Cisco Systems CL-28826-01 Security Camera User Manual

Open as PDF

of 2616

42-17

User Guide for Cisco Security Manager 4.4

OL-28826-01

Chapter 42 Configuring Attack Response Controller for Blocking and Rate Limiting

Blocking Page

Field Reference

Never Block Host or Network Dialog Boxes

Use the Add or Modify Never Block Host or Network dialog boxes to specify a host or network that

should never be subject to blocking. The name of the dialog box indicates whether you are adding a host

or network address.

Enter the IP address or the name of a network/host policy object that specifies the address. You can also

click Select to select an object from a list or to create a new object. When selecting objects, the object

can contain a single entry of the appropriate type. Host addresses do not have subnet masks (for example,

10.100.10.1), whereas network addresses have masks (for example, 10.100.10.0/24).

Navigation Path

From the IPS Blocking policy, select the Never Block Hosts or Networks tab and click the Add Row

button or select an existing row and click the Edit Row button. Hosts and networks are listed in separate

tables, so ensure that you click the buttons associated with the desired table. For information on opening

the Blocking policy, see Blocking Page, page 42-8.

Table 42-7 Cat6k Block VLAN Dialog Box

Element Description

VLAN The number of the VLAN on the Catalyst 6500/7600 device that the IPS

should use for blocking. The number can be 1 to 4094 and must be

defined on the device.

Pre VACL Name

Post VACL Name

The VLAN ACLs to combine with the blocking entries that the IPS

creates to implement blocking actions. The Pre VACL is added before

the blocking VACL, and the Post VACL is added after the blocking

VACL. For more information, see Understanding Router and Switch

Blocking Devices, page 42-4.

Tip If you have configured a VACL on the VLAN, you must specify

the name of the VACL in the Pre or Post VACL Name field or

the VACL will be removed from the VLAN. When you identify

a VLAN as a blocking interface, the IPS takes control of the

VACL on that VLAN. Typically, you would specify the VACL

name as the post-VACL.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems CL-28826-01 Security Camera User Manual