Action Sets
in the action set. For example, the user can display a Quarantine web page to notify the user of the problem and optionally provide instructions for fixing it, or the action may redirect all traffic from the quarantined IP address to a quarantine server that provides instructions to correct the problem.
Action Set ConfigurationsThe following table describes various Action Set configurations that can be configured on the X family device:
Action Name | Description |
|
|
|
|
Recommended | This is a default Action Set that cannot be modified. When |
| this action set is assigned to a filter, the filter uses the |
| recommended action setting based on the default Category |
| Settings for the filter. The device uses this Action Set to allow |
| filters within the same category to have different |
| configurations. For example, if you set an entire category of |
| filters to recommended, some filters may be disabled while |
| others are enabled; some may have permit actions assigned |
| while others are set to block. |
|
|
Block (+TCP Reset) | Blocks a packet from being transferred to the network. TCP |
(+Quarantine) | Reset is an option for resetting blocked TCP flows. |
| Quarantine is an option that redirects the host IP to a |
| quarantine page or area to protect the network from being |
| infected or compromised. |
|
|
Block + Notify (+TCP Reset) | Blocks a packet from being transferred and notifies all |
(+Quarantine) | selected contacts of the blocked packet. TCP Reset is an option |
| for resetting blocked TCP flows. Quarantine is an option that |
| redirects the host IP to a quarantine page or area to protect the |
| network from being infected or compromised. |
|
|
Block + Notify + Trace (+TCP | Blocks a packet from being transferred, notifies all selected |
Reset) (+Quarantine) | contacts of the blocked packet, and logs all information about |
| the packet according to the packet trace settings. TCP Reset is |
| an option for resetting blocked TCP flows. Quarantine is an |
| option that redirects the host IP to a quarantine page or area |
| to protect the network from being infected or compromised. |
|
|
Permit + Notify | This is a default Action Set. Permits a packet and notifies all |
| selected contacts of the packet. |
|
|
Permit + Notify + Trace | This is a default Action Set. Permits a packet, notifies all |
| selected contacts of the packet, and logs all information about |
| the packet according to the packet trace settings |
|
|
X Family LSM User’s Guide V 2.5.1 | 45 |
|
|