Optional: Select the rule and click the Up arrow
or the Down arrow to place the rule in the
order that you want the rule processed.
What to do next
For
OpenSignatures to work, you must enable the OpenSignatures
parser on the Tuning Parameters page. See OpenSignature tuning parameters.