Juniper Networks IDP250 Bedienungsanleitung

Stöbern Sie online oder laden Sie Bedienungsanleitung nach Vernetzung Juniper Networks IDP250 herunter. Juniper Networks IDP250 User's Manual Benutzerhandbuch

  • Herunterladen
  • Zu meinen Handbüchern hinzufügen
  • Drucken
  • Seite
    / 84
  • Inhaltsverzeichnis
  • LESEZEICHEN
  • Bewertet. / 5. Basierend auf Kundenbewertungen
Seitenansicht 0
IDP Series Intrusion Detection and Prevention Appliances
IDP250 Installation Guide
Release 5.0
Juniper Networks, Inc.
1194 North Mathilda Avenue
Sunnyvale, California 94089
USA
408-745-2000
www.juniper.net
Part Number: 530-029729-01, Revision 01
Seitenansicht 0
1 2 3 4 5 6 ... 83 84

Inhaltsverzeichnis

Seite 1 - IDP250 Installation Guide

IDP Series Intrusion Detection and Prevention AppliancesIDP250 Installation GuideRelease 5.0Juniper Networks, Inc.1194 North Mathilda AvenueSunnyvale,

Seite 2

x Table of ContentsIDP250 Installation Guide

Seite 3 - END USER LICENSE AGREEMENT

PrefaceThis preface includes the following topics: Objectives on page xi Audience on page xi Documentation Conventions on page xi Related Document

Seite 4

Table 2 on page xii defines text conventions used in this guide.Table 2: Text ConventionsExamplesDescriptionConvention Issue the clock source command.

Seite 5

Related DocumentationTable 4 on page xiii lists related IDP documentation.Table 4: Related IDP DocumentationDescriptionDocumentContains information ab

Seite 6

Table 5: Related NSM Documentation (continued)DescriptionDocumentDescribes how to configure and manage IDP devices using NSM. This guidealso helps in

Seite 7

Find solutions and answer questions using our Knowledge Base:http://kb.juniper.net/ Download the latest versions of software and review release not

Seite 8

xvi Requesting Technical SupportIDP250 Installation Guide

Seite 9 - Part 6 Index

Part 1Hardware and Software Overview Hardware Overview on page 3 Software Overview on page 15Hardware and Software Overview 1

Seite 10 - Table of Contents

2 Hardware and Software OverviewIDP250 Installation Guide

Seite 11 - Documentation Conventions

Chapter 1Hardware OverviewThis chapter includes the following topics: IDP250 Overview on page 3 Power Supply on page 4 Hard Drive on page 4 Fans o

Seite 12 - Table 3: Syntax Conventions

This product includes the Envoy SNMP Engine, developed by Epilogue Technology, an Integrated Systems Company. Copyright © 1986-1997, EpilogueTechnolog

Seite 13 - Related Documentation

Traffic Interface Ports on page 7 IDP250 Technical Specifications on page 59Power SupplyThe appliance has one power supply. It is a field replaceab

Seite 14 - Requesting Technical Support

USB PortThe appliance has a USB port you can use to reimage the appliance, if necessary.Serial Console PortThe console serial port provides access, us

Seite 15 - Opening a Case with JTAC

Table 7: Management Port LEDs (continued)DescriptionStateLEDConnection is 1000 Mbps.OrangeTX/RXConnection is 100 Mbps.GreenIf LINK indicates activity,

Seite 16

Table 8: High Availability Port LEDs (continued)DescriptionStateLEDConnection is 1000 Mbps.OrangeTX/RXConnection is 100 Mbps.GreenIf LINK indicates ac

Seite 17 - Software Overview on page 15

Table 9: Copper Port LEDsDescriptionStateLEDLink is present.Glows greenLINK ACTActivity.Blinks greenNo link present.OffConnection is 100 Mbps.GreenLIN

Seite 18

Table 10: Fiber Port LEDsDescriptionStateLEDLink is present.Glows greenLINK ACTActivity.Flashes greenNo link present.OffConnection is 100 Mbps.GreenLI

Seite 19 - Hardware Overview

Deployment ModeFor each virtual router, you select the deployment mode: Sniffer–In an out-of-path, sniffer mode deployment, the IDP appliance can det

Seite 20 - System Status LEDs

Figure 6: Internal BypassWhen the IDP operating system resumes healthy operations, it sends a reset signalto the traffic interfaces, and the interface

Seite 21 - Management Interface Port

External BypassThe External Bypass setting supports third-party external bypass units. When theIDP appliance is turned on and available, it sends NetS

Seite 22

When PPM is enabled, a PPM daemon monitors the health of IDP traffic interfacesbelonging to the same virtual router. If a traffic interface loses link

