SRX Services Gateway
Highlighted
SRX Services Gateway

SRX IDP question

‎01-15-2015 02:48 PM

I am curious if it is possible to use IDP to block outbound traffic containing sensitive information?  For example, can I block someone from sending out a file that has a specific type of information contained within it?  Like a string of numbers?  I know its supposed to do deep packet inspection (DPI) but I was wondering if this more granular method was possible.  

2 REPLIES 2
Highlighted
SRX Services Gateway

Re: SRX IDP question

‎01-15-2015 09:53 PM

I believe we should be able to do this as per below URL. It says "Stream Select–Reassembles packets and extracts the data to search for a pattern match. "

 

http://www.juniper.net/techpubs/en_US/idp5.0/topics/task/configuration/intrusion-detection-preventio...

 

http://kb.juniper.net/InfoCenter/index?page=content&id=KB21338&smlogin=true

 

Thanks,

Suraj

 

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too

Thanks,
Suraj
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too
Highlighted
SRX Services Gateway

Re: SRX IDP question

‎01-16-2015 07:35 AM

Thank you for your reply Suraj.  So for my purposes if I wanted to block a string of numbers like an IP address or a social security number, something that by itself is very unique, how would I go about doing that since the IP address or ssn would be unique while my match criteria would have to be a bit more general?

 

For example, an SSN looks like this - 123-45-6789 - could I just match on something that looks for these types of numbers separated by dashes in this fashion?  Could my match criteria be "xxx-xx-xxxx" ?

Feedback