Manuals / Juniper Networks / Household Appliance / Home Security System

Juniper Networks IDP250 Centralized Management with NSM Overview, IDP On-BoxUtilities continued

Models: IDP250

1 84

Download 84 pages 43.14 Kb

Page 32

Table 11: IDP On-Box Utilities (continued)

IDP250 Installation Guide

Table 11: IDP On-Box Utilities (continued)

Software	Usage
idp.sh utility	You can use the idp.sh utility to start, stop, or get status information on
	appliance processes.
	For details, see the IDP Administration Guide.
sctop utility	You can use the sctop utility to monitor connection tables and view status.
	For details, see the IDP Administration Guide.
bypassStatus	You can use bypassStatus commands to display settings for the daemon
utility	that monitors traffic interface NIC state.
	For details, see the IDP Administration Guide.
IDP Reporter	You can use the IDP Reporter to view statistics on attacks IDP has detected
	and responded to, as well as application volume tracking (AVT) statistics.
	For details, see the IDP Reporter User’s Guide.

Centralized Management with NSM Overview

Juniper Networks Network and Security Manager (NSM) is a central management server capable of managing hundreds of IDP appliances and other Juniper Networks devices, such as ScreenOS firewalls, SA Series appliances, and IC Series appliances. You typically deploy NSM in a management subnet accessible to the NSM-managed devices.

Figure 9 on page 16 illustrates the flow of information between the tiers of the central management solution: the NSM user interface, the NSM server, and IDP appliances.

Figure 9: IDP-NSM Communication

The IDP configuration, security policies, attack objects, and log records are stored in NSM server databases and administered using the NSM user interface. Communication between the NSM server and IDP appliances, and between the NSM server and the NSM user interface, is encrypted and authenticated.

16■ Centralized Management with NSM Overview

Image 32

Juniper Networks IDP250 Centralized Management with NSM Overview, IDP On-BoxUtilities continued, IDP-NSMCommunication

Contents

IDP250 Installation Guide ReleaseJuniper Networks, Inc Part Number 530-029729-01,RevisionCopyright 2009, Juniper Networks, Inc END USER LICENSE AGREEMENT 7.Ownership. Juniper and Juniper’s licensors, respectively, retain ownership of all right, title, and interest including copyright in and to the Software, associated documentation, and all copies of the Software. Nothing in this Agreement constitutes a transfer or conveyance of any right, title, or interest in the Software or associated documentation, or a sale of the Software, associated documentation, or copies of the Software Page Page Hardware and Software Overview Table of ContentsPart Performing the Installation Adding the IDP Appliance to NSMPart PartIndex PartPart PartIDP250 Installation Guide x Table of ContentsPreface ObjectivesAudience Documentation ConventionsTable 2 Text Conventions Table 3 Syntax ConventionsBold typeface like this Click User ObjectsTable 5 Related NSM Documentation Related DocumentationTable 4 Related IDP Documentation Requesting Technical Support Self-HelpOnline Tools and ResourcesOpening a Case with JTAC IDP250 Installation Guide xvi Requesting Technical SupportHardware and Software Overview Hardware and Software OverviewPart IDP250 Installation Guide 2 Hardware and Software OverviewIDP250 Overview Hardware OverviewChapter Power Supply Hard DriveFans System Status LEDsUSB Port Serial Console PortManagement Interface Port Figure 2 Management Interface Port LEDsHigh Availability Interface Port Traffic Interface Ports Copper PortsFiber Ports Traffic Interface Features Guide Deployment ModeInternal Bypass NICs Off Figure 6 Internal BypassPeer Port Modulation External BypassLayer 2 Bypass Figure 8 Peer Port ModulationIDP250 Installation Guide 14 Traffic Interface PortsChapter Software OverviewOn-BoxSoftware Overview Figure 9 IDP-NSMCommunication Centralized Management with NSM OverviewTable 11 IDP On-BoxUtilities continued J-SecurityCenter Updates Overview IDP250 Installation Guide 18 J-SecurityCenter Updates OverviewPerforming the Installation PartIDP250 Installation Guide 20 Performing the InstallationChapter Installation OverviewBefore You Begin 22 Basic Steps Basic StepsIDP250 Installation Guide Rack Mounting Kits and Required Tools ChapterMounting to Midmount Brackets Figure 10 1-RUMidmount BracketConnecting Power Mounting to Rack RailsIDP250 Installation Guide 26 Connecting PowerPerforming the Initial Configuration ChapterTable 13 Getting Started Configuration Tools IDP250 Installation GuideDefaults Applied 28 Performing the Initial Configuration9600 bps 8 data bits 8.Type your netmask and press Enter To get started with the QuickStart wizard Installing the Product License Key root@localhost ~ scio lic add lic.txt Installing the Product License KeyRelated Topics Basic Steps on page IDP250 Installation Guide 34 Installing the Product License KeyChapter This chapter includes the following topicsConnecting Devices That Support Auto-MDIX Connecting and Disconnecting Fiber Cables Connecting Devices That Do Not Support Auto-MDIXConnecting Devices to Support Internal Bypass Verifying Traffic Flow Adding the IDP Appliance to NSM PartAdding the IDP Appliance to NSM on page Adding the IDP Appliance to NSMIDP250 Installation Guide 40 Adding the IDP Appliance to NSMReviewing Compatibility with NSM Adding a Reachable IDP Device to NSMAdding the IDP Appliance to NSM ChapterTo import an IDP device with a known IP address NOTE In NSM, passwords are case-sensitive b.Enter cd /etc/ssh c.Enter ssh-keygen -l -fssh host dsa key9.Click Finish 46 Adding a Reachable IDP Device to NSM IDP250 Installation GuideBasic Steps on page Installing Field Replaceable Units on page PartUpgrading Software on page Reimaging the Appliance on pageIDP250 Installation Guide Chapter Updating Software NSM ProcedureUpgrading Software 5.Click Next and complete the wizard steps Upgrading Software CLI Procedure c.Click OK Chapter Installing Field Replaceable UnitsReplacing a Power Supply IDP250 Installation Guide 54 Replacing a Power SupplyChapter Reimaging the ApplianceReimaging and Relicensing an Appliance IDP250 Installation Guide 56 Reimaging and Relicensing an ApplianceTechnical Specifications on page PartCompliance Statements on page Common Criteria EAL2 Compliance on pageIDP250 Installation Guide Chapter Technical SpecificationsIDP250 Technical Specifications Table 17 Power Cord Specifications Table 18 Environmental SpecificationsIDP250 Installation Guide SpecificationsChapter Compliance StatementsStandards Compliance IDP250 Installation Guide 62 Standards ComplianceCommon Criteria EAL2 Compliance Common Criteria EAL2 ComplianceChapter Table 21 Common Criteria EAL2 ComplianceIDP250 Installation Guide 64 Common Criteria EAL2 ComplianceIndex PartIndex on page IndexIDP250 Installation Guide 66 IndexSymbols Index