Intrusion Prevention
Intrusion Prevention

Port Scan blocked by IDP

‎09-06-2010 11:40 AM

Hi Folks,

 

I need to block Port Scan, IP-sweep and IP spoofing etc by IDP. As these are anomalies, so I have read that we can make Traffic anomalies rule base, But i can not find its tab in security policy. Please let me know how can I configured/enable the policies to prevent from these attacks.

 

awaiting for urgent responce.

 

Thanks and regards,

 

Muhammad Fahad Khan
JNCIE-M/T # 756
Network Consultant
IBM Pakistan
+92-301-8247638 begin_of_the_skype_highlighting              +92-301-8247638      end_of_the_skype_highlighting
+92-321-2370510 begin_of_the_skype_highlighting              +92-321-2370510      end_of_the_skype_highlighting
3 REPLIES 3
Intrusion Prevention

Re: Port Scan blocked by IDP

‎09-06-2010 08:45 PM

Hi,

 

Try opening the Policy in NSM, then right-click the tab at the top (i.e. IDP Policy name).  You should see options for the additional rulebases (i.e. Add Traffic Anomalies Rulebase).

 

-John

John Judge
JNCIS-SEC, JNCIS-ENT,

If this solves your problem, please mark this post as "Accepted Solution". Kudos are appreciated.
Intrusion Prevention

Re: Port Scan blocked by IDP

‎09-17-2010 07:29 AM

If this is an ISG or SRX with integrated IDP, use the SCREEN feature to block these, which does not require a ruleset.

Highlighted
Intrusion Prevention

Re: Port Scan blocked by IDP

‎09-27-2018 01:16 PM

aoa. Fahad khan did you find some solution for this issue, if yes please share