Seite 23 - Copper Ports

END USER LICENSE AGREEMENTREAD THIS END USER LICENSE AGREEMENT (“AGREEMENT”) BEFORE DOWNLOADING, INSTALLING, OR USING THE SOFTWARE. BY DOWNLOADING,INS

Seite 24 - Fiber Ports

If you enable Layer 2 bypass, the interfaces pass through IPv6, internetworkpacket exchange (IPX), Cisco Discovery Protocol (CDP), and interior gate

Seite 25 - Traffic Interface Features

Chapter 2Software OverviewThis chapter includes the following topics: On-Box Software Overview on page 15 Centralized Management with NSM Overview o

Seite 26 - Internal Bypass

Table 11: IDP On-Box Utilities (continued)UsageSoftwareYou can use the idp.sh utility to start, stop, or get status information onappliance processes.

Seite 27 - NICs Off

For IDP deployments, centralized management provides the following benefits: Centralized management for IDP appliances and other network devices Con

Seite 28 - Peer Port Modulation

18 J-Security Center Updates OverviewIDP250 Installation Guide

Seite 29 - Layer 2 Bypass

Part 2Performing the Installation Installation Overview on page 21 Installing the Appliance to Your Equipment Rack and ConnectingPower on page 23 P

Seite 30 - 14 ■ Traffic Interface Ports

20 Performing the InstallationIDP250 Installation Guide

Seite 31 - Software Overview

Chapter 3Installation OverviewThis chapter includes the following topics: Before You Begin on page 21 Basic Steps on page 22Before You BeginThe loca

Seite 32

Related Topics Common Criteria EAL2 Compliance on page 63Basic StepsTake the following basic steps to install the appliance and connect it to your n

Seite 33 - Chapter 2: Software Overview

Chapter 4Installing the Appliance to YourEquipment Rack and Connecting PowerThis chapter includes the following topics: Rack Mounting Kits and Requir

Seite 34

6. Confidentiality. The Parties agree that aspects of the Software and associated documentation are the confidential property of Juniper. As such, Cus

Seite 35 - Performing the Installation

Mounting to Midmount BracketsTo mount the appliance using the midmount brackets:1. Attach one rack-mounting bracket to each side of the chassis with t

Seite 36

Related Topics Rack Mounting Kits and Required Tools on page 23Mounting to Rack RailsTo mount the device to equipment rack rails:1. Attach the rails

Seite 37 - Installation Overview

2. Connect the other end of the power cable to the electrical outlet.26 Connecting PowerIDP250 Installation Guide

Seite 38 - Basic Steps

Chapter 5Performing the Initial NetworkConfiguration and Licensing TasksThis chapter includes the following topics: Performing the Initial Configurat

Seite 39 - Chapter 4

Table 13: Getting Started Configuration ToolsDefaults Applied:You Specify:Getting Started Tool Root password: abc123 Fully qualified domain name: Blan

Seite 40 - Mounting to Midmount Brackets

Getting Started with the EasyConfig Wizard (Serial Console Port)We recommend you get started by running the EasyConfig wizard to assign an IPaddress t

Seite 41 - Connecting Power

Mask: 255.255.255.0What IP address do you want to configure for the management interface? [192.168.1.1]7. Type an IP address and press Enter.T

Seite 42 - 26 ■ Connecting Power

To get started with the QuickStart wizard:1. Connect one end of an Ethernet cable to the management interface port and theother end to the Ethernet po

Seite 43 - Chapter 5

6. Type the default user name (root) and password (abc123).7. Click ACM to start the ACM wizard. Complete the wizard steps as described inthe online H

Seite 44

[root@localhost ~] scio lic add lic.txt9. Run the following scio command to verify you have successfully added the licensekey:[root@localhost ~] scio

Seite 45

agreements relating to the Software, whether oral or written (including any inconsistent terms contained in a purchase order), except that the terms o

Seite 46

34 Installing the Product License KeyIDP250 Installation Guide

Seite 47

Chapter 6Connecting the IDP Traffic Interfaces toYour Network and Verifying Traffic FlowThis chapter includes the following topics: Guidelines for Co

Seite 48

Table 14: Interface Connection Guidelines (continued)Cable Connection GuidelinesPortSniffer Mode – Copper Ports1.Connect one end of a CAT-5 straight-t

Seite 49 - Basic Steps on page 22

NOTE: IDP75, IDP250, IDP800, and IDP8200 support auto-MDIX.Connecting Devices That Do Not Support Auto-MDIXFor connections to a firewall or server, u

Seite 50

3. Slide the clip into the transceiver port until it clicks into place. Because the fit isclose, you may have to apply some pressure to seat the clip.

