Manualshelf

R3721-F3210-F3171-HP High-End Firewalls Attack Protection Configuration Guide-6PW101

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
41424344454647484950
39
Configuration guidelines
When you configure IDS collaboration, follow these guidelines:
Both the firewall devices and IDS devices must support and have SNMPv2c configured.
The aging time for an IDS blocking entry is five minutes. The timer restarts if the firewall receives an
SNMP trap with the same attack information before the timer expires.
A blocking entry is effective only to subsequent connections matching this entry. To make entries
apply to the current connections, disable the fast forwarding function of the firewall.
Disabling IDS collaboration removes the generated blocking entries from the firewall.