Step 1: Begin

Meet Juniper Networks Intrusion Detection and Prevention System

Juniper Network’s Intrusion Detection and Prevention (IDP) system, which is part of Junos OS, mitigates threats and protects against a wide range of attacks and vulnerabilities on your network. IDP constantly watches your network to identify and stop possible incidents, and then sends you a report of the actions it took.

The IDP signature database (also known as the attack database) is available as a security package on the Juniper Networks website. The attack database contains predefined IDP attack objects and IDP attack object groups that detect known attack patterns and protocol anomalies within network traffic. As new vulnerabilities are discovered, we periodically provide a file with updates to the attack database. With a valid license, you can download this file from the Juniper Networks website to protect your network from new threats.

The full IDP security package download includes policy templates that protect your network against the most common attacks. You can use the predefined IDP policy templates “as-is” or use them as a starting point to create new policies customized for your network.

In this guide, we walk you through how to install the IDP license, the IDP security package, and the IDP policy templates. Once you’re up and running, you’ll learn how to activate a policy template and enable an IDP action in a policy.

Let’s get started!

Create Your User Account

You need a Juniper user account to install the IDP security package. With a Juniper user account, you can view your company’s product information, participate in discussion forums with Juniper experts and networking peers, and open cases with our Customer Support team. If you don’t already have one, see Account Setup.

Set Up Your Device

First and foremost, install your Juniper device and verify you have network access. The quickest and easiest way to do this is to follow the three-step instructions in the Quick Start guide for your device model: Quick Start.

Juniper IDP runs on the following physical and virtual devices:

• Juniper Networks® SRX Series Services Gateways

• Juniper Networks® NFX150, NFX250, and NFX350 Network Services Gateways

• Juniper Networks® vSRX on Virtual Firewall on the Google Cloud platform

Download and Install IDP Licenses

Check Your Connection to the Update Server

Let’s make sure your device can access the update server on the Internet:

In addition to verifying network connectivity, this command also shows the remote database version.

Download and Install the IDP Security Package

1. Login to your device via CLI as the admin user.
2. Download the IDP security package.
3. Install the IDP security package.

Download and Install IDP Policy Templates

1. Download the predefined IDP policy templates.
2. Check the download status.
3. Install the IDP policy templates.
4. Verify that the templates are installed.

Activate the Policy Template Commit Script

1. Enable the templates.xsl scripts file.

   This saves the policy templates to the Junos OS configuration database. You can access the policy templates through the CLI at the [edit security idp idp-policy] hierarchy level.

2. Commit the configuration to activate the commit script.

Deactivate the Commit Script File

Once you’ve saved the commit script to the Junos OS configuration database, we recommend that you delete or deactivate it to avoid the risk of overwriting the predefined policies with your modifications.

Here’s how to delete or deactivate the commit script file:

Display the List of Predefined Policy Templates

The predefined policy templates in the attack database cover a wide range of network attack scenarios. You can view a list of the predefined policy templates using the set security idp default-policy ? command.