Predefined Attack Object Groups

When applying Deep Inspection (DI), a policy references an attack object group. An attack object group can be a predefined group containing a number of predefined attack objects, or a custom group containing one or more custom attack objects (see Custom Attack Object Groups).

The content on this page presents the predefined attack object groups in the database that the security device downloaded from an attack object server.

Note: If this page does not contain any predefined attack object groups, you have not yet downloaded the attack object database to the security device. For information on subscribing to the DI attack object update service, see the Update Software, Image Key, and License Keys page. For instructions on various ways to update the database, see the Attack Object Database Server Configuration page.

Group: Each group is identified by two parts—its name and severity.

Name: The name of each predefined attack object group contains the protocol type of its members and the attack object type--either signatures (SIGS) or protocol anomalies (ANOM).

Severity: Each attack object group is classified by one of three levels of severity CRITICAL, HIGH, and MEDIUM.

Member Count: The total number of members in the attack object group, followed by the beginning of the member list.

Configure: To see the complete member list, click View. To see all the attack objects for a particular protocol organized into groups first by severity and then by type (signature or protocol anomaly), click the question mark ( ) in any row for an attack object group for that protocol.