Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Create and Manage IPS Signature Static Groups

The signature database in Juniper Security Director Cloud contains predefined intrusion prevention system (IPS) signature static groups.

You can create customized IPS signature static groups from the Create IPS Signature Static Group page. You must have the tenant administrator role or a custom role assigned with the appropriate IPS tasks to create customized IPS signature static groups.

Static groups enable better manageability because you can group different types of signatures into one entity.

Create IPS Signature Static Groups

  1. Select SRX > Security Subscriptions > IPS > IPS Signatures.

    The IPS Signatures page opens.

  2. Select Create > Static Group.

    The Create IPS Signature Static Group page opens.

  3. Complete the configuration according to the following guidelines:
    Table 1: Create IPS Signature Static Group Settings

    Setting

    Guideline

    Name

    Enter a unique name for the IPS signature static group that is a string of maximum 127 characters without spaces.

    The string can contain alphanumeric characters and special characters, such as colons, hyphens, periods, and underscores.

    The IPS signature link is not available for a static group.

    Description

    Enter a description of maximum 1024 characters for the IPS signature static group.

    Group Members

    Add one or more IPS signatures, static groups, or dynamic groups as members of the new static group.

    Note:

    You must add at least one IPS signature, static group, or dynamic group to proceed.

    • To add group members:

      1. Click the plus icon (Blue plus symbol suggesting an action like adding or expanding content.).

        The Add IPS Signatures page opens displaying the existing predefined and customized IPS signatures, static groups, and dynamic groups in a table.

      2. Select one or more group members by clicking the check boxes corresponding to the rows.

      3. Click OK.

        The previous page opens and the selected group members are displayed in the table.

    • To delete group members:

      1. Select the group members to delete, and click the trash can icon (Blue trash can icon representing delete or remove function.).

        A warning message asking you to confirm the deletion is displayed.

      2. Click Yes.

        The group members are deleted.
  4. Click OK.
    The IPS Signatures page opens with a message that the static group was successfully created. You can use the new IPS signature static group in an IPS rule or an exempt rule. You can then reference the IPS profile containing the rule in a firewall policy, which you can deploy on the device.

Manage IPS Signature Static Groups

You must have the tenant administrator role or a customized role assigned with the appropriate IPS tasks to modify customized IPS signature static groups.

  • Edit—Select the group, and then click the pencil icon (Blue pencil icon indicating edit functionality.). You cannot modify the group name.

    If the group was used in an IPS rule or exempt rule that is deployed on the device through the firewall policy, then the firewall policy is marked for deployment. You must deploy the firewall policy for the changes to take effect on the device.

  • Clone—Select the group, and then click More > Clone. You can clone predefined or customized groups and modify the parameters.

    You can use the cloned group in an IPS rule or an exempt rule. You can then reference the IPS profile containing the rule in a firewall policy, which you can deploy on the device.

  • Delete—Select the group, and then click the trash can icon (Blue trash can icon representing delete or remove function.). You can delete only customized (user-created) groups that are not used in an IPS or exempt rule. You cannot delete predefined (system-generated) groups.