Cisco Systems OL-16647-01 Network Router User Manual

Open as PDF

of 1230

27-11

Cisco ASDM User Guide

OL-16647-01

Chapter 27 Configuring Advanced Firewall Protection

Configuring IP Audit

IP Audit Policy

The IP Audit Policy pane lets you add audit policies and assign them to interfaces. You can assign an

attack policy and an informational policy to each interface. The attack policy determines the action to

take with packets that match an attack signature; the packet might be part of an attack on your network,

such as a DoS attack. The informational policy determines the action to take with packets that match an

informational signature; the packet is not currently attacking your network, but could be part of an

information-gathering activity, such as a port sweep. For a complete list of signatures, see the IP Audit

Signature List.

Fields

• Name—Shows the names of the defined IP audit policies. Although the default actions for a named

policy are listed in this table (“--Default Action--”), they are not named policies that you can assign

to an interface. Default actions are used by named policies if you do not set an action for the policy.

You can modify the default actions by selecting them and clicking the Edit button.

• Type—Shows the policy type, either Attack or Info.

• Action—Shows the actions taken against packets that match the policy, Alarm, Drop, and/or Reset.

Multiple actions can be listed.

• Add—Adds a new IP audit policy.

• Edit—Edits an IP audit policy or the default actions.

• Delete—Deletes an IP audit policy. You cannot delete a default action.

• Policy-to-Interface Mappings—Assigns an attack and informational policy to each interface.

–

Interface—Shows the interface name.

–

Attack Policy—Lists the attack audit policy names available. Assign a policy to an interface by

clicking the name in the list.

–

Info Policy—Lists the informational audit policy names available. Assign a policy to an

interface by clicking the name in the list.

Modes

The following table shows the modes in which this feature is available:

Add/Edit IP Audit Policy Configuration

The Add/Edit IP Audit Policy Configuration dialog box lets you add or edit a named IP audit policy that

you can assign to interfaces, and lets you modify the default actions for each signature type.

Fields

• Policy Name—Sets the IP audit policy name. You cannot edit the name after you add it.

• Policy Type—Sets the policy type. You cannot edit the policy type after you add it.

Firewall Mode Security Context

Routed Transparent Single

Multiple

Context System

• • • •—

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-16647-01 Network Router User Manual