[Contents] [Prev] [Next] [Index] [Report an Error]

Updating the Signature Database Manually

Juniper Networks regularly updates the predefined attack database and makes it available on the Juniper Networks Web site. This database includes attack object groups that you can use in IDP policies to match traffic against known attacks. Although you cannot create, edit, or delete predefined attack objects, you can use the CLI to update the list of attack objects that you can use in IDP policies. After downloading the security package, you must install the package to update the security database with the newly downloaded updates from the Staging folder in your device.

Before You Begin
For background information, read: Updating the Signature Database Overview IDP Policies Overview Understanding the IDP Signature Database Understanding Predefined Attack Objects and Groups Establish basic connectivity. See the Getting Started Guide for your device. Configure network interfaces. See the JUNOS Software Interfaces and Routing Configuration Guide.

The configuration instructions in this topic describe how to download the security package with the complete table of attack objects and attack object groups, create a policy, and specify the new policy as the active policy. This example then describes how to download only the updates that Juniper Networks has recently uploaded and then update the attack database, running policy, and detector with these new updates.

You can use either J-Web or the CLI configuration editor to manually download and update the signature database.

This topic contains:

[Contents] [Prev] [Next] [Index] [Report an Error]