Example: Configuring Intrusion Detection And Prevention For Srx Series - Juniper Junos OS Getting Started Manual

For branch srx series

Hide thumbs Also See for Junos OS:

Manual (282 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

page of 158

/ 158
Contents
Table of Contents
Bookmarks

Table of Contents

Getting Started Guide for Branch SRX Series

Documentation

Example: Configuring Intrusion Detection and Prevention for SRX Series

Requirements

Overview

On all high-end SRX Series devices, in sniffer mode, ingress and egress interfaces work

with flow showing both source and destination interface as egress interface.

As a workaround, in sniffer mode, use the tagged interfaces. Hence, the same interface

names are displayed in the logs. For example, the ge-0/0/2.0 as ingress (sniff) and the

ge-0/0/2.100 as egress interfaces are displayed in the logs to show the source interface

as ge-0/0/2.100.

set interfaces ge-0/0/2 promiscuous-mode

set interfaces ge-0/0/2 vlan-tagging

set interfaces ge-0/0/2 unit 0 vlan-id 0

set interfaces ge-0/0/2 unit 100 vlan-id 100

Updating Licenses for a Branch SRX Series on page 47

Example: Configuring Intrusion Detection and Prevention for SRX Series on page 64

For transit traffic to pass through IDP inspection, you configure a security policy and

enable IDP application services on all traffic that you want to inspect.

This example shows how to configure a security policy to enable IDP services for the first

time on traffic flowing on the device.

Requirements on page 64

Overview on page 64

Configuration on page 65

Verification on page 68

Before you begin, install or verify an intrusion detection and prevention (IDP) feature

license. See

"Updating Licenses for a Branch SRX Series" on page

This example uses the following hardware and software components:

An SRX210

Junos OS Release 12.1X44-D10

In this example, you configure a policy to enable IDP services on an SRX210 to inspect

all traffic from the untrust zone to the DMZ zone against the IDP rulebases.

As a first step, you must download and install the signature database from the Juniper

Networks website. Next, download and install the predefined IDP policy templates and

activate the predefined policy Recommended as the active policy.

Next, you must create a security policy from the untrust zone to DMZ zone and specify

actions to be taken on the traffic that matches the conditions specified in the policy.

47.

Table of Contents

Example: Configuring Intrusion Detection And Prevention For Srx Series - Juniper Junos OS Getting Started Manual

Example: Configuring Intrusion Detection and Prevention for SRX Series

Related Manuals for Juniper Junos OS

Related Content for Juniper Junos OS

Table of Contents