Manuals / Juniper Networks / Computer Equipment / Network Card

Juniper Networks IDP 800, IDP250, IDP8200 Connecting Forwarding Interfaces, Verifying Traffic Flow

Models: IDP250

1 68

Download 68 pages 1.06 Kb

Page 42

Connecting Forwarding Interfaces

IDP 75, 250, 800, and 8200 Installation Guide

In proxy-ARP or router mode, if you are using multiple subnets in your protected network, you must configure static routes on the IDP sensor to these subnets. Without static routes, incoming traffic to those subnets can be lost. Alternatively, you can create a static route from the IDP sensor to an internal gateway that contains inbound routes to the protected subnets. (This does not apply to the IDP 8200 sensor.)

Connecting Forwarding Interfaces

Connect the ports on the sensor to either the protected network or the external network. See “Planning an Installation” on page 1 for the configuration you chose to implement. See “NIC Bypass and Cable Choices” on page 12 for information on using NIC bypass with transparent mode.

Inline transparent mode makes use of pairs of interfaces. On most sensors, the pairs are horizontal port pairs 0-1and 2-3 on each NIC. Traffic in inline transparent mode only flows between paired interfaces. You cannot have traffic flow from port 0 to port 2, for example, in inline transparent mode.

Other modes, such as router and proxy-ARP mode, do support non-paired interfaces.

Verifying Traffic Flow

To verify that traffic is flowing through your sensor:

1.Make sure your sensor is connected to a live traffic feed.

2.Log onto the sensor as root using the console serial port, or open an SSH connection to the management port.

3.Type sctop and press Enter.

4.Type s to see status information.

5.Examine the following information on the screen:

Protocol Packets		Flows	Sessions	Peak	Peak Time
Other	2	0	0	1	08/09/2006 03:08:07
ICMP	3	0	0	0	08/08/2006 18:03:51
UDP	3386	3	1	7	08/08/2006 19:31:01
TCP	151164	12	6	9	08/09/2006 07:01:36

6. Make sure the UDP or TCP values are changing.

Connecting the High Availability Port

After you have set up both machines in the HA cluster, connect their HA ports to each other using a crossover cable.

28 Connecting Forwarding Interfaces

Image 42

Juniper Networks IDP 800 Connecting Forwarding Interfaces, Verifying Traffic Flow, Connecting the High Availability Port

Contents

Intrusion Detection and Prevention IDP 75, 250, 800, and 8200 Installation GuideJuniper Networks Releases 4.1r2a and AprilCopyright Notice FCC StatementDisclaimer Installing the Sensor Table of ContentsPlanning an Installation About This GuideChapter Index IDP 75, 250, 800, and 8200 Installation Guide vi„ Table of ContentsList of Figures IDP 75, 250, 800, and 8200 Installation Guide viii„ List of FiguresList of Tables IDP 75, 250, 800, and 8200 Installation Guide x„ List of TablesAbout This Guide AudienceConventions Web Access for Documentation DocumentationRequesting Technical Support About This Guide Self-HelpOnline Tools and ResourcesOpening a Case with JTAC Requesting Technical Support „IDP 75, 250, 800, and 8200 Installation Guide xiv„ Requesting Technical SupportPlanning an Installation Installation RoadmapChapter IDP Configuration Basics IDP Sensor PlacementIDP Sensor Deployment Mode Chapter 1 Planning an Installation IDP Configuration Basics „Figure 1 Sniffer Mode Passive Advantages IDP 75, 250, 800, and 8200 Installation Guide4„ IDP Configuration Basics DisadvantagesNetScreen-SecurityManager AdvantagesDisadvantages IDP 75, 250, 800, and 8200 Installation Guide 6„ IDP Configuration BasicsHardware Overview IDP SensorsChapter IDP 75 Sensor IDP 250 SensorIDP 800 Sensor IDP 8200 Sensor Configurable NIC States Traffic Ports Forwarding InterfacesSettings Normal StateNIC Bypass State Table 4 NIC State OptionsNICs Off State NIC Bypass and Cable ChoicesExternal Bypass Unit State IDP 75, 250, 800, and 8200 Installation GuideManagement Ports Power SuppliesPeer Port Modulation Console Serial PortIDP Sensor LEDs System Status LEDsManagement and High Availability Port LEDs Traffic Port LEDs Hard Drive LEDs on Front PanelTable 10 Hard Drive LED Definitions Power Supply LEDs on Back PanelTable 11 Power Supply LED Definitions Front Panel LEDInstalling the Sensor General Installation GuidelinesChapter Mounting Using Device Rack Rails Rack Mounting the IDP SensorRequired Tools Mounting Using Midmount Brackets Connecting Power Simple Configuration Configuring the IDP SensorInitial Configuration Options Simple Configuration SettingsSimple Configuration Values Advanced ConfigurationConnecting to the Sensor „9600 bps „8 data bits Using the Management Port to Configure the Sensor Connecting Directly Using the Management PortConnecting Remotely Using the Management Port Configuration Information QuickStart Simple ConfigurationACM Advanced Configuration Configuration InformationAdministrator’s Guide Configuration InformationManager Administrator’s Guide SectionConnecting Forwarding Interfaces Connecting the High Availability PortVerifying Traffic Flow Adding Your Sensor to NSM NetScreen-SecurityManager Installation GuideAdding the Sensor to NSM Chapterb.Select Device is Reachable default Figure 12 Begin Add Device ProcedureFigure 13 Add Device Wizard - Device Name 6. Enter the following connection information b.Log in as root Checking the Status of Your Sensor Figure 19 Viewing Device StatusIDP 75, 250, 800, and 8200 Installation Guide 34„ Checking the Status of Your SensorUpdating Software on the Sensor Loading a Sensor Image into NSMChapter Upgrading Sensor Software Updating IDP Sensor Software Without NSMReimaging the IDP Sensor IDP 75, 250, 800, and 8200 Installation Guide 38„ Reimaging the IDP SensorServicing the Device Replacing a Power Supply IDP 800, and 8200 OnlyRemove a Power Supply ChapterInstall a Power Supply Replacing a Hard Drive IDP 800 and 8200 OnlyRemove a Hard Drive Install a Hard Drive IDP 75, 250, 800, and 8200 Installation Guide 42„ Replacing a Hard Drive IDP 800 and 8200 OnlyBridge Mode Advanced ConfigurationAdvanced Deployment Modes ChapterAdvantages IDP 75, 250, 800, and 8200 Installation GuideFigure 21 Bridge Mode DisadvantagesAdvantages Router ModeFigure 22 Router Mode DisadvantagesProxy-ARPMode IDP High Availability Deployment ModesSpecifications Appendix AIDP 75 Technical Specifications IDP 250 Technical Specifications IDP 800 Technical Specifications IDP 8200 Technical Specifications Safety Compliance EMI ComplianceImmunity Index IDP 75, 250, 800, and 8200 Installation Guide 54 „ Index