[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Configuring IDP Policies for Application Identification

For application identification to work, you must choose the default configuration option as the application type in an IDP policy rule. If you specify an application instead, the application identification feature is disabled and IDP matches the traffic with the specified application.

Before You Begin
  1. For background information, read:
  2. Establish basic connectivity. See the Getting Started Guide for your device.
  3. Configure network interfaces. See the JUNOS Software Interfaces and Routing Configuration Guide.
  4. Download the signature database. See Updating the Signature Database Manually

The configuration instructions in this topic describe how to configure IDP policy for application identification.

You can use either J-Web or the CLI configuration editor to configure IDP policy for application identification.

This topic contains:

CLI Configuration

To configure IDP policy for application identification:

  1. Create an IDP policy, associate a rulebase with the policy, and define rules in the rulebase. The following statement creates an IDP policy ABC and defines rule 123 in the IPS rulebase:
    user@host# set security idp idp-policy ABC rulebase-ips rule 123
  2. Specify the application type as a match condition in the policy. The following statement specifies default as the application type:
    user@host# set security idp idp-policy ABC rulebase-ips rule 123 match application default
  3. Continue to configure other match conditions and actions for the policy (see Defining Rules for an IPS Rulebase).
  4. If you are finished configuring the router, commit the configuration.
  5. From configuration mode in the CLI, enter the show security idp command to verify the configuration. For more information, see the JUNOS Software CLI Reference.

Related Topics

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]