The Advance Apprehension Category

The Advance Apprehension Category

The PIX firewall includes advance apprehension capabilities that can be activated in

various means to the firewall interfaces.These capabilities can be controlled from

the Advance Apprehension category.To accredit IDS on the firewall, baddest the IDS

Policy subcategory.The IDS Activity awning appears, as apparent in Figure 9.39.

www.syngress.com

Figure 9.38 The Auto Update Screen

496 Chapter 9 • PIX Device Manager

To accredit advance apprehension on the firewall, you charge aboriginal actualize a policy

and again administer that activity to an interface.Two types of behavior are available:

Attack and Info.To actualize a new policy, bang the Add button from the IDS

Policy screen.

From the Add IDS Activity window, actuate a activity name and baddest the

policy blazon by beat the Attack or Information radio button. Finally, select

an activity to accomplish back the activity is triggered by beat any of the Drop,

Alarm, and Reset analysis boxes.

Once a activity has been created, it can be mapped to a specific PIX interface

in the Policy-to-Interface Mappings area of the IDS Activity screen.To map a

policy, baddest the specific activity from the pull-down account for anniversary interface.

Administrators can additionally actuate the blazon of advance signatures to detect

on the PIX firewall.These signatures can be added and removed from the PIX

firewall agreement by beat the IDS Signatures subcategory. By default, all

signatures are enabled on the PIX.To abolish specific signatures, highlight the

www.syngress.com

Figure 9.39 The IDS Activity Screen

PIX Device Manager • Chapter 9 497

signature you appetite to abolish and bang the Disable button to move the

signature to the Disabled field.