SRX Services Gateway
Highlighted
SRX Services Gateway

IDP Direction on SRX

‎03-28-2016 12:04 PM
Hi, My understanding says it is more worth to apply IDP only from Untrust to all zones direction as this is direction from where most attacks come from and decrease the amount of traffic processed by IDP if you have a lot LAN to LAN or cross site traffic over MPLS. Please share your insights. Am
2 REPLIES 2
Highlighted
SRX Services Gateway
Solution
Accepted by topic author ammy
‎03-30-2016 07:47 AM

Re: IDP Direction on SRX

‎03-30-2016 01:59 AM

Hello Ammy ,

 

Generally we does not recommend to open policy from Untrust to Trust untill you have some web services or application hosting . But when you have untrust to trust policy , its advanced to have IDP policy for the same . But if you have appID or Apptracker , thats applied from trust to untrust based on requirement . Normally the IDP is applied from Untrust to trust .


Thanks,
Sam

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too .....
Highlighted
SRX Services Gateway

Re: IDP Direction on SRX

‎03-30-2016 07:47 AM

Thanks Sam. 

Feedback