Security

last person joined: yesterday 

Ask questions and share experiences with Juniper Connected Security. Discuss Advanced Threat Protection, SecIntel, Secure Analytics, Secure Connect, Security Director, and all things related to Juniper security technologies.

  • 1.  help on deployment of ISG with IDP blade

    Posted 01-23-2009 22:12

    Hello freinds

     

    I want to ask some questions regarding deployment of ISG with IDP blade:

     

    Q1-  I have ISG-2000 with IDP blade. I have one core SSG-550 firewall with three zones trust, dmz and untrust. I want to use firewall of existing SSG-550 and IDP blade of ISG. How can i use only IDP blade of ISG not its firewall?

     

    Q2-  I want to protect trust zone and dmz hosts of SSG-550. Where can i place ISG-Blade? May i need two IDP each for trust and dmz?

     

    Q3-  What is the minimum configuration i have to do in IDP blade for IDP to work? I mean initially only IDP security policies configuration is enough?

     

     

    Thanks a lot in advance

     



  • 2.  RE: help on deployment of ISG with IDP blade
    Best Answer

    Posted 01-26-2009 04:28

    Hi Boxer,

    I try to answer your questions below:

     

    Q1-  I have ISG-2000 with IDP blade. I have one core SSG-550 firewall with three zones trust, dmz and untrust. I want to use firewall of existing SSG-550 and IDP blade of ISG. How can i use only IDP blade of ISG not its firewall?

     

    Depending on your network diagram, you may want to replace the SSG with the ISG-IDP or place the ISG-IDP to protect a network and leave the SSG in the core.

    I would personally replace the SSG with the ISG-IDP so that you can apply the IDP inspection in the core of your network.

    In this way you can keep the SSG as a backup device (if you don't have a cluster already).

     

     

     

    Q2-  I want to protect trust zone and dmz hosts of SSG-550. Where can i place ISG-Blade? May i need two IDP each for trust and dmz?

     

    If you replace the SSG with the ISG-IDP you can control all the zone's traffic from the core.

     

     

     

    Q3-  What is the minimum configuration i have to do in IDP blade for IDP to work? I mean initially only IDP security policies configuration is enough?

     

    Remember that to manage the IDP you need an NSM server.

    From NSM, you can start configuring a policy  for IDP and select as Attack the "Recommended Attacks" with Action "Recommended Action", and logging everything.

     

     

     

     Hope this helps

    Daniele



  • 3.  RE: help on deployment of ISG with IDP blade

    Posted 01-29-2009 06:27

    Hello

     

    I am facing another problem I download attack object in NSM and i configure IDP policy with any any and no action. When i pushed the policy to ISG/IDP blade it gave error every time when i pushed policy.

     Error Text: IDP Policy Compilation Failed: Context based attack 'MS-RPC:MSG-QUEUE-HEAP-OF_1' is not valid in rule #1 with 'any' service - use 'default' service instead

    In service field of policy i use default service then it gave error:The Device has returned an Error. The file might be invalid.

    I dont know whats going on? Please help me out