Narus nSystem - Policies

	Profile Template Name	Category	Vector
	Profile Template 1	L7 Seesion	HTTP
	Profile Template 2	L7 Session	SMTP
	Profile Template 3	L7 Session	POP3
	Profile Template 4	Mobile	IOS
	Profile Template 5	L4 Flow	HTTP

Export Templates

Create Profile Template

Watch List Rules Behavioral Rules Exfiltration Rules

Template Name:
Description:

Category:
Vector:
Rule Type:

Severity:
Alert Interval:	(secs)
Context:

Condition:
And Or

Attributes	Operator	Value
Server IP	Not Equal	192.168.22.31
Client IP	Equals	10.16.32.45

Template Name:
Category:
Vector:

Traffic Filter
Metrics
Rules

Attribute	Operator	Value
Port	Not Equal	80, 8080
Protocol	Equals	HTTP

Metric Name:
Metric Type:
Calculation Points:
Operator:
Plot by Function:
Plot by Attribute:
Entropy Attribute:
Additional Filter:

Metric Name	Metric Type	Calculation Point	Operator & Value	Plot by Function	Plot by Attribute	Entropy Attribute	Additional Filter
Entropy1	Entropy	25		Sum	PktsSent	ClientIP
Entropy2	Entropy	250		Count	xyz	SrcMac

Severity:
Alert Interval:	(secs)
Condition:

Metric	Operator	Value
Entropy1	Not Equal	5
Entropy2	Equals	10

About nSystem

Version: 1.3

Support: support@narus.com

Profile

Change Password