Navigation
Table of Contents
Guide That Contains This Content
[+] Expand All
[-] Collapse All
Verification
The following verification commands (with sample output) can be used to confirm that IDP is configured and working properly.
Results
- The show security idp status command output verifies that
IDP is configured and running.
root@vdc-edge-fw01-n1> show security idp statusnode0: -------------------------------------------------------------------------- State of IDP: Default, Up since: 2014-02-10 19:51:58 PST (3d 23:29 ago) Packets/second: 1 Peak: 4658 @ 2014-02-13 22:34:57 PST KBits/second : 1 Peak: 1459 @ 2014-02-13 22:34:57 PST Latency (microseconds): [min: 0] [max: 0] [avg: 0] Packet Statistics: [ICMP: 0] [TCP: 146727] [UDP: 523] [Other: 0] Flow Statistics: ICMP: [Current: 0] [Max: 42 @ 2014-02-13 09:14:29 PST] TCP: [Current: 2] [Max: 48 @ 2014-02-12 12:31:09 PST] UDP: [Current: 0] [Max: 30 @ 2014-02-12 06:00:33 PST] Other: [Current: 0] [Max: 0 @ 2014-02-10 19:51:58 PST] Session Statistics: [ICMP: 0] [TCP: 1] [UDP: 0] [Other: 0] Number of SSL Sessions : 0 Policy Name : HTTP-inspection Running Detector Version : 12.6.140140207 Forwarding process mode : regular node1: -------------------------------------------------------------------------- State of IDP: Default, Up since: 2014-02-11 10:40:32 PST (3d 08:40 ago) Packets/second: 0 Peak: 0 @ 2014-02-11 10:40:32 PST KBits/second : 0 Peak: 0 @ 2014-02-11 10:40:32 PST Latency (microseconds): [min: 0] [max: 0] [avg: 0] Packet Statistics: [ICMP: 0] [TCP: 0] [UDP: 0] [Other: 0] Flow Statistics: ICMP: [Current: 0] [Max: 0 @ 2014-02-11 10:40:32 PST] TCP: [Current: 0] [Max: 0 @ 2014-02-11 10:40:32 PST] UDP: [Current: 0] [Max: 0 @ 2014-02-11 10:40:32 PST] Other: [Current: 0] [Max: 0 @ 2014-02-11 10:40:32 PST] Session Statistics: [ICMP: 0] [TCP: 0] [UDP: 0] [Other: 0] Number of SSL Sessions : 0 Policy Name : HTTP-inspection Running Detector Version : 12.6.140140207
- Verify that the IDP attack table is configured and running
on the primary node.
root@vdc-edge-fw01-n1> show security idp attack tablenode0: -------------------------------------------------------------------------- node1: -------------------------------------------------------------------------- {primary:node1} - Verify that the IDP application statistics are incrementing
based on the configured IDP rule set. (output is truncated to show
the relevant packet counter on node1.)
root@vdc-edge-fw01-n1> show security idp application-statisticsnode0: -------------------------------------------------------------------------- IDP applications: application type packet count DNS 0 HTTP 0 LDAP 0 SSL 0 MSRPC 0 MSSQL 0 MYSQL 0 BGP 0 node1: -------------------------------------------------------------------------- IDP applications: application type packet count DNS 36 HTTP 4147 LDAP 0 SSL 747 MSRPC 0 MSSQL 0 MYSQL 0
