TechLibrary

Navigation

Table of Contents

Guide That Contains This Content

[+] Expand All

[-] Collapse All

Example: Configuring IDP Policies for Application Identification

This example shows how to configure the IDP policies for application identification.

Requirements

Before you begin:

Configure network interfaces. See the Junos OS Interfaces Configuration Guide for Security Devices .
Download the application package.

Overview

In this example, you create an IDP policy ABC and define rule 123 in the IPS rulebase. You specify default as the application type in an IDP policy rule. If you specify an application instead of default the application identification feature will be disabled for this rule and IDP will match the traffic with the specified application type. The applications defined under application-identification cannot be referenced directly at this time.

Configuration

Step-by-Step Procedure

To configure IDP policies for application identification:

Create an IDP policy.
[edit]user@host# set security idp idp-policy ABC
Specify the application type.
[edit]user@host# set security idp idp-policy ABC rulebase-ips rule 123 match application default
Specify an action to take when the match condition is meet.
[edit]user@host# set security idp idp-policy ABC rulebase-ips rule 123 then action no-action
If you are done configuring the device, commit the configuration.
[edit]user@host# commit

Verification

To verify the configuration is working properly, enter the show security idp command.

TechLibrary

Related Documentation