Creating IPS Policies
Use this page to define how your device handles network traffic and to define policy rules. It allows you to enforce various attack detection and prevention techniques on traffic traversing your network.
Before You Begin
Read the Understanding IPS Policies topic.
Configure network interfaces and security zones.
Enable intrusion prevention system (IPS) in security policies.
Review the IPS Policies main page for an understanding of your current data set. See IPS Policies Main Page Fields for field descriptions.
To configure an IPS policy:
- Select Configure > IPS Policy > Policies.
- Click the + icon.
- Complete the configuration according to the guidelines provided in the Table 1.
- Click OK.
A new IPS policy with your configurations is created. After you create an IPS policy, add rules in one or more rulebases and publish the policy. For more information on the IPS policy rules, see Creating IPS Policy Rules To enable the IPS policy, apply it to a domain, see Assigning Policies and Profiles to Domains.
Table 1: IPS Policy Settings
Enter a unique string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed and the maximum length is 255 characters.
Enter a description for the IPS policy; maximum length is 2048 characters.
Select Advanced to create a policy that allows you to modify custom IPS rules independent of the predefined template. In addition, you can start with a predefined template that copies the predefined rules to your policy, and then edit or delete the rules as necessary.
Select the predefined and custom policy templates from the Available column to include in the selected list for grouping all rules.
Select an option either to update a specific firewall policy configuration to a large set of devices or to push a unique firewall policy configuration per device:
If you selected device policy template type, then select a device on which the policy will be published.
If you selected group policy template type, then select the devices from the Available column to include in the selected list for the group policy that will be published.
You can assign devices with Junos OS Release until 18.1. You must assign devices with Junos OS Release 18.2 onward from firewall policies.
Note: Starting in Junos Space Security Director Release 20.1R1, logical system (LSYS) is supported on devices running Junos OS Release 18.3 and later.
Starting in Junos Space Security Director Release 21.2R1, tenant system (TSYS) is supported on devices running Junos OS Release 18.3 and later for SRX Series devices and Junos OS Release 20.1 and later for VSRX Series devices.
Select an option to display or place the policy you have created before or after the device-specific policies.
Select this option to specify the policy sequence number. This number identifies the location of your policy in relation to the entire sequence.
Select Policy Sequence
Move and place the policy to your preferred sequence in the list. This helps you to organize your policy in the required sequence.