[Contents] [Prev] [Next] [Index] [Report an Error]

J-Web Configuration

To enable IDP in a security policy:

  1. Create a security policy. The following tasks create a policy idp-app-policy-1 for traffic traversing from Zone1 to Zone2:
    1. Select Configuration>View and Edit>Edit Configuration. The Configuration page appears.
    2. Next to Security, click Configure or Edit.
    3. Next to Policies, select the check box and click Configure.
    4. Next to Policy, click Add new entry.
    5. In the From zone name box, type Zone1.
    6. In the To zone name box, type Zone2.
    7. Next to Policy, click Add new entry.
    8. In the Policy name box, type idp-app-policy-1.
  2. Specify the match conditions for the traffic flowing in one direction. The following tasks specify that traffic from any source address, to any destination address and with any application type, matches the criteria for this policy:
    1. Next to Match, select the check box, and click Configure.
    2. From the Source Address choice list, select Source address.
    3. Next to Source address, click Add new entry.
    4. From the Value keyword list, select Any and click OK.
    5. From the Destination Address choice list, select Destination address.
    6. Next to Destination address, click Add new entry.
    7. From the Value keyword list, select Any and click OK.
    8. From the Application choice list, select Application.
    9. Next to Application, click Add new entry.
    10. From the Value keyword list, select Any and click OK.
  3. Specify the action to be taken on traffic that matches the specified conditions. The following tasks permit all traffic matching the specified criteria and direct it to be checked against IDP rulebases:
    1. On the Policy name idp-app-policy-1 page, next the Then, select check box and click Configure.
    2. From the Action list, select Permit.
    3. Next to Permit, click Configure.
    4. Next to Application services, click Configure.
    5. Next to Idp, select the check box.
  4. Create another security policy for traffic in the other direction. The following tasks create another policy idp-app-policy-2 for traffic from Zone2 to Zone1:
    1. On the Policy page, next to Policy, click Add new entry.
    2. In the From zone name box, type Zone2.
    3. In the To zone name box, type Zone1.
    4. Next to Policy, click Add new entry.
    5. In the Policy name box, type idp-app-policy-2.
  5. Specify the match conditions for the traffic flowing in the other direction. The following tasks specify that traffic from any source, to any destination with any application type, matches the criteria for this policy:
    1. Next to Match, select the check box, and click Configure.
    2. From the Source Address choice list, select Source address.
    3. Next to Source address, click Add new entry.
    4. From the Value keyword list, select Any and click OK.
    5. From the Destination Address choice list, select Destination address.
    6. Next to Destination address, click Add new entry.
    7. From the Value keyword list, select Any and click OK.
    8. From the Application choice list, select Application.
    9. Next to Application, click Add new entry.
    10. From the Value keyword list, select Any and click OK.
  6. Specify the action to be taken on traffic that matches the conditions specified in the policy. The following tasks permit all traffic matching the specified criteria and direct it to be checked against IDP rulebases:
    1. On the Policy name idp-app-policy-2 page, next the Then, select check box and click Configure.
    2. From the Action list, select Permit.
    3. Next to Permit, click Configure.
    4. Next to Application services, click Configure.
    5. Next to Idp, select the check box.
  7. If you are finished configuring the router, commit the configuration.
[Contents] [Prev] [Next] [Index] [Report an Error]

Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice.