Configuring Intrusion Detection And Prevention For Srx Series; Understanding Intrusion Detection And Prevention For Srx Series - Juniper Junos OS Getting Started Manual

For branch srx series

Hide thumbs Also See for Junos OS:

Manual (282 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

page of 158

/ 158
Contents
Table of Contents
Bookmarks

Table of Contents

CHAPTER 9

Configuring Intrusion Detection and

Prevention for SRX Series

Understanding Intrusion Detection and Prevention for SRX Series

Understanding Intrusion Detection and Prevention for SRX Series on page 63

Example: Configuring Intrusion Detection and Prevention for SRX Series on page 64

An Intrusion Detection and Prevention (IDP) policy lets you selectively enforce various

attack detection and prevention techniques on the network traffic passing through your

SRX Series. The SRX Series offer the same set of IDP signatures that are available on

Juniper Networks IDP Series Intrusion Detection and Prevention Appliances to secure

networks against attacks. The basic IDP configuration involves the following tasks:

Download and install the IDP license—See

on page

47.

Download and install the signature database—You must download and install the IDP

signature database. The signature databases are available as a security package on

the Juniper Networks website. This database includes attack object and attack object

groups that you can use in IDP policies to match traffic against known attacks.

Configure recommended policy as the IDP policy—Juniper Networks provides predefined

policy templates to use as a starting point for creating your own policies. Each template

is a set of rules of a specific rulebase type that you can copy and then update according

to your requirements.

To get started, we recommend you use the predefined policy named "Recommended".

Enable a security policy for IDP inspection—For transit traffic to pass through IDP

inspection, you configure a security policy and enable IDP application services on all

traffic that you want to inspect.

SRX Series Services Gateways can be deployed in inline tap mode and sniffer mode (only

high-end SRX Series devices). The sniffer mode is not supported on branch SRX Series

devices.

Sniffer mode is supported only on the high-end SRX Series devices. You can use the

sniffer mode of IDP deployment by configuring the interfaces in promiscuous mode and

manipulating the traffic and flow setup with routing.

"Updating Licenses for a Branch SRX Series"

Table of Contents

Configuring Intrusion Detection And Prevention For Srx Series; Understanding Intrusion Detection And Prevention For Srx Series - Juniper Junos OS Getting Started Manual

Understanding Intrusion Detection and Prevention for SRX Series

Related Manuals for Juniper Junos OS

Related Content for Juniper Junos OS

Table of Contents