Sign In with your
Trend Micro Account
Need Help?
Need More Help?

Create a technical support case if you need further support.

How do I configure Traffic Management via the IPS LSM?

    • Updated:
    • 19 Sep 2017
    • Product/Version:
    • TippingPoint IPS N-series All
    • TippingPoint IPS NX-series All
    • TippingPoint IPS S-series All
    • Platform:
Summary

You can use traffic management filters to prioritize traffic or implement security policy. For example, you might define the following IP filters for your Web servers in a lab that denies access to external users:

  • Block traffic if the source is on an external subnet that arrives through port 80 and is destined for the IP address of your Web server.
  • Block traffic if the source is your Web server, the source port is 80, and the destination is any external subnet.

You can define multiple traffic management rules in each profile. In general, when defining filters for network segments more specific filters should come first. For example, a more specific IP filter might block traffic with fully qualified source and destination IP addresses and ports. More general ones, like those that apply to subnets, should follow.

 

Details
Public

How To: Create a Traffic Management Profile

  1. Login to the IPS LSM from a client.
  2. From the LSM menu, click IPS > Traffic Management Profiles.
  3. Click Create Traffic Mgmt Profile.
  4. On the Create Traffic Management Profiles page, enter the Profile Name. You may also enter a description of the profile.
  5. Apply the security profile to virtual segments in the Virtual Segments section by selecting the virtual segment from the drop-down menu and click Add to table below.
  6. Repeat this process until you have added all the required virtual segments.
  7. Click Create.

Note: After creating the Traffic Management profile, you need to edit it to add traffic management filters.


How To: Edit a Traffic Management Profile

  1. On the LSM menu, click IPS > Traffic Management Profiles.
  2. On the Traffic Management Profiles page, click on the name of the traffic management profile that you want to edit.
  3. Apply the security profile to virtual segments in the Virtual Segments section by selecting the virtual segment from the drop-down menu and click Add to table below. Click Delete to delete a virtual segment from the profile.
  4. Review additional configuration options. Perform the following tasks as needed:
    • To add a traffic management filter, click Add Traffic Management filter.
    • To change the precedence of traffic management filters, drag and drop the filter to the appropriate position in the filter list.
    • To edit an existing traffic management filter, click either the filter name or in the Functions column.
    • To delete an existing filter, click Delete.
  5. After you have completed the changes, click Save to update the Traffic Management Profile.

How To: Configure a Traffic Management Filter

 

Traffic management filters are configured in the context of a Traffic Management Profile that determines which network segments are monitored by the filter.

  1. On the LSM menu, click IPS > Traffic Management Profiles.
  2. On the Traffic Management Profiles page, click on the name of the traffic management profile that you want to edit.
  3. In the Profile Details (Advanced) section in the Filters table, click Add Traffic Management filter. To edit an existing filter, click the filter name.
  4. Enter or Edit the filter Name.
  5. Select the parameters for the filter:
    • Use the State field to enable or disable the filter. When you create a new filter, it is enabled by default.
    • Select Block, Allow, Rate Limit and a rate limit action set, or Trust for the Action. Trusted traffic will not be inspected by the IPS.
    • Select the Protocol this filter checks for from the drop-down list: IPICMPTCP, or UDP.
    • To change the protocol to IPv6 and its equivalents, select IPv6. If this option is selected, only IPv6 addresses are allowed. If unselected, only IPv4 addresses are allowed.
    • For the Source and Destination, type the IP Address and Port (if applicable) that identifies the traffic to be monitored. IP addresses can be specified in CIDR format, as "any" or as *. Click IPv6 Info for more information about using IPv6 addresses.
    • If the protocol type is ICMP and you only want to monitor specific ICMP traffic, enter the ICMP Type and Code (0-255).
  6. Click Create or Save to return to the Edit Traffic Management Profile page.
  7. Click the Save button to update the profile with the new filter information.

 

Reference: Local Security Manager User's Guide

Premium
Internal
Rating:
Category:
Configure; Troubleshoot; Deploy
Solution Id:
TP000090373
Feedback
Did this article help you?

Thank you for your feedback!

To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.

If you need additional help, you may try to contact the support team. Contact Support


To help us improve the quality of this article, please leave your email here so we can clarify further your feedback, if neccessary:
We will not send you spam or share your email address.

*This form is automated system. General questions, technical, sales, and product-related issues submitted through this form will not be answered.