Manuals / Juniper Networks / Computer Equipment / Network Card

Juniper Networks IDP250, IDP8200, IDP 800 Proxy-ARPMode, IDP High Availability Deployment Modes

Models: IDP250

1 68

Download 68 pages 1.06 Kb

Page 60

Proxy-ARP Mode

IDP 75, 250, 800, and 8200 Installation Guide

Proxy-ARP Mode

Figure 23 shows a sensor that is configured in bridge mode. Table 16 lists the advantages and disadvantages of bridge mode.

Figure 23: Proxy-ARP Mode

		Internet
	Firewall			Hub or
	Firewall		IP 2.2.2.1	Switch
				Switch

		IP 1.1.1.1
		eth2
		IP 1.1.1.254
	IDP Sensor	Forwarding Interface		Management Server
				Management Server
				IP 2.2.2.4
	eth0 IP 2.2.2.7	eth3
	MGT Interface	IP 1.1.1.5
		Forwarding Interface
	Hub or
	Switch
				User Interface
				IP 2.2.2.5
	Server1	Server2	Server3
	IP 1.1.1.2	IP 1.1.1.3	IP 1.1.1.4
	GW 1.1.1.1	GW 1.1.1.1	GW 1.1.1.1
		Protected Machines

Table 16: Advantages and Disadvantages of Proxy-ARP Mode

Advantages	Disadvantages

Reliably responds to and prevents	Network nodes may need to update
attacks	cached ARP entries

Simple, transparent deployment

IDP High Availability Deployment Modes

You must deploy the IDP sensors in bridge, router, transparent, or proxy-ARP mode to enable a high availability solution.For details on deployment modes and HA clusters, see the NetScreen-Security Manager Administrator’s Guide.

46 IDP High Availability Deployment Modes

Image 60

Juniper Networks IDP250, IDP8200, IDP 800, IDP75 manual Proxy-ARPMode, IDP High Availability Deployment Modes

Contents

IDP 75, 250, 800, and 8200 Installation Guide Juniper NetworksIntrusion Detection and Prevention Releases 4.1r2a and AprilCopyright Notice FCC StatementDisclaimer Table of Contents Planning an InstallationInstalling the Sensor About This GuideChapter Index IDP 75, 250, 800, and 8200 Installation Guide vi„ Table of ContentsList of Figures IDP 75, 250, 800, and 8200 Installation Guide viii„ List of FiguresList of Tables IDP 75, 250, 800, and 8200 Installation Guide x„ List of TablesAbout This Guide AudienceConventions Web Access for Documentation DocumentationRequesting Technical Support Self-HelpOnline Tools and Resources Opening a Case with JTACAbout This Guide Requesting Technical Support „IDP 75, 250, 800, and 8200 Installation Guide xiv„ Requesting Technical SupportPlanning an Installation Installation RoadmapChapter IDP Configuration Basics IDP Sensor PlacementIDP Sensor Deployment Mode Chapter 1 Planning an Installation IDP Configuration Basics „Figure 1 Sniffer Mode Passive IDP 75, 250, 800, and 8200 Installation Guide 4„ IDP Configuration BasicsAdvantages DisadvantagesNetScreen-SecurityManager AdvantagesDisadvantages IDP 75, 250, 800, and 8200 Installation Guide 6„ IDP Configuration BasicsHardware Overview IDP SensorsChapter IDP 75 Sensor IDP 250 SensorIDP 800 Sensor IDP 8200 Sensor Configurable NIC States Traffic Ports Forwarding InterfacesNormal State NIC Bypass StateSettings Table 4 NIC State OptionsNIC Bypass and Cable Choices External Bypass Unit StateNICs Off State IDP 75, 250, 800, and 8200 Installation GuidePower Supplies Peer Port ModulationManagement Ports Console Serial PortIDP Sensor LEDs System Status LEDsManagement and High Availability Port LEDs Traffic Port LEDs Hard Drive LEDs on Front PanelPower Supply LEDs on Back Panel Table 11 Power Supply LED DefinitionsTable 10 Hard Drive LED Definitions Front Panel LEDInstalling the Sensor General Installation GuidelinesChapter Mounting Using Device Rack Rails Rack Mounting the IDP SensorRequired Tools Mounting Using Midmount Brackets Connecting Power Configuring the IDP Sensor Initial Configuration OptionsSimple Configuration Simple Configuration SettingsSimple Configuration Values Advanced ConfigurationConnecting to the Sensor „9600 bps „8 data bits Using the Management Port to Configure the Sensor Connecting Directly Using the Management PortConnecting Remotely Using the Management Port QuickStart Simple Configuration ACM Advanced ConfigurationConfiguration Information Configuration InformationConfiguration Information Manager Administrator’s GuideAdministrator’s Guide SectionConnecting Forwarding Interfaces Connecting the High Availability PortVerifying Traffic Flow NetScreen-SecurityManager Installation Guide Adding the Sensor to NSMAdding Your Sensor to NSM Chapterb.Select Device is Reachable default Figure 12 Begin Add Device ProcedureFigure 13 Add Device Wizard - Device Name 6. Enter the following connection information b.Log in as root Checking the Status of Your Sensor Figure 19 Viewing Device StatusIDP 75, 250, 800, and 8200 Installation Guide 34„ Checking the Status of Your SensorUpdating Software on the Sensor Loading a Sensor Image into NSMChapter Upgrading Sensor Software Updating IDP Sensor Software Without NSMReimaging the IDP Sensor IDP 75, 250, 800, and 8200 Installation Guide 38„ Reimaging the IDP SensorReplacing a Power Supply IDP 800, and 8200 Only Remove a Power SupplyServicing the Device ChapterInstall a Power Supply Replacing a Hard Drive IDP 800 and 8200 OnlyRemove a Hard Drive Install a Hard Drive IDP 75, 250, 800, and 8200 Installation Guide 42„ Replacing a Hard Drive IDP 800 and 8200 OnlyAdvanced Configuration Advanced Deployment ModesBridge Mode ChapterIDP 75, 250, 800, and 8200 Installation Guide Figure 21 Bridge ModeAdvantages DisadvantagesRouter Mode Figure 22 Router ModeAdvantages DisadvantagesProxy-ARPMode IDP High Availability Deployment ModesSpecifications Appendix AIDP 75 Technical Specifications IDP 250 Technical Specifications IDP 800 Technical Specifications IDP 8200 Technical Specifications Safety Compliance EMI ComplianceImmunity Index IDP 75, 250, 800, and 8200 Installation Guide 54 „ Index