<span style="background-color:#dddddd">[AP] <strong>defence engine enable</strong>
</span><span style="background-color:#dddddd">[AP] <strong>profile type ips name profile_ips_pc</strong>
[AP-profile-ips-profile_ips_pc] <strong>description profile for intranet users</strong>
[AP-profile-ips-profile_ips_pc] <strong>collect-attack-evidence enable</strong>
Warning: Succeeded in configuring attack evidence collection for the IPS functio
n. The function is used for fault locating. This function may deteriorate system
performance. Exercise caution before using the function.
Attack evidences can be collected only when a log storage device with sufficient
storage space is available.
After all required attack evidences are collected, disable the function.
Our company alone is unable to transfer or process the communication contents or
personal data. You are advised to enable the related functions based on the ap
plicable laws and regulations in terms of purpose and scope of usage. When the c
ommunication contents or personal data are being transferred or processed, you
are obliged to take considerable measures to ensure that these contents are full
y protected. Continue? [Y/N]: <strong>y</strong>
[AP-profile-ips-profile_ips_pc] <strong>signature-set name filter1</strong>
[AP-profile-ips-profile_ips_pc-sigset-filter1] <strong>target client</strong>
[AP-profile-ips-profile_ips_pc-sigset-filter1] <strong>severity high</strong>
[AP-profile-ips-profile_ips_pc-sigset-filter1] <strong>protocol HTTP</strong>
[AP-profile-ips-profile_ips_pc-sigset-filter1] <strong>quit</strong>
[AP-profile-ips-profile_ips_pc] <strong>quit</strong>
</span><span style="background-color:#dddddd">[AP] <strong>engine configuration commit</strong>
</span><span style="background-color:#dddddd">[AP] <strong>defence-profile name defence_1</strong>
[AP-defence-profile-defence_1] <strong>profile type ips profile_ips_pc</strong>
[AP-defence-profile-defence_1] <strong>quit</strong>
</span><span style="background-color:#dddddd">[AP] <strong>wlan</strong>
[AP-wlan-view] <strong>vap-profile name wlan-vap</strong>
[AP-wlan-vap-prof-wlan-vap] <strong>defence-profile defence_1</strong>
[AP-wlan-vap-prof-wlan-vap] <strong>quit</strong>
</span>在中心AP上执行命令display profile type ips name profile_ips_pc,查看入侵防御配置文件的配置信息。
<span style="background-color:#dddddd">[AP-wlan-view] <strong>display profile type ips name profile_ips_pc</strong>
IPS Profile Configurations:
----------------------------------------------------------------------
Name : profile_ips_pc
Description : profile for intranet users
Referenced : 1
State : committed
AttackEvidenceCollection : enable
SignatureSet : filter1
Target : client
Severity : high
OS : N/A
Protocol : HTTP
Category : N/A
Action : default
Application : N/A
Exception:
ID Action Name
----------------------------------------------------------------------
DNS Protocol Check:
HTTP Protocol Check:
---------------------------------------------------------------------- </span>