Juniper Networks IDP8200 - Manual

Audience „ xi About This Guide This guide describes the physical features of Juniper Networks Intrusion Detection and Prevention (IDP) solution: the IDP 75, IDP 250, IDP 800, and IDP 8200 sensors. It also explains how to install, configure, update/reimage, and service the IDP system. This preface ha...

IDP 75, 250, 800, and 8200 Installation Guide xii „ Documentation Documentation This guide is shipped in the box with all new IDP sensors. It provides the basic procedures for getting your IDP system running. With each major software release, Juniper Networks provides the IDP Documentation CD. The C...

Requesting Technical Suppor t „ xiii About This Guide Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: „ Find CSC offerings: ...

Installation Roadmap „ 1 Chapter 1 Planning an Installation This chapter provides an overview of IDP configuration options. This chapter has the following sections: „ Installation Roadmap on page 1 „ IDP Configuration Basics on page 2 Installation Roadmap This section provides a high-level roadmap o...

IDP 75, 250, 800, and 8200 Installation Guide 2 „ IDP Configuration Basics 8. Add the sensor as an object in NSM using the Add Device wizard. Select Device Manager > Security Devices from the left navigational pane, and then click the + button. See “Adding Your Sensor to NSM” on page 29. The Add ...

IDP Configuration Basics „ 3 Chapter 1: Planning an Installation To use an IDP sensor as a passive intrusion detection system without prevention capabilities, deploy the sensor in passive sniffer mode to monitor and log network traffic. If the sensor is attached to a network switch, you must configu...

IDP Configuration Basics „ 5 Chapter 1: Planning an Installation NetScreen-Security Manager Use NetScreen-Security Manager to administer the sensor. See the NetScreen-Security Manager Administrator’s Guide to tailor your security policy to your network. See the IDP Concepts & Examples Guide to i...

IDP Sensors „ 7 Chapter 2 Hardware Over view This chapter provides detailed descriptions of the Juniper Networks IDP sensors and their components. This chapter has the following sections: „ IDP Sensors on page 7 „ Traffic Ports (Forwarding Interfaces) on page 10 „ Management Ports on page 13 „ Hard ...

IDP 75, 250, 800, and 8200 Installation Guide 10 „ Traffic Por ts (Forwarding Interfaces) Figure 6: IDP 8200 Front Panel Traffic Por ts (Forwarding Interfaces) The IDP 75, 250, 800, and 8200 sensors have traffic ports (forwarding interfaces), which are located on the front of each device. Sensors ca...

Traffic Por ts (Forwarding Interfaces) „ 11 Chapter 2: Hardware Overview Normal State When the IDP is active and NICs are in the normal state, NICs only pass Layer 2 traffic if in transparent mode and if Layer 2 bypass is enabled. NSRP packets are not passed, so external bypass units do not behave c...

IDP 75, 250, 800, and 8200 Installation Guide 12 „ Traffic Por ts (Forwarding Interfaces) The fiber Ethernet ports are standard interfaces and do not incorporate the integrated bypass feature. Automatic bypass is available for fiber ports through third-party devices. NIC Bypass and Cable Choices Whe...

Management Por ts „ 13 Chapter 2: Hardware Overview Peer Por t Modulation After peer port modulation (PPM) is enabled, the sensor deactivates all the interfaces in that virtual router if the link goes down for any of the interfaces in a virtual router. All devices connected to the virtual router wil...

IDP 75, 250, 800, and 8200 Installation Guide 14 „ IDP Sensor LEDs IDP Sensor LEDs This section describes the LEDs for the following IDP sensor components: „ System status „ Management and high availability ports „ Traffic ports „ Hard drives „ Power supply (back panel) System Status LEDs The IDP 75...

IDP Sensor LEDs „ 15 Chapter 2: Hardware Overview Figure 8: LEDs for Management and HA Por ts Traffic Por t LEDs The IDP 75, 250, 800, and 8200 sensors each have two traffic status LEDs on each traffic port. Hard Drive LEDs on Front Panel The front panel of the sensors provide access to hard disk dr...

IDP 75, 250, 800, and 8200 Installation Guide 16 „ IDP Sensor LEDs Power Supply LEDs on Back Panel The back panel of the sensors provide access to power supplies on the 800 and 8200 sensors only. Table 11 shows the power supply LED definitions for the 800 and the 8200 sensors. Table 10: Hard Drive L...

