03-17-2012 12:57 AM
Below is output from SRX650 IDP enabled firewall. I enabled the DMZ Template from juniper for services running on DMZ zone. This template is blocking the Sharepoint and some other services whick run with default configuration. then i made a exempt rule for that litigmate traffic in idp rulebase.
My question is how can we custimize the attack threshold value like for HTTPVERFLOW:AUTH-OVFLW in idp rules as the only solution is that we are exempting it. But how to customize this attack values in IDP attacks so that traffic must check against those attacks without blocking it.
IDP Attack Table:
Juniper Firewall Attack details:
Attack name #Hits
03-17-2012 03:40 AM
You could try applying the "Web Server" policy template to the sharepoint server.
Senior IP Engineer - DQE Communications Pittsburgh, PA
JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC JNCSP-SEC
JNCIS-FWV JNCIS-SSL JNCDA
ACE PanOS 6
MCP - Managing Server 2003 MCP - Windows XP Professional
MCTS Windows 7