HP X Unified Security Platform About the Digital Vaccine Package

IPS Digital Vaccine (DV) Filters

IPS Digital Vaccine (DV) Filters

TippingPoint IPS Digital Vaccine (DV) Filters are used to monitor traffic passing between network security zones. Based on the Security Profiles configured on the device, the X family applies the filters to traffic passing between network security zones. Each Security Profile has its own filter settings. Within a Security Profile, you can modify the filter (recommended) settings for a filter category and, if necessary, customize individual filters based on your network environment and security needs. The following sections provide an overview of the DV filters and the components used to configure them:

•“About the Digital Vaccine Package” on page 23

•“Filter Components” on page 24

•“Categories and Category Settings” on page 24

Categories and category settings are used to configure global settings for all filters within a specified category group.

•“Filter Override Settings” on page 25

Filter settings are used to override the global settings for individual filters within a category group.

DV filters are contained in a Digital Vaccine (DV) package. All X family devices have a DV package installed and configured to provide out-of-the-box IPS protection for the network. After setting up the X family device, you can customize the DV filter configuration through the LSM.

The filters within the DV package are developed to protect the network from specific exploits as well as potential attack permutations to address Zero-Day threats. These filters include traffic anomaly filters and vulnerability-based filters. Vulnerability-based filters are designed to protect the network from an attack that takes advantage of a weakness in application software. For viruses that are not based on a specific vulnerability in software, the DV provides signature filters. We deliver weekly Digital Vaccine updates which can be automatically installed on the device (System > Update). If a critical vulnerability or threat is discovered, Digital Vaccine Updates are immediately distributed to customers.

TIP In addition to providing a download location for Digital Vaccine packages, the TMC also provides DV product documentation that includes more detailed information about the filters included in the DV package, filter updates, and other related information.