Loading J-Security-Center Updates (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual

Configuring intrusion detection and prevention devices guide

Hide thumbs Also See for NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01:

Manual (444 pages)

Administration manual (1026 pages)

Installation manual (244 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

Table of Contents

Configuring Intrusion Detection and Prevention Devices Guide

Loading J-Security-Center Updates (NSM Procedure)

Table 35: IDP Detector Engine and NSM Attack Database Update Procedures

Task

To download IDP

detector engine and NSM

attack database updates

to the NSM GUI server

To push an IDP detector

engine update from the

NSM GUI server to IDP

devices

The Juniper Networks Security Center (J-Security Center) routinely makes important

updates available to IDP security policy components, including updates to the IDP detector

engine and NSM attack database.

The IDP detector engine is a dynamic protocol decoder that includes support for decoding

more than 60 protocols and more than 500 service contexts. You should update IDP

detector engine when you first install the IDP device, whenever you upgrade, and whenever

alerted to do so by Juniper Networks.

The NSM attack database stores data definitions for the attack objects that are key

components of IDP security policies. Updates can include new attack objects, revised

severity settings, or removed attack objects. You should schedule daily updates to the

NSM attack database.

After you have completed the update, any new attack objects are available in the security

policy editor. If you use dynamic groups to your IDP rulebase rules and a new attack object

belongs to the dynamic group, the rule automatically inherits the new attacks.

Table 35 on page 64 provides procedures for updating IDP detector engine and the NSM

attack database.

Procedure

From the NSM main menu, select Tools > View/Update NSM attack database and complete the

wizard steps.

NOTE: The default URL from which to obtain updates is

https://services.netscreen.com/restricted/sigupdates/nsm-updates/NSM-SecurityUpdateInfo.dat.

If you encounter connection errors, ensure this setting has not been inadvertently changed.

From the NSM main menu, select Tools > Preferences.

2. Click Attack Object.

3. Click Restore Defaults.

NSM restores the URL in the Download URL for ScreenOS Devices text box.

4. Click OK.

From the NSM main menu, select Devices > IDP Detector Engine > Load IDP Detector Engine for

ScreenOS and complete the wizard steps.

NOTE: Updating the IDP detector engine on a device does not require a reboot of the device.

Table of Contents

Loading J-Security-Center Updates (Nsm Procedure) - Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01 Manual

Loading J-Security-Center Updates (NSM Procedure)

Troubleshooting

Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Related Content for Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01

Table of Contents