IBM Support

X-Force Protocol Analysis Module (PAM) signature information

Question & Answer


Question

How can you view all of the Protocol Analysis Module (PAM) signatures and their tuning parameters?

Answer

 
Protocol Analysis Module (PAM) Help File (03:50)
This video demonstrates how to download and use the pam.chm help file. This information will allow a user much more granular control over IPS Security Events and advanced event tuning options.
 

You can view information regarding signatures, signature categories, and signature tuning parameters in the pam.chm help file. This file can be obtained from the web or from the SiteProtector Console.
  • To access the help file from the web, download the file from the IBM X-Force Exchange portal.
  • To access the help file from SiteProtector, use the following steps:
    1. Open the SiteProtector Console.
    2. Go to Help > Attack Signatures > Protocol Analysis Module.
Once you download the pam.chm file from either the web or SiteProtector, you can open the file in Windows.

Usage Note:
You might find that the file appears to contain no information or might see a message like the following when attempting to open the file: Navigation to the webpage was canceled. This is due to the Windows installation being configured to block chm files by default. You can allow the file to open by doing the following:
  1. Download the pam.chm file to your computer.
  2. Right-click the file and select Properties.
  3. Under the General tab, click Unblock.

  4. Click OK to close the Properties window and then attempt to open the file again.

[{"Product":{"code":"SSHLHV","label":"IBM Security Network Protection"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Protocol Analysis Module (PAM)","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}},{"Product":{"code":"SSETH9","label":"Proventia Network Multi-Function Security"},"Business Unit":{"code":"BU008","label":"Security"},"Component":"Protocol Analysis Module (PAM)","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"","label":""}},{"Product":{"code":"SS9SBT","label":"Proventia Network Intrusion Prevention System"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Protocol Analysis Module (PAM)","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}},{"Product":{"code":"SSETBF","label":"IBM Security SiteProtector System"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"General Information","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"Version Independent","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}},{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSFSVP","label":"IBM QRadar Network Security"},"ARM Category":[{"code":"a8m500000008YQGAA2","label":"ATS-Infrasec-\u003ENetwork XGS-\u003EX-Force"}],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Document Information

Modified date:
21 March 2022

UID

swg21498057

Page Feedback