Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual page 73

Related
Documentation
Copyright © 2010, Juniper Networks, Inc.
Table 33: Network Honeypot Rulebase Rule Properties (continued)
Option
Install On
Comments
NOTE: The IDP drops MPLS traffic that matches a Network Honeypot rule.
When the IDP engine processes MPLS traffic, it stores the MPLS label
information. It stores separate labels for client-to-server and server-to-client
communication. In the case of traffic that matches Network Honeypot rules,
there is no genuine server-to-client communication, so the IDP engine does
not have server-to-client MPLS label information. Therefore, the
impersonation operation is not supported.
For more information, see the IDP Concepts & Examples guide.
Intrusion Detection and Prevention Devices and Security Policies Overview on page 31
Modifying IDP Rulebase Rules (NSM Procedure) on page 36
Assigning a Security Policy in an Intrusion Detection and Prevention Device (NSM
Procedure) on page 119
Validating a Security Policy (NSM Procedure) on page 120
Function
Specifies the security devices
or templates that receive and
use this rule.
Specifies any miscellaneous
comment about the rule's
purpose.
Chapter 4: Configuring Security Policies
Your Action
Select the target security device.
NOTE: You can also select
multiple security devices on which
to install the rule.
Enter any additional comments
about the rule.
57