QuickStart Guide, Juniper Networks NetScreen-IDP 3.0 | 7
Sniffer Mode
Advantages
Disadvantages
• Seamless replacement of current IDS
• Minimal network changes
• Does not create an additional point-of-
failure gateway
• Can monitor and log suspicious network
activity
• Passive monitoring with limited
prevention only
• Must use a hub or the span port of a
switch
• Cannot use NS-IDP-BYP for fail-open
protection
IDP
Firewall
Hub or
Switch
Protected Network
Eth2
IP 2.2.2.7
Management Network
Hub or Switch
straight-through cable
mirror/span port if a switch
1.1.1.1
2.2.2.1
(Management Interface)
Client1
IP
2.2.2.2
Client2
IP
2.2.2.3
Client3
IP
2.2.2.5
Client4
UI installed
IP
2.2.2.6
Management
Server
IP
2.2.2.4
Server1
IP
1.1.1.2
GW
1.1.1.1
Server3
IP
1.1.1.4
GW
1.1.1.1
Server2
IP
1.1.1.3
GW
1.1.1.1
Eth0
(Sniffing Interface)
