Responses inline >>
Not sure of the right forum as this could also exist in a number of others but what is the difference between the Deep Packet Inspection that you can subscribe to with the SSG series and the IPS on the SRX? All I can find from datasheets is the IPS has "customer signature creation".
>> DPI is basically a very lightweight version of IPS. Off the top of my head, I think the SSG runs around 700 signatures and IPS runs over 5000.
Also is the IPS offered on the SRX also offered on the SSG when running Junos? I.e. is it OS or platform dependant (or both)
>> Nope, sorry. The SSG doesn't have enough memory or processing horsepower to handle the full IPS signuature set; DPI was created to allow the SSG to get as close as possible to an IPS-like solution within the memory/processor footprint that was available on the platform. The SRX was designed years later and has much more memory, multicore processors, faster bus speeds, etc and so is capable of running the full IPS signature set.
One more: what is the difference between SRX IPS and IDP IPS? Besides probably performance associated with a bespoke appliance, is the look / feel and detection / prevention capability the same?
>> The IPS engine was taken from the standalone box and moved to the SRX. There are some differences due primarily to architecture and available QA cycles so the SRX is missing a few features (so far, at least) that are available on the standalone box (on-box packet capture, on-box reporting, etc). The IPS engine is the same between the SRX and standalone, the signatures are the same; we've been working for a while toward narrowing the feature gap and have gotten close enough that the SRX covers what most folks want to see from an IPS solution. As for look/feel, the SRX does not require NSM for management - you can manage it via NSM or standalone via CLI (VERY handy for smaller shops that have enough expertise to run the CLI but not enough budget and locations that they want to invest in NSM); other than that, they're mostly the same.