Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1 Administration Manual page 884

Network and Security Manager Administration Guide
IP Address
IP Gateway
IP Pool Objects
IP Security (IPSec)
IP Sweep
IP Tracking
J
Job Manager
JSRP
834
Each node on a TCP/IP network usually has an IP address. The IP address has a network
number portion and a host number portion:
Class A, >32,768 nodes, address format: nnn.hhh.hhh.hhh
Class B, 256-32,768 nodes, address format: nnn.nnn.hhh.hhh
Class C, <256 nodes, address format: nnn.nnn.nnn.hhh
This address format is called decimal dot format. The \"n\" represents a digit of a network
number and \"h\" represents a digit of a host number; for example, 128.11.2.30. If you are sending
data outside of your network, such as to the Internet, you need to obtain the network number
from a central authority, currently the Network Information Center. See also Subnet Mask.
Also called a router, an IP gateway is a program or a special-purpose device that transfers IP
datagrams from one network to another until the final destination is reached.
An IP Pool object represents a range of IP addresses. Use IP Pool object to configure a DHCP
server for your managed devices.
IPSec is a security standard maintained by the Internet Engineering Task Force (IETF). The
IPSec protocol suite provides everything you need for secure communications—authentication,
integrity, and confidentiality—and makes key exchange practical even in larger networks. See
also DES-CBC, ESP/AH.
An IP sweep is similar to a port scan attack. Attackers perform IP sweeps by sending ICMP
echo requests (or pings) to different destination addresses and wait for replies that indicate
the IP address of a target. If a remote host pings 10 addresses in 0.3 seconds, the security
device flags the event as an IP sweep attack and drops the connection to prevent replies.
A mechanism for monitoring configured IP addresses to see if they respond to ping or ARP
requests. You can configure IP tracking with NSRP to determine device or VSD group failover.
You can also configure IP tracking on a device interface to determine if the interface is up or
down.
ISAKMP. The Internet Security Association and Key Management Protocol (ISAKMP) provides
a framework for Internet key management and provides the specific protocol support for
negotiation of security attributes. By itself, it does not establish session keys, however it can
be used with various session key establishment protocols to provide a complete solution to
Internet key management.
The Job Manager is a module of the NSM User Interface. Job Manager tracks the progress of
the command as it travels to the device and back to the management server.
Junos Services Redundancy Protocol.—A process that controls chassis clustering of Junos
devices.
Copyright © 2010, Juniper Networks, Inc.