Deploying IDP Series and SA Series Appliances for Coordinated Threat Control
In a coordinated threat control deployment, Juniper Networks devices communicate using Transport Layer Security (TLS). On the Juniper Networks SA Series SSL VPN appliance, you configure settings for the connection with the IDP Series appliance, including a one-time password generated by the IDP Series appliance.
Figure 1 shows a split deployment, where the SA Series appliance has been deployed for extended enterprise access and the IDP Series appliance for security for all perimeter traffic including, but not limited to, the traffic coming from the SA Series appliance.
Figure 1: Coordinated Threat Control Deployment Diagram: Split Deployment
Figure 2 shows an internal deployment, where only encrypted SSL traffic terminated at the SA Series appliance has access to the protected network and the IDP Series appliance is deployed to inspect only traffic coming through the SA Series appliance.
Figure 2: Coordinated Threat Control Deployment Diagram: Internal Deployment
For information on configuring an SA Series appliance to communicate with the IDP Series appliance, see the SA Series appliance documentation.
