Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Attack Protection Configuration Guide-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
127128129130131132133134135136
127
Figure 108 Enable IDS collaboration
2. Select the Enable IDS Collaboration box.
3. Click Apply.
44B
Configuration guidelines
When you configure IDS collaboration, follow these guidelines:
Both the firewall devices and IDS devices must support and have SNMPv2c configured.
The aging time for an IDS blocking entry is five minutes. The timer restarts if the firewall receives an
SNMP trap with the same attack information before the timer expires.
A blocking entry is effective only to subsequent connections matching this entry. To make entries
apply to the current connections, disable the fast forwarding function of the firewall.
Disabling IDS collaboration removes the generated blocking entries from the firewall.