Intrusion Prevention
Highlighted
Intrusion Prevention

IDP update from local web server

a week ago

Hello,

 

I have an SRX in a network that by security policy is not allowed to reach out to the open internet for IDP Sig DB updates, even through a proxy.  We do have a DMZ that I can spin up a web server in to be able to pull those updates into though.  My question is, is it possible to change the URL on the SRX to point to my local web server instead to handout the update?  What underlying processes are in place that would prevent this?

 

Thank you!

1 REPLY
Intrusion Prevention

Re: IDP update from local web server

a week ago

To my knowledge you can not get the SRX to automatically download from another server at regular intervals.

 

What you can do is downloading the offline package and initiate the installation via some automation scripts.

Manuals step to update: https://kb.juniper.net/InfoCenter/index?page=content&id=KB32399

 

I expect that file path in step 7 can be replaced with the DMZ server hostname/url/IP.

 

Another member of this forum actually made a script which downloads the latest signature database. That could be run on your DMZ server: https://forums.juniper.net/t5/SRX-Services-Gateway/IDP-offline-updates-easier/td-p/308348

 

I hope this brings you further.

 

--
Best regards,

Jonas Hauge Jensen
Systems Engineer, SEC Datacom A/S (Denmark)