Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
Example: Setting Memory and Session Limits for IDP Application Identification Services
This example shows how to configure memory and session limits for IDP application identification services.
Requirements
Before you begin:
- Configure network interfaces. See the Junos OS Interfaces Configuration Guide for Security Devices
. - Download the signature database. See Example: Updating the IDP Signature Database Manually.
Overview
In this example, you configure the limit so that only 600 sessions can run application identification at the same time. You also configure 5000 memory bytes as the maximum amount of memory that can be used for saving packets for application identification for one TCP session.
Configuration
Step-by-Step Procedure
To configure memory and session limits for IDP application identification services:
- Specify the session limit for application identification.[edit]user@host# set security idp sensor-configuration application-identification max-sessions 600
- Specify the memory limits for application
identification.[edit]user@host# set security idp sensor-configuration application-identification max-tcp-session-packet-memory 5000
- If you are done configuring the device,
commit the configuration.[edit]user@host# commit
Verification
To verify the configuration is working properly, enter the show security idp command.
