ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

ISG1000-IDP

02.17.09   |  
‎02-17-2009 11:24 PM

Hi all,

got ISG1000  with IDP licenese ,

i also got the 4 eth ports card installed,

 

the IDP polices can be configured on the 4 eth ports on that card only or i can use the 4 ports on the chassis it self to activate the IDP policies?

rock the boat , dont sink the ship
3 REPLIES
ScreenOS Firewalls (NOT SRX)

Re: ISG1000-IDP

02.18.09   |  
‎02-18-2009 05:00 AM

Hi, The IDP policies applies zone to zone on the ISG and not like a traditional IDP that apply policies by segment. So it doesn't matter what ports are you using, you can configure policies from any port to any port if they are in distict zones.

 

Regards.

ScreenOS Firewalls (NOT SRX)

Re: ISG1000-IDP

02.18.09   |  
‎02-18-2009 06:23 AM

Hi,

 

-Using IDP of ISG u configure IDP policy by zone based like firewall policies.

 

From Zone

Source

To Zone

Destination

Service

Action

Log

 

-With standalone IDP policies are configured by interface based and no zone concept. u have to decide incoming and outgoing interface for IDP policies.

 

Thanks

Kashif Rana
JNCIE-SEC, JNCIE-ENT, JNCIE-SP, JNCIS(FWV,SSL),JNCIA(IDP,AC,WX),BIG IP-F5-LTM, CCNP
----------------------------------------------------------------------------------------------------------------------------------------

If this post was helpful, please mark this post as an "Accepted Solution".Kudos are always appreciated!
ScreenOS Firewalls (NOT SRX)

Re: ISG1000-IDP

02.18.09   |  
‎02-18-2009 09:02 PM

Hi,

can anyone send some PDF to configure the IDP module in ISG 1000 by using the NSM from scratch. i am unable to find any documenation that typically deals with the IDP configuration in ISG.

 

thanks in advance