ScreenOS Firewalls (NOT SRX)
ScreenOS Firewalls (NOT SRX)

SSG deep inspection Vs IDP

01.20.08   |  
‎01-20-2008 10:26 AM
I am wondering what really differentiate b/w deep inspection and IDP, both are IPS. i know deep inspection is aimed towards small businesses contrary to IDP. But my question s that am i right in considering deep inspection as same as IDP on attack signatures but differ in performance or they both have different number of signatures and deep inspection is unable to stop all attacks which IDP does.

I mean number of attacks prevented are same for both devices or not.
5 REPLIES
ScreenOS Firewalls (NOT SRX)

Re: SSG deep inspection Vs IDP

01.21.08   |  
‎01-21-2008 04:15 AM
Hi,
 
DI doesn't support as many protocols/sign then IDP.
 
So there is a difference between both.
 
GreetZ,
Frac
http://juniper-frac.blogspot.com
ScreenOS Firewalls (NOT SRX)

Re: SSG deep inspection Vs IDP

01.23.08   |  
‎01-23-2008 04:48 AM
thanks!!! could any body let me know number of signatures idp and ssg support to prevent these attacks
ScreenOS Firewalls (NOT SRX)

Re: SSG deep inspection Vs IDP

01.23.08   |  
‎01-23-2008 07:37 AM
There are a couple White Papers that explain DI and IDP. You do need to fill out a quick form to view the White Papers, but they are very good.


Datasheet for IDP:
-------------------

http://www.juniper.net/products_and_services/intrusion_prevention_solutions/idp_50_slash_200_slash_600_slash_1100/
which has pointer to White Papers under the Literature Tab:
http://www.juniper.net/solutions/literature/white_papers/wp_idp.pdf

http://www.juniper.net/products/intrusion/dsheet/110037.pdf
More than 5000 signatures


Datasheet for SSG500 Series:
-----------------------------
http://www.juniper.net/products_and_services/firewall_slash_ipsec_vpn/ssg_500_series/index.html

which has pointer to White Papers under the Literature Tab:
http://www.juniper.net/solutions/literature/white_papers/deep_inspection_wp.pdf
ScreenOS Firewalls (NOT SRX)

Re: SSG deep inspection Vs IDP

01.24.08   |  
‎01-24-2008 06:49 PM
DI is loosely based on IDP. When you want write a custom signature, your best bet is with IDP. DI is not able to process complex inspection of signatures, so if the signature you write is fairly detailed (like a P2P signature), DI will not be able to handle that. I usually recommend using DI only with the pre-defined signatures and anamolies that are downloadable. Anything more specific should be handled with IDP.
Highlighted
ScreenOS Firewalls (NOT SRX)

Re: SSG deep inspection Vs IDP

05.14.08   |  
‎05-14-2008 02:22 AM
I've also been searching for a comparison between DI and IDP and Google returned this PDF file ( http://www.indevis.de/dokumente/netscreen_isg_faqs_2005.pdf ). In it, at page 6, a "DI vs. IDP Comparison Guide" is mentioned, but I couldn't find it anywhere. Is that comparison guide still available anywhere?