Cisco Cisco Firepower 9300 Security Appliance
When deleting one or more Network Protection policies, you have two options: Delete Policy Only, and Delete
Policy and Related Elements
Policy and Related Elements
.
To delete one or more Network Protection policies
1.
In the Configuration perspective, select Network Protection > Network Protection Policies.
2.
Select the row or rows.
3.
Click the
button, and select one of the following:
—
Delete Policy Only
—
Deletes the selected policy or policies, without the related objects.
—
Delete Policy and Related Elements
—
Deletes the selected policy or policies and all other policy-related
configurations (Network Classes, Context Classes, profile definitions) as long as the other policies on the
device are not using those objects.
Configuring Signature Protection for Network
Protection
Signature Protection detects and prevents network-oriented attacks, Operation System (OS) oriented attacks and
application-oriented attacks by comparing each packet to the set of signatures stored in the Signatures database.
This section contains the following:
This section contains the following:
•
Signature Protection in Radware DefensePro DDoS Mitigation, page 123
•
Configuration Considerations with Signature Protection, page 124
•
Configuring Signature Protection Profiles, page 124
•
Configuring Signature Protection Signatures, page 127
•
Configuring Signature Protection Attributes, page 132
Signature Protection in Radware DefensePro DDoS Mitigation
In Radware DefensePro DDoS Mitigation, you can configure Signature Protection using the All-DoS- Shield profile
and/or adding user-defined signatures.
The signatures in the All-DoS-Shield profile are limited to Offset Mask Pattern Condition (OMPC) parameters.
The signatures in the All-DoS-Shield profile are limited to Offset Mask Pattern Condition (OMPC) parameters.
OMPC parameters are a set of attack parameters that define rules for pattern lookups. For more information, see
Table 83 - Filter Parameters for Signatures: OMPC Parameters, page 131
.
Radware provides the All-DoS-Shield profile with a set of predefined signature profiles for field installation.
The All-DoS-Shield profile is updated when Radware creates a relevant new OMPC signature.
You cannot edit the All-DoS-Shield profile, but you can create a new profile according to the needs of your
The All-DoS-Shield profile is updated when Radware creates a relevant new OMPC signature.
You cannot edit the All-DoS-Shield profile, but you can create a new profile according to the needs of your
environment. For example, if you need to use only a small set of custom signatures, you can create a new profile
with those signatures and a new Threat Type attribute (see
Table 84 - Attribute Types, page 133
).
Notes
•
The Radware Vulnerability Research Team (VRT) is responsible for researching, handling, and mitigating
vulnerabilities, DDoS tools, and DDoS malware.
•
If you require assistance creating a new signature, you can contact the relevant Radware department
—
according to your service agreement.
© 2016 Cisco | Radware. All rights reserved. This document is Cisco Public.
Page 125 of 281