SRX Services Gateway
Highlighted
SRX Services Gateway

IDP packet log

‎01-30-2012 11:10 AM

Can you enable IDP packet logging on a branch device ( SRX 650 ) ?

 

I'm trying to find out whats triggering a major IDP signature before making it exempt

 

I can't find the options on the SRX 650

 

 

Thanks

CCNA CCNP JNCIA-JNCIS-JNCIP-SEC
4 REPLIES 4
Highlighted
SRX Services Gateway

Re: IDP packet log

[ Edited ]
‎01-30-2012 01:03 PM

The PCAP collection on the IPS signature match, is only available on the SRX HE (1400 and up) as of JunOS 11.4 and only when the log mode is "stream".

 

On a related note, we're trying to find out through JTAC if this is a known limitation on the SRX HE and if log mode event will be supported in future. This becomes even more important if this pcap capability makes it to the SRX Branch as a greater percentage of Branch devices must be configured in log mode event due to other dependancies (e.g. Logging over a VPN).

 

 

 

Highlighted
SRX Services Gateway

Re: IDP packet log

‎01-31-2012 01:59 AM

So is it possible to get logs of screens or not?
On a srx650 running 10.4

Highlighted
SRX Services Gateway

Re: IDP packet log

‎02-01-2012 12:48 AM

Hi does that mean if I install 11.4 I get the packet log feature on branch devices ?

 

 

CCNA CCNP JNCIA-JNCIS-JNCIP-SEC
Highlighted
SRX Services Gateway

Re: IDP packet log

[ Edited ]
‎02-01-2012 08:03 AM

No - it's only available on SRX HE devices as of 11.4 JunOS

 

Hopefully it's something that Juniper will add tothe SRX Branch in one of the 12.x releases this year.

Feedback