Profiles provide a management facility for packaging and distributing filters to your
devices. Filters provide information and instructions for the devices protecting your
network against malicious attacks. These filters enable your devices to monitor and
respond to network traffic according to a particular pillar, or type. These pillars
separate filters into types that apply to different attacks and sections of your network.
You can create, modify, and manage these filters to block and protect against malicious
attacks and piracy of your bandwidth and network services. Each filter consists of
customizable options and settings that detail how the system should monitor, investigate,
process, and block traffic.
If the SMS identifies traffic that matches a filter, it responds to that traffic based
on the
instructions defined in the action set for the filter. All action sets require
a flow
control action—the SMS can block, permit, or react in a combination of ways to
the
traffic. As an added measure of safety and information dissemination, you can configure
alerts to inform interested parties about detection and responses to malicious
attacks
and usage by notifying the SMS or by sending emails to specified email addresses.
You
can also log information about matching traffic to a packet trace log or a remote
syslog
server for review and reporting.
All filters are assigned to protect a segment on your system. When you change the
settings of these filters, only the target distribution segments receives the changes.
You can also create Segment Groups.
Learn more.
 |
NoteWhen a device is added on the SMS, any unused virtual ports (those that are not in
a virtual segment in a profile) are deleted on the SMS. To keep any unused virtual
ports, put them into a virtual segment as SMS valid combinations before adding your
device.
Learn more.
|