The Advance Apprehension Category
The PIX firewall includes advance apprehension capabilities that can be activated in
various means to the firewall interfaces.These capabilities can be controlled from
the Advance Apprehension category.To accredit IDS on the firewall, baddest the IDS
Policy subcategory.The IDS Activity awning appears, as apparent in Figure 9.39.
www.syngress.com
Figure 9.38 The Auto Update Screen
496 Chapter 9 • PIX Device Manager
To accredit advance apprehension on the firewall, you charge aboriginal actualize a policy
and again administer that activity to an interface.Two types of behavior are available:
Attack and Info.To actualize a new policy, bang the Add button from the IDS
Policy screen.
From the Add IDS Activity window, actuate a activity name and baddest the
policy blazon by beat the Attack or Information radio button. Finally, select
an activity to accomplish back the activity is triggered by beat any of the Drop,
Alarm, and Reset analysis boxes.
Once a activity has been created, it can be mapped to a specific PIX interface
in the Policy-to-Interface Mappings area of the IDS Activity screen.To map a
policy, baddest the specific activity from the pull-down account for anniversary interface.
Administrators can additionally actuate the blazon of advance signatures to detect
on the PIX firewall.These signatures can be added and removed from the PIX
firewall agreement by beat the IDS Signatures subcategory. By default, all
signatures are enabled on the PIX.To abolish specific signatures, highlight the
www.syngress.com
Figure 9.39 The IDS Activity Screen
PIX Device Manager • Chapter 9 497
signature you appetite to abolish and bang the Disable button to move the
signature to the Disabled field.