How to configure IDP on the SRX Series
Widget Connector | ||
---|---|---|
|
https://kb.juniper.net/InfoCenter/index?page=content&id=KB16489&actp=METADATA
1- install license
2- Download the IDP security packages & Install signature database
3- create the IDP policy
4- Enable a Sec Policy for IDP Inspection
show system license installed
show security idp status
OPTIONAL: show services application-identification version ( check app-id db)
request security idp security-package download check-server
...
show security idp security-package-version
[edit]
root# run request security idp security-package install
error: Security Package installation disabled temporarily due to invalid license.
4- Enable a Sec Policy for IDP Inspection
set security idp active-policy ? >>>> list of preconfig policy
set security idp active-policy Recommended
show | compare
set security policies from-zone trust to-zone untrust policy idp-app-policy-1 match source-address any destination-address any application any
set security policies from-zone trust to-zone untrust policy idp-app-policy-1 then permit application-services idp
show security idp status