1. Manuals
  2. Brands
  3. Juniper Manuals
  4. Software
  5. NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE...
  6. Manual

Configuring Protocol Handling (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1 Manual

Configuring intrusion detection and prevention devices guide
Hide thumbs
Table of Contents

Advertisement

Table 50: IDP Device Configuration: Router Parameter Settings
Setting
ARP timeout (seconds)
ARP proxy timeout
(seconds)
Log ARP attacks
MAC timeout (seconds)
MAC proxy timeout
(seconds)
Related Topics

Configuring Protocol Handling (NSM Procedure)

Copyright © 2010, Juniper Networks, Inc.
Description
When the virtual router is in proxy-ARP mode, this setting controls how long an ARP entry is
maintained in the virtual router. If IDP does not receive an ARP reply before the timeout expires,
the ARP entry times out. The default is 3600 seconds.
In proxy-ARP mode, IDP sends out proxy ARPs on all interfaces except the one on which an ARP
request was received. This setting indicates how long the original ARP entry is maintained in the
virtual router if IDP does not receive an ARP reply through that interface. The default is 20 seconds.
When selected, IDP detects and logs all spoofed ARP requests/replies and other ARP anomalies.
This setting is enabled by default.
When the virtual router is in bridge mode, this setting controls how long a MAC entry is maintained
in the virtual router. The default is 3600 seconds.
In bridge mode, IDP performs MAC discovery if the target MAC address is not in its MAC table. This
setting controls how long the entry is maintained in the virtual router until a reply comes back. The
default is 20 seconds.
Configuring Protocol Handling (NSM Procedure) on page 95
Configuring Load-Time Parameters (NSM Procedure) on page 87
The protocol anomaly detection methods identify traffic that deviates from RFC
specifications. In general, you modify protocol thresholds and configuration settings only
if you encounter false positives or performance issues.
To tune protocol anomaly detection thresholds:
In NSM Device Manager, double-click the IDP device that you want to modify. The
1.
device configuration editor appears.
Click Sensor Settings.
2.
Click the Protocol Thresholds and Configuration tab.
3.
Configure the protocol thresholds using Table 51 on page 96.
4.
Click Apply.
5.
Click OK.
6.
Chapter 8: Configuring Intrusion Detection and Prevention Device Settings
95

Advertisement

Table of Contents
loading

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1

This manual is also suitable for:

Network and security manager 2010.3

Table of Contents