Intrusion Prevention
Intrusion Prevention

Standalone IDP deployment question !

05.31.12   |  
‎05-31-2012 09:58 AM

So far I know that IDP hardware can be deployed in INLNIE or SNIFFER mode.


But , is it mandatory to use a security manager (NSM XpresS) for it ?  ....  Does IDP come with defualt built-in GUI interface or not ????? I am asking this question from both design and implementation perspective ! it mandatory to deploy Juniper IDP hardware with Juniper firewall ??? I have a client with ASA but wants to buy JUNIPER IDP ? would it still work at its best and optimium features ?


Experts opinion reqd.




Intrusion Prevention

Re: Standalone IDP deployment question !

05.31.12   |  
‎05-31-2012 02:17 PM

NSM is a MUST if you want to configure policies on your IDP device.


If you buy the standalone IDP device there's no other must then the above NSM part.


The only "GUI" is the ACM where you configure the initial settings and then you have on-the-box reporting but that is for when you have deployed and it's actually doing stuff.


Deployment can be as you mentioned:


SNIFFER (out of path deployment)

TRANSPARENT (in path deployment)

MIXED (you can mix SNIFFER and TRANSPARENT modes)


Please read the above PDF for a more detailed explanation of the above.