Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Intrusion Detection and Prevention

  • Support logging for exempt rule matching (cSRX, SRX Series Firewalls, and vSRX 3.0)—Use exempt rule logging in the IDP system to monitor and analyze traffic patterns, detect potential security threats, and troubleshoot network issues. Administrators can examine logs to gain insights into traffic exempt from IDP rules and make informed network policy decisions. Enable logging functionality for exempt rules at the rule level for fine-grained monitoring and analysis of security events, enhancing system visibility.

    [See Support logging for exempt rule matching.]

  • IDP signature package server-side improvements (cSRX, SRX Series Firewalls, and vSRX3.0)—The IDP system now reports installation status to the signature server. The signature server uses information from multiple devices to decide if a signature package fails the integrity check globally. If a signature package does not pass integrity checks globally, it becomes unavailable for future downloads.

    [See IDP signature package server-side improvements.]

  • IDP intelligent offload per protocol (cSRX, SRX Series Firewalls, and vSRX 3.0)—The protocol-specific Intelligent-Offload Configuration feature in IDP enables administrators to set inspection depth limits for different protocols. Administrators can use this capability to enable or disable offloading on a per-protocol basis and to configure specific offload limits for protocols such as SSH and FTP. This flexibility optimizes resource usage and ensures efficient session inspections.

    Use the options in the set security idp sensor-configuration global intelligent-offload-tunable CLI command to modify the offload settings, specify the protocol, and adjust the offload limit.

    [See Intrusion Detection and Prevention Overview.]