Configuring Intrusion Detection System (IDS)

From the Security page, you can configure IDS for a specific AIX®, Red Hat Enterprise Linux® Server, or SUSE Linux Enterprise Server endpoint. For AIX, the PowerSC GUI allows you to use IPSec firewall rules. For Red Hat Enterprise Linux Server and SUSE Linux Enterprise Server, psad makes use of iptables log messages to detect, alert, and (optionally) block port scans and other suspect traffic.

To use IPSec firewall rules on AIX, the IP Security (IPSec) facility of AIX must already be installed on the AIX endpoint.

For Red Hat Enterprise Linux Server and SUSE Linux Enterprise Server, you must install the psad package on each endpoint on which you want to run psad, as described in Installing PowerSC included packages, before you can use it with PowerSC GUI.