background image

List of Tables 

„

 

ix

List of Tables

Table 1:

Notice Icons .................................................................................... xi

Table 2:

Advantages and Disadvantages of Sniffer Mode (Passive) ................ 4

Table 3:

Advantages and Disadvantages of Transparent Mode (Inline Active) 5

Table 4:

NIC State Options .......................................................................... 11

Table 5:

IDP Sensor Drives .......................................................................... 13

Table 6:

IDP Sensor Power Supplies ............................................................ 14

Table 7:

Front Panel System Status LEDs .................................................... 14

Table 8:

IDP Sensor Management and High Availability Port LED ............... 15

Table 9:

IDP Sensor Traffic Port LEDs ......................................................... 15

Table 10: Hard Drive LED Definitions............................................................ 16
Table 11: Power Supply LED Definitions ....................................................... 16
Table 12: Information Needed for QuickStart Configuration.......................... 26
Table 13: Information Needed for ACM Configuration................................... 26
Table 14: Advantages and Disadvantages of Bridge Mode ............................. 44
Table 15: Advantages and Disadvantages of Router Mode............................. 45
Table 16: Advantages and Disadvantages of Proxy-ARP Mode ...................... 46
Table 17: Physical Specifications ................................................................... 48
Table 18: AC Power Specifications ................................................................ 48
Table 19: Power Cord Specifications ............................................................. 48
Table 20: Environmental Specifications......................................................... 48
Table 21: Physical Specifications ................................................................... 49
Table 22: AC Power Specifications ................................................................ 49
Table 23: Power Cord Specifications ............................................................. 49
Table 24: Environmental Specifications......................................................... 49
Table 25: Physical Specifications ................................................................... 50
Table 26: AC Power Specifications ................................................................ 50
Table 27: Power Cord Specifications ............................................................. 50
Table 28: Environmental Specifications......................................................... 50
Table 29: Physical Specifications ................................................................... 51
Table 30: AC Power Specifications ................................................................ 51
Table 31: Power Cord Specifications ............................................................. 51
Table 32: Environmental Specifications......................................................... 51

Summary of Contents for IDP 250

Page 1: ...rth Mathilda Avenue Sunnyvale CA 94089 USA 408 745 2000 www juniper net Part Number 530 023834 01 Juniper Networks Intrusion Detection and Prevention IDP 75 250 800 and 8200 Installation Guide Release...

Page 2: ...nse The following information is for FCC compliance of Class B devices The equipment described in this manual generates and may radiate radio frequency energy If it is not installed in accordance with...

Page 3: ...P 250 Sensor 8 IDP 800 Sensor 8 IDP 8200 Sensor 9 Traffic Ports Forwarding Interfaces 10 Configurable NIC States 10 Normal State 11 NIC Bypass State 11 NIC Bypass and Cable Choices 12 External Bypass...

Page 4: ...rwarding Interfaces 28 Verifying Traffic Flow 28 Connecting the High Availability Port 28 Chapter 5 Adding the Sensor to NSM 29 Adding Your Sensor to NSM 29 Checking the Status of Your Sensor 33 Chapt...

Page 5: ...Table of Contents Table of Contents v IDP 800 Technical Specifications 50 IDP 8200 Technical Specifications 51 Safety Compliance 52 EMI Compliance 52 Immunity 52 Index 53...

Page 6: ...vi Table of Contents IDP 75 250 800 and 8200 Installation Guide...

Page 7: ...Midmount Bracket 19 Figure 11 1 RU Device IDP 75 Midmount Bracket 20 Figure 12 Begin Add Device Procedure 30 Figure 13 Add Device Wizard Device Name 30 Figure 14 Add Device Wizard Connection Settings...

Page 8: ...viii List of Figures IDP 75 250 800 and 8200 Installation Guide...

Page 9: ...for ACM Configuration 26 Table 14 Advantages and Disadvantages of Bridge Mode 44 Table 15 Advantages and Disadvantages of Router Mode 45 Table 16 Advantages and Disadvantages of Proxy ARP Mode 46 Tab...

Page 10: ...x List of Tables IDP 75 250 800 and 8200 Installation Guide...

Page 11: ...Conventions on page xi Documentation on page xii Requesting Technical Support on page xii Audience This guide is intended for experienced system and network specialists Conventions The term sensor is...

Page 12: ...ing basic configuration management server installation and user interface installation Online Help Available through the IDP Appliance Configuration Manager ACM The online help provides explanations f...

Page 13: ...software Search technical bulletins for relevant hardware and software notifications http www juniper net alerts Join and participate in the Juniper Networks Community Forum http www juniper net compa...

Page 14: ...IDP 75 250 800 and 8200 Installation Guide xiv Requesting Technical Support...

Page 15: ...twork for the sensor Choose which mode you will run See Chapter 4 Installing the Sensor on page 17 4 Install the sensor on a rack See Chapter 4 Installing the Sensor on page 17 5 Log into the sensor u...

