User guide

Configuring Security Events

Proventia Network IPS G and GX Appliance User Guide

4. Click OK.

5. Save your changes.

Display Select how you want to display the event in the management console:

• No Display. Does not display the detected event.

• WithoutRaw. Logs a summary of the event.

• WithRaw. Logs a summary and the associated packet capture.

Block Select this check box to block the attack by dropping packets and

sending resets to TCP connections.

Log Evidence Select this check box to log the packet that triggered the event to the

/var/iss/ directory on the appliance.

Responses To enable responses, select one of the following tabs:

• Email. Select an email response from the list.

• Quarantine. Select one or more check boxes to enable quarantine

responses.

• SNMP. Select an SNMP response from the list.

• User Defined. Select one or more check boxes to enable user-

defined responses.

Note: You can click Edit to change the properties of any response in

the list.

Fore more information, see “Configuring Responses” on page 67.

XPU Displays the XPU in which the vulnerability check was released.

This setting is read-only.

Event Throttling Type an interval value in seconds.

At most, one event that matches an event is reported during the

interval you specify.

A value of 0 (zero) disables event throttling.

Check Date Displays the month and the year the vulnerability check was created.

This setting is read-only.

Default Protection Displays the default protection setting for the event, such as “Block.”

This setting is read-only.

User Overridden If you are creating a new event, this check box is enabled by default to

indicate a custom event.

In the list on the Security Events tab, this item appears as checked for

both custom events and existing events that you have edited.

This setting is read-only.

Setting Description