Intrusion Prevention
Reply
Contributor
kamran_shakil
Posts: 84
Registered: ‎08-07-2011
0

Standalone IDP deployment question !

So far I know that IDP hardware can be deployed in INLNIE or SNIFFER mode.

 

But , is it mandatory to use a security manager (NSM XpresS) for it ?  ....  Does IDP come with defualt built-in GUI interface or not ????? I am asking this question from both design and implementation perspective !

 

Also..is it mandatory to deploy Juniper IDP hardware with Juniper firewall ??? I have a client with ASA but wants to buy JUNIPER IDP ? would it still work at its best and optimium features ?

 

Experts opinion reqd.

 

thnx.

 

Contributor
kalleanka99
Posts: 24
Registered: ‎05-25-2011
0

Re: Standalone IDP deployment question !

NSM is a MUST if you want to configure policies on your IDP device.

 

If you buy the standalone IDP device there's no other must then the above NSM part.

 

The only "GUI" is the ACM where you configure the initial settings and then you have on-the-box reporting but that is for when you have deployed and it's actually doing stuff.

 

Deployment can be as you mentioned:

 

SNIFFER (out of path deployment)

TRANSPARENT (in path deployment)

MIXED (you can mix SNIFFER and TRANSPARENT modes)

 

http://www.juniper.net/techpubs/en_US/idp5.1/information-products/topic-collections/book-idp-deploym...

 

Please read the above PDF for a more detailed explanation of the above.

 

-John

 

JNCIP-SEC
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.