Page 16: ...use passive or active mode when deploying your IDP sensor NetScreen Security Manager Use NetScreen Security Manager NSM to administer the sensor IDP Sensor Placement Juniper Networks IDP sensor is an...

Page 17: ...ts before they reach their target Inline sensors are typically configured in transparent mode For other inline modes see Advanced Configuration on page 43 One step in setting up IDP on your network is...

Page 18: ...changes Does not create an additional point of failure gateway Monitors and logs suspicious network activity Passively monitors with limited prevention only Requires a hub or the Switched Port Analyse...

Page 19: ...o your network See the IDP Concepts Examples Guide to improve the performance and accuracy of your protection Table 3 Advantages and Disadvantages of Transparent Mode Inline Active Advantages Disadvan...

Page 20: ...IDP 75 250 800 and 8200 Installation Guide 6 IDP Configuration Basics...

Page 21: ...s and USB Ports on page 13 Power Supplies on page 13 IDP Sensor LEDs on page 14 IDP Sensors This section provides an overview of the following IDP sensors IDP 75 Sensor on page 8 IDP 250 Sensor on pag...

Page 22: ...The IDP 250 sensor is optimal for medium central sites or large branch offices Figure 4 shows the following features One console serial port One management network interface port One dedicated high av...

Page 23: ...00 Sensor The IDP 8200 sensor is optimal for large central sites or high traffic areas Figure 6 shows the following features One console serial port One management network interface port One dedicated...

Page 24: ...located on the front of each device Sensors can have a combination of copper and fiber ports Figure 7 Traffic Ports Configurable NIC States Copper port pairs on the IDP 75 250 800 and 8200 can be con...

Page 25: ...es active again it sends a reset signal When the timer receives the reset signal the bypass deactivates automatically and the sensor goes back to normal operation When NICs are in NIC bypass state pri...

Page 26: ...ting the devices If the two devices are connected with a cross over cable use two straight through cables to connect the sensor to these two devices When NIC bypass starts the resulting effect is to c...

Page 27: ...d on all IDP sensors Console Serial Port The console serial port provides access using an RJ 45 connector to the sensor s command line interface CLI Management Port The management port provides access...

Page 28: ...on all sensors HA ports are available on the IDP 250 800 and 8200 sensors only Table 8 describes the LEDs for management and HA ports Table 6 IDP Sensor Power Supplies IDP Sensor Power Supplies 75 On...

Page 29: ...00 and the 8200 sensors Table 8 IDP Sensor Management and High Availability Port LED Port LED Description Status LINK Port connection activity indicator Blinks amber to indicate activity on the port T...

Page 30: ...tem emits a high pitch noise if a hard drive has failed The LED flashes red if the drive is being rebuilt Do not turn the power off unplug the unit or remove either drive while the drive is being rebu...

Page 31: ...rds in your work area such as moist floors ungrounded power extension cables frayed power cords and missing safety grounds WARNING Never assume that the power supply is disconnected from a power sourc...

Page 32: ...e exhaust air from intake air The best placement of the baffles depends on the airflow patterns in the rack The IDP 75 sensor occupies one rack unit RU in an equipment rack One RU is 1 75 inches 44 45...

Page 33: ...o they prevent the device from sliding forward 6 Secure the rear brackets to the rack Mounting Using Midmount Brackets To mount the sensor using the midmount brackets in a device rack 1 Use a flathead...

Page 34: ...e power supply at the rear of each chassis 2 Connect the other end of the power cable to the electrical outlet 3 For IDP 800 and 8200 sensors only Connect the second power cable to the receptacle on t...

Page 35: ...g the High Availability Port on page 28 Initial Configuration Options When you first configure your sensor you can choose a simple configuration that sets options to the most commonly used settings or...

Page 36: ...liance Configuration Manager See ACM Advanced Configuration on page 26 Connecting to the Sensor Your sensor has two management interfaces a console serial port and a management Ethernet port You can u...

Page 37: ...rs in the terminal window press Enter to display the boot messages 5 Log into the IDP sensor as name root and password abc123 The EasyConfig script runs automatically The following text appears Config...

Page 38: ...gement port is now complete EasyConfig does not run the next time you log into the sensor Using the Management Port to Configure the Sensor You can choose a simple or advanced configuration for the se...

Page 39: ...and password abc123 4 Go to Simple or Advanced Configuration Using the Management Port on page 25 Simple or Advanced Configuration Using the Management Port The IDP sensor management port provides two...

Page 40: ...ameters Management Interface IP Address The IP address of the sensor management interface Management Interface Netmask The netmask for the management interface IP address Default Route Your network s...

Page 41: ...figure SSH access This is optional Set if you want to access the sensor using a terminal window or if you want to be able to upload upgrade files to the sensor See the ACM online help for more informa...

Page 42: ...t sensors the pairs are horizontal port pairs 0 1and 2 3 on each NIC Traffic in inline transparent mode only flows between paired interfaces You cannot have traffic flow from port 0 to port 2 for exam...

Page 43: ...cking the Status of Your Sensor on page 33 Adding Your Sensor to NSM This procedure assumes your sensor is installed has a static IP address and is reachable using SSH If your sensor is not yet availa...

