Intrusion Detection And Prevention Services And Device Configurations Supported; In Nsm - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual

Configuring intrusion detection and prevention devices guide

Hide thumbs Also See for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01:

Manual (444 pages)

Administration manual (1026 pages)

Installation manual (244 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

Configuring Intrusion Detection and Prevention Devices Guide

Documentation

Intrusion Detection and Prevention Services and Device Configurations Supported in

NSM

With NSM, you can manage most of the parameters that you can configure through the

IDP admin console. The configuration screens rendered through NSM are similar to the

screens in the IDP admin console. NSM incorporates a broad configuration management

framework that allows co-management using other methods.

After you have completed installation, follow these steps to get started with managing

an IDP device with NSM:

Add the IDP device to NSM. When you first add the IDP device to NSM in first instance,

NSM pushes the policy named Recommended to the device.

Update the IDP detector engine and attack object database.

Update software version (if necessary).

Run the Profiler.

Examine the logs.

Create address objects for IDP rulebase rules.

Optionally, configure additional rulebases.

If adding this device changes your plan to distribute administrative responsibility,

create NSM users with the access privileges.

An administrator (a user of NSM or IDP) has a specific level of permission. You can create

multiple administrators with specific roles to control access to the devices in each domain.

Intrusion Detection and Prevention Services and Device Configurations Supported in

NSM on page 6

Adding Intrusion Detection and Prevention Devices in NSM Overview on page 8

The Intrusion Detection and Prevention (IDP) device supports the following services in

NSM:

Inventory management service—NSM enables upgrading license and management of

the IDP hardware details. Adding or deleting licenses or upgrading or downgrading

software are not supported.

Status monitoring service—Allows the IDP device's status to be obtained, including

name, domain, OS version, synchronization status, connection details, current alarms,

CPU, memory, and swap.

Logging service—Allows the IDP device's logs to be obtained in a time-generated order.

Logging configuration details that are set on the IDP device will apply to NSM.

Packaging log files or debug files for remote analysis

Managing interface settings such as setting IP addresses, settings IDP device host and

network information, interoperability with NSM, Infranet Controllers, Secure Access

Table of Contents

Intrusion Detection And Prevention Services And Device Configurations Supported; In Nsm - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual

Troubleshooting

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Table of Contents