General Installation Guidelines „ 17 Chapter 3 Installing the Sensor This chapter describes how to install the IDP sensor in an equipment rack. This chapter has the following sections: „ General Installation Guidelines on page 17 „ Rack Mounting the IDP Sensor on page 18 „ Connecting Power on page 2...

IDP 75, 250, 800, and 8200 Installation Guide 18 „ Rack Mounting the IDP Sensor Rack Mounting the IDP Sensor The location of the sensor and the layout of your equipment rack or wiring room are crucial for proper system operation. Use the following guidelines while configuring your equipment rack. „ ...

Rack Mounting the IDP Sensor „ 19 Chapter 3: Installing the Sensor Figure 9: Rail with Hinged Rear Bracket 2. Rotate the hinges on both rails so that they allow the device to slide into the rack. 3. Slide the chassis into a set of rails. 4. Secure the front brackets to the rack. 5. Rotate the rear b...

IDP 75, 250, 800, and 8200 Installation Guide 20 „ Connecting Power Figure 11: 1 RU Device (IDP 75) Midmount Bracket 2. Place the chassis into position between rack posts in the equipment rack and align the rack mounting bracket holes with the rack post holes. 3. Attach the rack-mounting brackets on...

Initial Configuration Options „ 21 Chapter 4 Configuring the IDP Sensor This chapter describes how to connect to the IDP sensor and configure the device for your network. After you have configured the sensor, you need to connect the device in your network. This chapter has the following sections: „ ...

IDP 75, 250, 800, and 8200 Installation Guide 22 „ Connecting to the Sensor Simple Configuration Values A simple configuration has the following settings and values: „ Root password—abc123 „ Fully qualified domain name—Blank „ High availability mode—Disabled „ RADIUS support—Disabled „ Network inter...

IDP 75, 250, 800, and 8200 Installation Guide 24 „ Connecting to the Sensor The system configures your interfaces. The following text appears: Configuring default route...The current default route is: X.X.X.XDo you want to change the default route? (y/n) [n] 9. Type Y , and then press Enter. The fol...

Connecting to the Sensor „ 25 Chapter 4: Configuring the IDP Sensor 2. On a connected computer, open a Web browser. Type https://192.168.1.1 . 3. Type the default user name ( root ) and password ( abc123 ). 4. Skip to “Simple or Advanced Configuration Using the Management Port” on page 25. Connectin...

IDP 75, 250, 800, and 8200 Installation Guide 26 „ Connecting to the Sensor QuickStar t Simple Configuration Table 12 provides the information you need for a simple configuration. ACM Advanced Configuration The ACM controls advanced configuration options, such as RADIUS, DNS, and SSH configurations....

IDP 75, 250, 800, and 8200 Installation Guide 28 „ Connecting Forwarding Interfaces In proxy-ARP or router mode, if you are using multiple subnets in your protected network, you must configure static routes on the IDP sensor to these subnets. Without static routes, incoming traffic to those subnets ...

Adding Your Sensor to NSM „ 29 Chapter 5 Adding the Sensor to NSM This chapter describes how to add the IDP sensor to NetScreen-Security Manager (NSM) and push the Recommended policy. When you have completed the steps in this chapter, your IDP sensor will be protecting your network. You must have NS...

IDP 75, 250, 800, and 8200 Installation Guide 30 „ Adding Your Sensor to NSM Figure 12: Begin Add Device Procedure 4. On the Security Devices age, click the + button and select Device to open the Add Device wizard (Figure 13). a. Type a name and select a color to represent the device in the UI. b. S...

Adding Your Sensor to NSM „ 31 Chapter 5: Adding the Sensor to NSM Figure 14: Add Device Wizard - Connection Settings 6. Enter the following connection information: a. Enter the IP address of the sensor. b. Enter admin in the Admin User Name box. c. Enter the password for the admin user name. The de...

Checking the Status of Your Sensor „ 33 Chapter 5: Adding the Sensor to NSM Figure 18: Add Device Wizard - Impor ting the Device 12. Click Finish to update the sensor with the Juniper Networks Recommended policy. The Job Information dialog shows box the status of the Update Device job. Checking the ...

Updating IDP Sensor Software Using NSM Firmware Manager „ 35 Chapter 6 Updating Software on the Sensor This chapter describes how to update the software on an IDP sensor. It has the following sections: „ Updating IDP Sensor Software Using NSM Firmware Manager on page 35 „ Updating IDP Sensor Softwar...

IDP 75, 250, 800, and 8200 Installation Guide 36 „ Updating IDP Sensor Software Without NSM Upgrading Sensor Software After you have made the software available to NSM, you can use NSM to upgrade the sensor. To upgrade the sensor using NSM: 1. From the menu bar, select Devices > Firmware > Cha...

Reimaging the IDP Sensor „ 37 Chapter 6: Updating Software on the Sensor 7. Reboot the device when the script is finished. 8. Type reboot and press Enter. 9. Reconnect the HA cable after upgrading all of the sensors in the cluster. 10. In NSM, right-click the sensor in Device Manager, and then selec...

Replacing a Power Supply (IDP 800, and 8200 Only) „ 39 Chapter 7 Ser vicing the Device This chapter describes the service and maintenance of various components in your IDP sensors. It has the following sections: „ Replacing a Power Supply (IDP 800, and 8200 Only) on page 39 „ Replacing a Hard Drive ...

IDP 75, 250, 800, and 8200 Installation Guide 40 „ Replacing a Hard Drive (IDP 800 and 8200 Only) Install a Power Supply You must have a power supply bay available before you can install a power supply. To install a power supply: 1. Take the new power supply to the back of the device. 2. Hold the po...

Replacing a Hard Drive (IDP 800 and 8200 Only) „ 41 Chapter 7: Servicing the Device To remove a hard drive: 1. On the front of the device identify the hard drive you want to remove. 2. Locate the blue release latch on the right side of the drive. (See Figure 20.) Figure 20: Hard Drive Latch in Close...

Advanced Deployment Modes „ 43 Chapter 8 Advanced Configuration This chapter describes advanced configuration options and has the following sections: „ Advanced Deployment Modes on page 43 „ IDP High Availability Deployment Modes on page 46 Advanced Deployment Modes Most IDP sensors are configured i...

Advanced Deployment Modes „ 45 Chapter 8: Advanced Configuration Router Mode Figure 22 shows a sensor that is configured in bridge mode. Table 15 lists the advantages and disadvantages of bridge mode. Figure 22: Router Mode Table 15: Advantages and Disadvantages of Router Mode Advantages Disadvantag...

IDP 75, 250, 800, and 8200 Installation Guide 46 „ IDP High Availability Deployment Modes Proxy-ARP Mode Figure 23 shows a sensor that is configured in bridge mode. Table 16 lists the advantages and disadvantages of bridge mode. Figure 23: Proxy-ARP Mode IDP High Availability Deployment Modes You mu...

„ 47 Appendix A Specifications This appendix provides general specifications for the IDP sensors and standards for compliance. It has the following sections: „ IDP 75 Technical Specifications on page 48 „ IDP 250 Technical Specifications on page 49 „ IDP 800 Technical Specifications on page 50 „ IDP...

IDP 75, 250, 800, and 8200 Installation Guide 48 „ IDP 75 Technical Specifications IDP 75 Technical Specifications Tables 17–20 list the physical, AC power, power cord, and environmental technical specifications for the IDP 75 sensor. Table 17: Physical Specifications Specification Value Height 1 RU...

IDP 250 Technical Specifications „ 49 Appendix A: Specifications IDP 250 Technical Specifications Tables 21–24 list the physical, AC power, power cord, and environmental technical specifications for the IDP 250 sensor. Table 21: Physical Specifications Specification Value Height 2 RU (2.9 inches) Wi...

IDP 75, 250, 800, and 8200 Installation Guide 50 „ IDP 800 Technical Specifications IDP 800 Technical Specifications Tables 25–28 list the physical, AC power, power cord, and environmental technical specifications for the IDP 800 sensor. Table 25: Physical Specifications Specification Value Height 2...

IDP 8200 Technical Specifications „ 51 Appendix A: Specifications IDP 8200 Technical Specifications Tables 29–32 list the physical, AC power, power cord, and environmental technical specifications for the IDP 8200 sensor. Table 29: Physical Specifications Specification Value Height 2 RU (2.9 inches)...

IDP 75, 250, 800, and 8200 Installation Guide 52 „ Safety Compliance Safety Compliance „ UL 60950, Third Edition — Safety of Information Technology Equipment „ CSA C2.22 No. 60950, Third Edition — Safety of Information Technology Equipment „ EN 60950, 2000 — Safety of Information Technology Equipmen...