Page 44: ...Security Devices age click the button and select Device to open the Add Device wizard Figure 13 a Type a name and select a color to represent the device in the UI b Select Device is Reachable default...

Page 45: ...in user name The default password is abc123 d Enter the password for the device root user The default password is abc123 e Select SSH Version 2 as the connection method Leave the port number as 22 f C...

Page 46: ...to this 1024 f4 91 d0 04 b7 61 00 77 45 c3 cc bd af b3 5b a2 ssh_host_dsa_key pub 8 After you have verified the key click Next to display device information retrievable by NSM Figure 16 This takes a...

Page 47: ...ce job Checking the Status of Your Sensor When the update device job finishes move the mouse pointer over the device in Device Manager to check the device status The configuration state Managed indica...

Page 48: ...IDP 75 250 800 and 8200 Installation Guide 34 Checking the Status of Your Sensor...

Page 49: ...ust load a new sensor image to NSM Then use NSM to load the new image onto your sensors Loading a Sensor Image into NSM To make the sensor software available to NSM 1 Download firmware image files fro...

Page 50: ...onto the device but you cannot manage the device from NSM until the device ADM is updated 6 Click Finish to display upgrade status in the Job Information dialog box 7 When the upgrade finishes click C...

Page 51: ...erial port of the device using the serial cable provided with the IDP sensor 2 Power off the IDP sensor 3 Insert the Restore Media USB stick into the USB flash drive on the front of the sensor 4 Power...

Page 52: ...IDP 75 250 800 and 8200 Installation Guide 38 Reimaging the IDP Sensor...

Page 53: ...nsor has three If a device has two replaceable power supplies you can hot swap one while the device is running Contact Juniper Networks if you want to purchase a spare power supply Remove a Power Supp...

Page 54: ...r The LED turns green to indicate that it is receiving power and is giving power to the IDP sensor only occurs if sensor is on The high pitched whine stops and the PS FAIL light on the front of the ID...

Page 55: ...side of the handle 2 Open the handle to its fully extended position 3 Begin to slide the drive into the bay 4 Gently slide the drive the rest of the way into the bay and snap it into place 5 Close the...

Page 56: ...IDP 75 250 800 and 8200 Installation Guide 42 Replacing a Hard Drive IDP 800 and 8200 Only...

Page 57: ...43 IDP High Availability Deployment Modes on page 46 Advanced Deployment Modes Most IDP sensors are configured in passive sniffer or transparent mode However the IDP 75 250 and 800 sensors can also be...

Page 58: ...asts No changes to routing tables or network equipment Cannot connect IP networks with different address spaces Management Server IP 2 2 2 4 User Interface IP 2 2 2 5 Protected Machines Hub or Switch...

Page 59: ...Connects IP networks with different address spaces Affects Layer 3 IP networks routing tables Interfaces cannot be used in stealth mode The sensor itself can be the target of attacks Management Server...

Page 60: ...odes and HA clusters see the NetScreen Security Manager Administrator s Guide Table 16 Advantages and Disadvantages of Proxy ARP Mode Advantages Disadvantages Reliably responds to and prevents attacks...

Page 61: ...ndards for compliance It has the following sections IDP 75 Technical Specifications on page 48 IDP 250 Technical Specifications on page 49 IDP 800 Technical Specifications on page 50 IDP 8200 Technica...

Page 62: ...ominal Value Acceptable Range AC input voltage 110 220 VAC single phase 90 to 255 VAC AC input line frequency 50 60 Hz 47 to 63 Hz AC input current 4 A 110 VAC 2 A 220 VAC Table 19 Power Cord Specific...

Page 63: ...Value Acceptable Range AC input voltage 110 220 VAC single phase 90 to 255 VAC AC input line frequency 50 60 Hz 47 to 63 Hz AC input current 4 A 110 VAC 2 A 220 VAC Table 23 Power Cord Specifications...

Page 64: ...n Nominal Value Acceptable Range AC input voltage 110 220 VAC single phase 90 to 255 VAC AC input line frequency 50 60 Hz 47 to 63 Hz AC input current 4 A 110 VAC 2 A 220 VAC Table 27 Power Cord Speci...

Page 65: ...al Value Acceptable Range AC input voltage 110 220 VAC single phase 90 to 255 VAC AC input line frequency 50 60 Hz 47 to 63 Hz AC input current 4 A 110 VAC 2 A 220 VAC Table 31 Power Cord Specificatio...

Page 66: ...ion Safety of Information Technology Equipment EN 60950 2000 Safety of Information Technology Equipment including Electrical Business Equipment IEC 60950 Third Edition Safety of Information Technology...

Page 67: ...specifications 48 IDP 600 technical specifications 50 immunity 52 installing the appliance 18 L LED Definitions 14 M mounting the appliance 18 N NIC Bypass 10 NIC bypass 11 cable choices 12 notice ico...

Page 68: ...IDP 75 250 800 and 8200 Installation Guide 54 Index...

Reviews: