Manualshelf

Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentETWMIM
61626364656667686970
How to Create and Edit
Automated Security Manager Rules
Automated Security Manager Rules serve two distinct functions:
Examine the source of the threat (switch/port) to determine if certain conditions exist (e.g. threat
category, source of the notifying IDS, policies currently applied to the port, etc.) which warrant a
response.
1.
Define the action to be taken when these conditions match the criteria defined by the Rule.2.
The Create Rule and Edit Rule windows are identical. They are accessed from the Automated Security
Manager Configuration Window's Rule Definitions view. The only difference between the two windows is
that the Edit Rule window contains the definition for a particular rule that you have selected in the Rule
Definitions view.
Information on:
Editing a Rule
Creating a Rule
Editing a Rule
To edit an existing rule:
Select a rule from the table in the Automated Security Manager Configuration Window's Rule
Definitions view.
1.
Click Edit. The Edit Rule window opens.2.
Go on to Step 2 in the Creating a Rule topic to modify the parameters for the rule as necessary.3.
Creating a Rule
To create a new rule:
Click Create in the ASM Configuration Window's Rule Definitions view. The Create Rule window
opens.
1.
Type a Name for the rule. The name can be any character string, excluding spaces, up to 64
characters.
2.
Define the Conditions To Test For that ASM will use to determine if and how it will respond to a
particular event:
Expand the device tree in the Group & Devices panel to select a target device or device
group that will be eligible for the action specified in the rule. For example, you do not want to
select a device/device group for a device type that does not support policy if you are creating
a rule with an action that applies a policy. Or as another example, in some rules, you may
want to apply different actions or more or less permanent actions for certain subnets
containing critical network resources. You can create several rules that address a particular
threat and apply different actions based on your target.
a.
3.
How to Create and Edit Automated Security Manager Rules 59