Related Documentation
- J Series
- Understanding IDP Log Suppression Attributes
- Understanding IDP Logging
- Understanding Application-Level DDoS Logging
- SRX Series
- Understanding IDP Log Suppression Attributes
- Understanding IDP Logging
- Understanding Application-Level DDoS Logging
- Additional Information
- Junos OS Feature Support Reference for SRX Series and J Series Devices
Understanding IDP Log Information Usage on the IC Series UAC Appliance
The IC Series UAC Appliance for the Unified Access Control (UAC) appliance can use Intrusion Detection and Prevention (IDP) attack log information sent from the Juniper Networks device to apply access policies for traffic in which IDP logs indicate an attack has been detected. Using a secure channel of communication, these IDP logs are sent to the IC Series appliance directly and securely. IDP attack logs are sent to the IC Series appliance through the JUEP communication channel.
This topic contains the following sections:
Message Filtering to the IC Series UAC Appliance
When you configure the IC Series UAC Appliance to receive IDP log messages, you set certain filtering parameters on the IC Series appliance. Without this filtering, the IC Series appliance could potentially receive too many log messages. The filtering parameters could include the following:
- The IC Series appliance should only receive communications from IDP for sessions it has authenticated. See the Unified Access Control Administration Guide for details.
- You can create IC Series appliance filters for receiving IDP logs files based on the their severity. For example, if on the IC Series appliance the severity is set to high, then IDP only sends logs which have a severity greater than or equal to high. See the Unified Access Control Administration Guide for details.
- From the IC Series appliance, you can disable the receiving of all IDP logs. See the Unified Access Control Administration Guide for details.
Configuring IC Series UAC Appliance Logging
All the configuration for receiving and filtering IDP logs is done on the IC Series UAC Appliance. You should refer to the Unified Access Control Administration Guide for configuration information for receiving IDP logs and details on the JUEP communication channel.
Related Documentation
- J Series
- Understanding IDP Log Suppression Attributes
- Understanding IDP Logging
- Understanding Application-Level DDoS Logging
- SRX Series
- Understanding IDP Log Suppression Attributes
- Understanding IDP Logging
- Understanding Application-Level DDoS Logging
- Additional Information
- Junos OS Feature Support Reference for SRX Series and J Series Devices
