SnapGear 2.0.1 User Manual

Intrusion Detection

95

Note

The more rule sets that are selected, the greater load is imposed on the CyberGuard SG
appliance. Therefore a conservative rather than aggressive approach to adding rule sets
should be followed initially.

Figure 7-3

Check Log results to database to use a remote analysis server.

Note

If Log results to database is left unchecked, results will be output to the CyberGuard
SG appliance system log (Advanced

->

System Log).

Advanced Intrusion Detection currently only supports MySQL as the Database Type.

Enter the name (table name) of the remote database in Database Name.

Enter the IP address of resolvable Hostname of the analysis server as well as the
Database port. For MySQL type databases, this is typically 3306.

Sensor Name is an arbitrary string that will be prepended to the log output. This may be
useful if you have deployed more than one intrusion detection system.

Finally, if you have configured the remote database to require authentication using a
User name and Password, enter them here.

Click Apply.