Navigation
Supported Platforms
Related Documentation
Understanding Intrusion Detection and Prevention for SRX Series
An Intrusion Detection and Prevention (IDP) policy lets you selectively enforce various attack detection and prevention techniques on the network traffic passing through your SRX Series. The SRX Series offer the same set of IDP signatures that are available on Juniper Networks IDP Series Intrusion Detection and Prevention Appliances to secure networks against attacks. The basic IDP configuration involves the following tasks:
- Download and install the IDP license—See Updating Licenses for a Branch SRX Series.
- Download and install the signature database—You must download and install the IDP signature database. The signature databases are available as a security package on the Juniper Networks website. This database includes attack object and attack object groups that you can use in IDP policies to match traffic against known attacks.
- Configure recommended policy as the IDP policy—Juniper
Networks provides predefined policy templates to use as a starting
point for creating your own policies. Each template is a set of rules
of a specific rulebase type that you can copy and then update according
to your requirements.
To get started, we recommend you use the predefined policy named “Recommended”.
- Enable a security policy for IDP inspection—For transit traffic to pass through IDP inspection, you configure a security policy and enable IDP application services on all traffic that you want to inspect.
For more details on IDP, see Junos OS Intrusion Detection and Prevention (IDP) Library for Security Devices.
