The IDP signature database is stored on the IDP enabled device
and contains definitions of predefined attack objects and groups.
These attack objects and groups are designed to detect known attack
patterns and protocol anomalies within the network traffic. You can
configure attack objects and groups as match conditions in IDP policy
You must install the IDP signature-database-update license key
on your device for downloading and installing daily signature database
updates provided by Juniper Networks. For license details, see the JUNOS Software Administration Guide.
You can perform the following tasks to manage the IDP signature
Update the signature database—Download the attack
database updates available on the Juniper Networks website. New attacks
are discovered daily, so it is important to keep your signature database
up to date.
Verify the signature database version—Each signature
database has a different version number with the latest database having
the highest number. You can use the CLI to display the signature database
Update the protocol detector engine—You can download
the protocol detector engine updates along with downloading the signature
database. The IDP protocol detector contains Application Layer protocol
decoders. The detector is coupled with the IDP policy and is updated
together. It is always needed at policy update time, even if there
is no change in the detector.
Schedule signature database updates—You can configure
the IDP-enabled device to automatically update the signature database
after a set interval.