TMS zl Management and Configuration Guide ST.1.1.100226
6-21
Intrusion Detection and Prevention
Configuring IDS/IPS
Configure Protocol Anomaly Detection
The TMS zl Module provides default settings for performing anomaly detec-
tion. You can modify these default settings as needed for your environment,
but before making such changes, you should consult the documentation for
your company’s servers to identify their limitations and capacities.
The default settings are as follows:
■ HTTP headers
• Maximum header size—4096 bytes
• Maximum line size—3072 bytes
• Maximum URL line size—3072 bytes
• Maximum # of lines—50 per header
■ MIME headers
• Maximum header size—1024 bytes
• Maximum boundaries—5 per message
■ SMTP headers
• Maximum header size—1024 bytes
If you do choose to adjust the default settings, follow these steps:
1. Click Intrusion Detection > Protocol Anomalies or Intrusion Prevention >
Protocol Anomalies.
2. Adjust the values in the fields.
3. Click Apply My Changes.
4. Click Save.
Configuring Port Maps
To add a port map, follow these steps:
1. Click Intrusion Protection/Detection > Settings and click the Port Maps tab.
2. Click Add Port Map.