Table of Contents
Advertisement
Configuring Predefined Security Policies (NSM Procedure)
Table 15: Recommended Security Policy Definition
Property
Rulebase
Rules
Traffic source
Service
Destination
Attacks
Action
Notification
Table 16: IDP Security Policy Templates
Template
all_with_logging
all_without_logging
dmz_services
dns_server
file_server
Copyright © 2010, Juniper Networks, Inc.
Troubleshooting Security Policy Validation Errors (NSM Procedure) on page 118
The highly respected Juniper Networks Security Center team (J-Security Center) provides
the default IDP security policy—named Recommended. We advise that you use this policy
to protect your network from the likeliest and most dangerous attacks.
Table 15 on page 33 summarizes the properties of the Recommended security policy.
Value
IDP Rulebase
9 rules, distinguished by attack object
Any
Default, meaning the matching property is based on the service bindings of the attack object
specified by the rule
Any
Recommended IP, Recommended TCP, Recommended ICMP, Recommended HTTP,
Recommended SMTP, Recommended DNS, Recommended FTP, Recommended POP3,
Recommended IMAP, Recommended Trojan, Recommended Virus, Recommended Worm
Recommended, meaning the action is specified by the attack object
Logging
If you prefer, you can copy this security policy and use it as a template for a custom
security policy tailored for your network.
Table 16 on page 33 describes other IDP security policy templates.
Description
Includes all attack objects and enables packet logging for all rules.
Includes all attack objects but does not enable packet logging.
Protects a typical DMZ environment.
Protects DNS services.
Protects file sharing services, such as SMB, NFS, FTP, and others.
Chapter 4: Configuring Security Policies
33
Advertisement
Table of Contents
Troubleshooting
