Filter
Top Products
IDP 75, 250, 800, and 8200 Installation Guide
2 IDP Configuration Basics
8. Add the sensor as an object in NSM using the Add Device wizard. Select Device
Manager > Security Devices from the left navigational pane, and then click
the + button. See “Adding Your Sensor to NSM” on page 29. The Add Device
Wizard creates a database entry in NSM for the sensor, imports the sensor’s
configuration, and loads the Juniper Networks Recommended policy onto the
sensor. At that point, your sensor is actively protecting your network.
To improve the performance and accuracy of your protection, use the IDP Concepts
& Examples Guide and the NetScreen-Security Manager Administrator’s Guide to tailor
your security policy to your network.
IDP Configuration Basics
This section provides an introduction to IDP configuration basics. An IDP
configuration consists of the following components:
IDP sensor placement—Decide where to position the sensor in the network.
IDP sensor placement mode—Decide to use passive or active mode when
deploying your IDP sensor.
NetScreen-Security Manager—Use NetScreen-Security Manager (NSM) to
administer the sensor.
IDP Sensor Placement
Juniper Networks IDP sensor is an ideal solution to be implemented inline between
gateway firewalls and DMZ or internal networks. IDP sensor placement is an
important part of the installation.
You should choose a location for your IDP sensor based on your existing network
hardware and the networks you want to protect. The examples provided in this
guide place the IDP sensor behind the firewall or router.
IDP Sensor Deployment Mode
IDP sensors can be installed individually or in high availability (HA) clusters of two
or more.
For configurations without high availability, you can deploy the IDP sensor as a
passive sniffer or as an active gateway.
Passive Mode—The sniffer mode is passive. In sniffer mode, the IDP is not
directly involved with packet flow. While it can send resets, protection is not
guaranteed as attacks may have already happened before the reset can be
acted upon. In addition, attacker machines may ignore resets.
NOTE: You must update your attack objects to get the latest protection.