Manualshelf

User manual

ManualsBrandsSecure Computing ManualsSecurity CamerasSG570
171172173174175176177178179180
Rule sets are sets of defined patterns or rules used for the detection of attacks. These
are grouped by type such as ddos, exploit, backdoor, netbios, etc. Each group
encompasses many attack signatures. The full list of signatures can be viewed at the
Snort web site (
http://www.snort.org).
Note
The more rule sets that are selected, the greater load is imposed on the device.
Therefore a conservative rather than aggressive approach to adding rule sets should be
followed initially.
Logging to an analysis server (Snort IDS only)
Typically, Snort in IDS mode is configured to log intrusion attempts to a remote database
server, which in turn runs an analysis console. An analysis console, such as BASE
(Basic Analysis and Security Engine), is an application purpose-built for analyzing this log
output.
Log results to database to use a remote analysis server. If it is left unchecked, results
are output to the device's system log (Advanced > System Log).
The device currently supports only the MySQL Database Type.
Enter the table name of remote data in Database Name.
Enter the IP address or resolvable Hostname of the analysis server.
Enter the Database port of the analysis server. For MySQL type databases, this is
typically 3306.
168
Firewall