Real-time intrusion and extrusion detection notification
IDS is a notification system. You can configure IDS to send real-time intrusion notifications as messages to a message queue and as e-mail. That way, you can alert systems administrators about specific types of intrusions and extrusions so that they can take appropriate actions.
Use the Notification tab on the IDS Properties page to set up e-mail and message notification. You can send e-mail to a maximum of three e-mail addresses, to a message queue, or to both places. You also can enable or disable e-mail notification for individual intrusion detection policies.
IDS notification generates e-mail using the following format:
- The Sender line specifies qsys@system_name, which is the name of the system where the intrusion was detected.
- The Subject line summarizes the type of intrusion or extrusion that was detected on that system.
- The body of the e-mail describes the intrusion or extrusion in detail.
If you (the system administrator) determine that an attack is underway, you can take the appropriate steps to prevent further attacks.