亚洲激情专区-91九色丨porny丨老师-久久久久久久女国产乱让韩-国产精品午夜小视频观看

溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點擊 登錄注冊 即表示同意《億速云用戶服務條款》

Juniper IDP 測試license 申請,數據庫安裝,調用;日志服務器調用IDP日志

發布時間:2020-07-17 14:26:05 來源:網絡 閱讀:1700 作者:Bcheng7 欄目:安全技術

License申請:
admin@SRX3600> request system license update trial

更新特征庫要求配置中已有DNS配置,正確的時間配置,下載的URL
security {
idp {
security-package {
url https://services.netscreen.com/cgi-bin/index.cgi;
}
}

需要先更新特征庫,再完成全局配置
1、 下載特征庫
admin@SRX3600> request security idp security-package download
2、更新
admin@SRX3600> request security idp security-package install

IPS配置方法:

IDP對應的規則:(全局 )
set security idp idp-policy IDP_Default rulebase-ips rule 1 match from-zone any
set security idp idp-policy IDP_Default rulebase-ips rule 1 match source-address any
set security idp idp-policy IDP_Default rulebase-ips rule 1 match to-zone any
set security idp idp-policy IDP_Default rulebase-ips rule 1 match destination-address any
set security idp idp-policy IDP_Default rulebase-ips rule 1 match application default
set security idp idp-policy IDP_Default rulebase-ips rule 1 match attacks predefined-attack-groups "Critical - IP"
set security idp idp-policy IDP_Default rulebase-ips rule 1 match attacks predefined-attack-groups "Critical - TCP"
set security idp idp-policy IDP_Default rulebase-ips rule 1 match attacks predefined-attack-groups "Major - TCP"
set security idp idp-policy IDP_Default rulebase-ips rule 1 match attacks predefined-attack-groups "Major - IP"
set security idp idp-policy IDP_Default rulebase-ips rule 1 then action no-action
set security idp idp-policy IDP_Default rulebase-ips rule 1 then notification log-attacks alert
set security idp active-policy IDP_Default

在具體的策略中調用,例如:
set security policies from-zone trust to-zone untrust policy t-u-1 match source-address any
set security policies from-zone trust to-zone untrust policy t-u-1 match destination-address any
set security policies from-zone trust to-zone untrust policy t-u-1 then permit application-services idp

日志查看:
如果直接在設備中查看IDP log,需要做兩步操作:
1、
security {
log {
mode event;
event-rate 1500;
}
}
日志從data-plane轉發到control-plane

2、增加IDP_log文件記錄IDP信息
set system syslog file IDP_log any any
set system syslog file IDP_log match RT_IDP
set system syslog file IDP_log archive size 10m
set system syslog file IDP_log archive files 10

向AI問一下細節

免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。

AI

碌曲县| 夏津县| 固阳县| 汝城县| 襄樊市| 宾川县| 江都市| 日照市| 南安市| 呼图壁县| 嵩明县| 东乌| 乌鲁木齐县| 鹰潭市| 保定市| 潼关县| 福建省| 东乌珠穆沁旗| 扎鲁特旗| 南木林县| 潞城市| 昆山市| 柳江县| 温宿县| 准格尔旗| 阜南县| 巴彦淖尔市| 龙川县| 双桥区| 平远县| 金坛市| 藁城市| 炉霍县| 遂平县| 印江| 海口市| 温宿县| 禹州市| 察哈| 安庆市| 锦屏县|