Seite 51 - Chapter 6

Part 3Adding the IDP Appliance to NSM Adding the IDP Appliance to NSM on page 41Adding the IDP Appliance to NSM 39

Seite 52 - Sniffer Mode – Copper Ports

40 Adding the IDP Appliance to NSMIDP250 Installation Guide

Seite 53

Chapter 7Adding the IDP Appliance to NSMThis chapter includes the following topics: Reviewing Compatibility with NSM on page 41 Adding a Reachable I

Seite 54 - Verifying Traffic Flow

To import an IDP device with a known IP address:1. In the NSM navigation tree, select Device Manager > Devices.Figure 12: NSM Add Device Wizard: Ad

Seite 55

Enter the password for the device admin user. You set the password foradmin when you ran the ACM Wizard. Enter the password for the device root use

Seite 57 - Chapter 7

5. Log into the IDP command-line interface and verify the SSH key fingerprint.Comparing the SSH key fingerprint information enables you to detectman-i

Seite 58

Figure 16: NSM Add Device Wizard: Add Device Confirmation8. Click Next to import the configuration from the IDP device. Upon success, NSMdisplays the

Seite 59

Figure 18: NSM Device Manager: Viewing Device StatusRelated Topics Reviewing Compatibility with NSM on page 41 Basic Steps on page 2246 Adding a

Seite 60

Part 4Upgrading Software and Installing FieldReplaceable Units Upgrading Software on page 49 Installing Field Replaceable Units on page 53 Reimagin

Seite 61 - 9. Click Finish

48 Upgrading Software and Installing Field Replaceable UnitsIDP250 Installation Guide

Seite 62

Chapter 8Upgrading SoftwareThis chapter includes the following topics: Updating Software (NSM Procedure) on page 49 Upgrading Software (CLI Procedur

Seite 63 - Replaceable Units

3. From the Select Software Image list, select the image file you just added to theNSM GUI server.4. In the Select Devices list, select the IDP device

Seite 64

3. Push a security policy update job to update attack objects in use in your securitypolicy:a. In NSM, select Devices > Configuration > Update D

Seite 65 - Upgrading Software

Next Steps: Download the IDP detector engine and NSM attack database updates to the NSMGUI server:1.From the NSM main menu, select Tools > View/Upd

Seite 66

Chapter 9Installing Field Replaceable UnitsThis chapter includes the following topics: Replacing a Power Supply on page 53Replacing a Power SupplyThe

Seite 67 - Chapter 8: Upgrading Software

Table of ContentsPreface xiObjectives ...xiAudience

Seite 68

The power supply LED turns amber to indicate that the power supply is receivingpower. The LED turns green to indicate that it is receiving power and i

Seite 69 - Chapter 9

Chapter 10Reimaging the ApplianceThis chapter includes the following topic: Reimaging and Relicensing an Appliance on page 55Reimaging and Relicensin

Seite 70 - 54 ■ Replacing a Power Supply

56 Reimaging and Relicensing an ApplianceIDP250 Installation Guide

Seite 71 - Reimaging the Appliance

Part 5Technical Specifications and ComplianceStatements Technical Specifications on page 59 Compliance Statements on page 61 Common Criteria EAL2 C

Seite 72

58 Technical Specifications and Compliance StatementsIDP250 Installation Guide

Seite 73 - Statements

Chapter 11Technical SpecificationsThis chapter includes the following topics: IDP250 Technical Specifications on page 59IDP250 Technical Specificatio

Seite 74

Table 17: Power Cord SpecificationsSpecificationsCountry UL-approved and CSA-certified Flexible cord minimum spec: No. 18 (1.5 mm2SVTor SJT, 3-conduct

Seite 75 - Technical Specifications

Chapter 12Compliance StatementsThis chapter includes the following topic: Standards Compliance on page 61Standards ComplianceTable 20: Standards Comp

Seite 76

62 Standards ComplianceIDP250 Installation Guide

Seite 77 - Compliance Statements

Chapter 13Common Criteria EAL2 ComplianceThis chapter includes the following topics: Common Criteria EAL2 Compliance on page 63Common Criteria EAL2 C

Seite 78 - 62 ■ Standards Compliance

Part 2 Performing the InstallationChapter 3 Installation Overview 21Before You Begin ...

Seite 79 - Chapter 13

64 Common Criteria EAL2 ComplianceIDP250 Installation Guide

Seite 80

Part 6Index Index on page 67Index 65

Seite 81 - Index on page 67

66 IndexIDP250 Installation Guide

Seite 82 - 66 ■ Index

IndexSymbols1998 Class A compliance...61AACM ...

Seite 83 - Index ■ 67

LEDsfault......4HA port.....

Seite 84 - 68 ■ Index

Part 4 Upgrading Software and Installing Field Replaceable UnitsChapter 8 Upgrading Software 49Updating Software (NSM Procedure) ......

Kommentare zu diesen Handbüchern

Keine Kommentare