Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    IDP Rulebase Example: Using Recommended Actions

    This example demonstrates the usefulness of Juniper Networks Security Center (J-Security Center) recommended actions.

    When you specify a rule action, you have the option to specify:

    • No action
    • A specific action
    • The value Recommended

    Recommended actions are coded in the predefined attack object by the J-Security Center team. The J-Security Center team codes a recommended action in all predefined attack objects, not just the recommended attack objects. When you use the recommended action, you leverage the experience and expertise of the J-Security Center team.

    Figure 1 shows an IDP rulebase rule with action set to Recommended.

    When you update the NSM attack database, any changes to recommended actions are also automatically updated.

    When you get started with an IDP Series deployment, you should use the recommended actions and enable notification for rule matches. If you find these settings meet your needs, you can turn off logging (at your discretion). If you find you prefer a different action, you can specify a different action.


    Published: 2011-02-08