Руководство По Обслуживанию для Cisco Cisco Expressway
■
Exemptions: the number of addresses that are configured as exempt from this category.
From this page, you can also view any currently blocked addresses or any exemptions that apply to a particular
category.
category.
Enabling and disabling categories
To enable or disable one or more protection categories:
1.
Go to System > Protection > Automated detection > Configuration.
2.
Select the check box alongside the categories you want to enable or disable.
3.
Click Enable or Disable as appropriate.
Configuring a category's blocking rules
To configure a category's specific blocking rules:
1.
Go to System > Protection > Automated detection > Configuration.
2.
Click on the name of the category you want to configure.
You are taken to the configuration page for that category.
3.
Configure the category as required:
—
State: whether protection for that category is enabled or disabled.
—
Description: a free-form description of the category.
—
Trigger level and Detection window: these settings combine to define the blocking threshold for the
category. They specify the number of failed access attempts that must occur before the block is triggered,
and the time window in which those failures must occur.
category. They specify the number of failed access attempts that must occur before the block is triggered,
and the time window in which those failures must occur.
—
Block duration: the period of time for which the block will remain in place.
4.
Click Save.
Configuring Exemptions
The Automated detection exemptions page (System > Protection > Automated detection > Exemptions) is used to
configure any IP addresses that are to be exempted always from one or more protection categories.
configure any IP addresses that are to be exempted always from one or more protection categories.
To configure exempted addresses:
1.
Go to System > Protection > Automated detection > Exemptions.
2.
Click on the Address you want to configure, or click New to specify a new address.
3.
Enter the Address and Prefix length to define the range of IPv4 addresses you want to exempt.
4.
Select the categories from which the address is to be exempted.
5.
Click Add address.
Note that if you exempt an address that is currently blocked, it will remain blocked until its block duration expires
(unless you unblock it manually via the Blocked addresses page).
(unless you unblock it manually via the Blocked addresses page).
Managing Blocked Addresses
The Blocked addresses page (System > Protection > Automated detection > Blocked addresses) is used to
manage the addresses that are currently blocked by the automated protection service:
manage the addresses that are currently blocked by the automated protection service:
■
It shows all currently blocked addresses and from which categories those addresses have been blocked.
■
You can unblock an address, or unblock an address and at the same time add it to the exemption list. Note
that if you want to permanently block an address, you must add it to the set of configured
that if you want to permanently block an address, you must add it to the set of configured
.
If you access this page via the links on the Automated detection overview page it is filtered according to your chosen
category. It also shows the amount of time left before an address is unblocked from that category.
category. It also shows the amount of time left before an address is unblocked from that category.
39
Cisco Expressway Administrator Guide
Network and System Settings