Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Modifying the IPS Configuration for Security Devices

 

You can use the IPS section on the Modify Configuration page to modify the sensor configuration for a device. You must configure the SRX Series device to send attack packets to the Junos Space Network Management Platform. Select the device and configure the parameters such as host IP address for receiving packets, source IP address, maximum sessions, threshold logging interval, total memory, and port.

Note

Refer to the Junos OS documentation available at http://www.juniper.net/documentation/en_US/release-independent/junos/information-products/pathway-pages/junos/product/ for detailed information on the configuration parameters for a device.

To modify packet log parameters:

  1. Select Devices > Security Devices.

    The Security Devices page appears.

  2. Select a device to modify the configuration.
  3. From the More or right-click menu, select Configuration > Modify Configuration.

    The Modify Configuration page appears.

  4. Select IPS.

    The Sensor Configuration screen appears.

  5. Modify the configuration according to the guidelines provided in Table 1.

    Table 1: Sensor Configuration Details

    Setting

    Guidelines

    Host IP for receiving packets

    The Virtual IP address of the Junos Space Network Management Platform server for SRX Series devices to send packets.

    Source address

    The interface IP address of the SRX Series device through which packets are sent.

    Max Sessions

    The maximum number of packet capture sessions expressed as a percentage of the IDP session capacity for the device.

    Threshold logging interval

    The minimum time interval in minutes between log messages for maximum sessions or memory reached.

    Total Memory

    The maximum amount of memory allocated to capture packets for a device. This value is expressed as a percentage of the memory available on the device.

    Port

    The port number of the server for SRX Series devices to send the packet capture object.

    The port is 2050, which is opened on Junos Space Network Management Platform server on installing Security Director to receive packets from SRX series devices.

Related Documentation