Example: Configuring IDP Policies for Application Identification (CLI)

For application identification to work, you must choose the default configuration option as the application type in an intrusion detection and prevention (IDP) policy rule. If you specify an application instead, the application identification feature is disabled and IDP matches the traffic with the specified application.

Before you begin, make sure that you have completed following:

1. Configure network interfaces. See the Junos OS Interfaces Configuration Guide for Security Devices.
2. Download the application package. See Updating Junos OS Application Identification Extracted Application Package Overview.

To configure an IDP policy for application identification:

1. Create an IDP policy, associate a rulebase with the policy, and define rules in the rulebase. The following statement creates an IDP policy ABC and defines rule 123 in the IPS rulebase:
   user@host# set security idp idp-policy ABC rulebase-ips rule 123
2. Specify the application type as a match condition in the policy. The following statement specifies default as the application type:
   user@host# set security idp idp-policy ABC rulebase-ips rule 123 match application default
3. Continue to configure other match conditions and actions for the policy. See Example: Defining Rules for an IDP IPS Rulebase.
4. If you are finished configuring the device, commit the configuration.
5. From configuration mode in the CLI, enter the show security idp command to verify the configuration. For more information, see the Junos OS CLI Reference.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• IDP Policies Overview
• Understanding Junos OS Application Identification Application Package
• Understanding IDP Application Identification
• Verifying Application System Cache Statistics
• Disabling Junos OS Application Identification (CLI Procedure)
• Example: Setting Memory and Session Limits for IDP Application Identification (CLI)