ScreenOS Firewalls (NOT SRX)
Reply
Visitor
Omair
Posts: 3
Registered: ‎01-07-2008
0

SSG deep inspection Vs IDP

I am wondering what really differentiate b/w deep inspection and IDP, both are IPS. i know deep inspection is aimed towards small businesses contrary to IDP. But my question s that am i right in considering deep inspection as same as IDP on attack signatures but differ in performance or they both have different number of signatures and deep inspection is unable to stop all attacks which IDP does.

I mean number of attacks prevented are same for both devices or not.
Trusted Contributor
Frac
Posts: 61
Registered: ‎11-15-2007
0

Re: SSG deep inspection Vs IDP

Hi,
 
DI doesn't support as many protocols/sign then IDP.
 
So there is a difference between both.
 
GreetZ,
Frac
http://juniper-frac.blogspot.com
Visitor
Omair
Posts: 3
Registered: ‎01-07-2008
0

Re: SSG deep inspection Vs IDP

thanks!!! could any body let me know number of signatures idp and ssg support to prevent these attacks
Recognized Expert
PentinProcessor
Posts: 258
Registered: ‎11-06-2007
0

Re: SSG deep inspection Vs IDP

There are a couple White Papers that explain DI and IDP. You do need to fill out a quick form to view the White Papers, but they are very good.


Datasheet for IDP:
-------------------

http://www.juniper.net/products_and_services/intrusion_prevention_solutions/idp_50_slash_200_slash_600_slash_1100/
which has pointer to White Papers under the Literature Tab:
http://www.juniper.net/solutions/literature/white_papers/wp_idp.pdf

http://www.juniper.net/products/intrusion/dsheet/110037.pdf
More than 5000 signatures


Datasheet for SSG500 Series:
-----------------------------
http://www.juniper.net/products_and_services/firewall_slash_ipsec_vpn/ssg_500_series/index.html

which has pointer to White Papers under the Literature Tab:
http://www.juniper.net/solutions/literature/white_papers/deep_inspection_wp.pdf
Super Contributor
oldtimer
Posts: 227
Registered: ‎11-06-2007
0

Re: SSG deep inspection Vs IDP

DI is loosely based on IDP. When you want write a custom signature, your best bet is with IDP. DI is not able to process complex inspection of signatures, so if the signature you write is fairly detailed (like a P2P signature), DI will not be able to handle that. I usually recommend using DI only with the pre-defined signatures and anamolies that are downloadable. Anything more specific should be handled with IDP.
Visitor
gsmolar
Posts: 6
Registered: ‎05-14-2008
0

Re: SSG deep inspection Vs IDP

I've also been searching for a comparison between DI and IDP and Google returned this PDF file ( http://www.indevis.de/dokumente/netscreen_isg_faqs_2005.pdf ). In it, at page 6, a "DI vs. IDP Comparison Guide" is mentioned, but I couldn't find it anywhere. Is that comparison guide still available anywhere?
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.