Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS SAFEGUARD CONTROLLER
361362363364365366367368369370
OmniAccess SafeGuard OS Administration Guide
368
Chapter 10: Detecting and Isolating Malware Security Threats
Configuring DNS Server IP Addresses
Up to 3 DNS server IP addresses can be specified using the Privileged Exec command:
dns nameserver ipaddr1 ipaddr2 ipadd3
For example,
(SafeGuardOS) #dns nameserver 10.0.0.1 10.0.0.2 10.0.0.3
Also see Displaying DNS Information on page 371.
Configuring a Refresh Rate
To configure the domain name refresh interval, use the policy name-resolution interval
command in Global Configuration mode:
policy name-resolution interval minutes
In this example, the domain name refresh interval is set to 5 minutes:
(SafeGuardOS) #configure terminal
(SafeGuardOS) (config) #policy name-resolution interval 5
(SafeGuardOS) (config) #exit
(SafeGuardOS) #
To verify the configuration, see Displaying DNS Server Names and Refresh Rates on page 372.
Configuring a Malware White-list
If a host exhibits behavior that triggers a malware event, but is proven to be clean, the
host can be configured to bypass evaluation for malware. Likewise in the event of a
Denial of Service (DoS) attack, certain destinations might erroneously appear.
If needed, a list of IP addresses can be specified that bypass malware detection or DoS
attack destination known as the malware white-list. These IP addresses can be configured
using the Global Configuration malware white-list command:
Syntax Description ipaddr Specifies the IP address of a DNS server.
Syntax Description minutes Specifies the number of minutes until a refresh
occurs. Valid entries are 1 to 65535 minutes. The
default is 60 minutes.