Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS SAFEGUARD CONTROLLER
361362363364365366367368369370
OmniAccess SafeGuard OS Administration Guide
365
Chapter 10: Detecting and Isolating Malware Security Threats
denied, the traffic is quarantined and malware remediation policies are used to determine
where the user is sent to resolve the problem.
When traffic is denied, the malware configuration determines that either the application
or the host is to be blocked. If a malware mediation policy is configured it is applied to
punch a hole into the firewall for the specified traffic. The most common use for this type
of policy is to allow end users access to the remediation server to download software
patches for the infection.
Configuring Malware Policies
To create malware policies, follow the steps in the following sections:
1 Assigning the Policy a Name
2 Adding a Description
3 Configuring the Rules
4 Attaching the Policy to the User Roles
Assigning the Policy a Name
To define a malware policy, begin by assigning a name to a policy using the Global
Configuration command:
policy malware name
For example, the following statement defines a malware policy called blaster_policy.
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) #policy malware blaster_policy
(SafeGuardOS) (policy-malware) #
After defining the policy name, the system enters the policy-malware submode.
Adding a Description
Add an optional description of the malware policy with the following command:
description string
Building off of our previous example, a description might be:
Syntax Description name A name that identifies the policy.
Syntax Description string A description of the policy. Place the string
within double quotation marks.