Gebruiksaanwijzing /service van het product IDP75 van de fabrikant Juniper Networks
Ga naar pagina of 68
Juniper Networks , Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408-745-200 0 www .juniper .net Part Number: 530-023834-01 Juniper Networ ks Intr usion Detection and Prevention IDP 75, 250, 800, and 8200 Installation Guide R eleases 4.1r2a and 4.
Copyright Notice Copyright © 2008 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo , NetScreen, and ScreenOS are registered tradem arks of Juniper Networks, Inc.
T able of Contents iii T able of Contents About This Guide xi Audience .............. ................ ............. ................ ................ ................ ............. . xi Conventions ...... ................ ................ .......
iv T able of Contents IDP 75, 250, 800, and 8200 Installation Guide Mounting Using Devic e Rack Rails ........................ ................ ................ ... 18 Mounting Usin g Midmount Brack ets ..... ................ ................ ....
Table of Contents T able of Conte nts v IDP 800 Tec hnical Specifica tions ......................... ............. ................ ............. 50 IDP 8200 Tech nical Specificat ions ....................... ................ ............. .......
vi T able of Content s IDP 75, 250, 800, and 8200 Installation Guide.
List of Fi gures vii List of F igures Figure 1: Sniffer Mode (Passive) ... ................ ................ ................ ................ .. 3 Figure 2: Transparent Mod e (Inline Active ) ..... ................ ................ ..............
viii List of F igures IDP 75, 250, 800, and 8200 Installation Guide.
List of T able s ix List of T ables Table 1: Notice Icons ............... ................. ................ ................ ............. ....... xi Table 2: Advantages and Di sadvantages o f Sniffer Mode ( Passive) . ............... 4 Table 3: Advantages and Disadvantages of Transparent Mode (Inline Active) 5 Table 4: NIC State Optio ns .
x List of T ables IDP 75, 250, 800, and 8200 Installation Guide.
Audience xi About This Guide This guide describes the phy sical features of Juniper Netw orks Intrusion Detection and Pre vention (IDP) solutio n: the IDP 75, IDP 250, IDP 80 0, and IDP 8200 sensors . It also explains how t o install, configure , update/reim age , and service the IDP system.
IDP 75, 250, 800, and 8200 Installation Guide xii Documentation Documentation This guide is shipped in the box with all new IDP senso rs . It provides the basic procedures f or getting your IDP system running. With each major software r elease , Juniper Networks pro vides the IDP Documentation CD.
Requesting T echnical Suppor t xiii About This Guide Self-Help Online T ools and Resources F or quick and easy problem r esolution, Juniper Networks has designed an online self-service portal called the Customer Supp ort Center (CSC) that provides y ou with the follo wing features: Find CSC offerings: http://www .
IDP 75, 250, 800, and 8200 Installation Guide xiv Requesting T echnical Suppor t.
Installation Roadmap 1 Chapter 1 Planning an Installation This chapter pro vides an overvie w of ID P configuration options . This chapter has the follo wing sections: Installation R oadmap on page 1 IDP Configuration Basics on page 2 Installation Roadmap This section pro v ides a high-lev el roadmap of an IDP sensor inst allation.
IDP 75, 250, 800, and 8200 Installation Guide 2 IDP Configuration Basics 8. A dd the sensor as an object in NSM using the A dd Device wizar d. Select Device Manager > Secur ity De vices fr om the left navigational pane , and then click the + button.
IDP Configuration Basics 3 Chapter 1: Planning an Installation T o use an IDP senso r as a passive intrusion detection system without pre vention capabilities, deploy the sensor in passive sniffer mode to monit or and log network traffic .
IDP 75, 250, 800, and 8200 Installation Guide 4 IDP Configuration Basics Figure 2: T ransparent Mode (Inline Active) T able 3 lists the adv antages and the dis adv ant age s of using the sensor in active transpar ent (inline) mode .
IDP Configuration Basics 5 Chapter 1: Planning an Installation NetScreen-Security Manag e r Use NetScreen-Security Manager to administer the sensor . See the NetScreen-Security Manager A dministrator’ s Gu ide to tailor y our security policy to your network.
IDP 75, 250, 800, and 8200 Installation Guide 6 IDP Configuration Basics.
IDP Sensors 7 Chapter 2 Hard w are Over vie w This chapter pro vides detailed descriptions of the Juniper Networks IDP sensors and their components .
IDP 75, 250, 800, and 8200 Installation Guide 8 IDP Sensors IDP 75 Sensor The IDP 75 sensor is optimal for small networks or low-speed ne twork segments .
IDP Sensors 9 Chapter 2: Hardware Overview One USB port T wo IOC slots (each IOC containing four gigabit ports) T wo built-in cop per Ethernet ports (1 0/1 00/1 000 Mbps) Figure 5: IDP 800 F ront P anel IDP 8200 Sensor The IDP 8200 sensor is optimal for large centr al sites or high-traffic areas .
IDP 75, 250, 800, and 8200 Installation Guide 10 T raffic Ports (Forwarding Int erfaces) Figure 6: IDP 8200 F ront P anel T raffic P or ts (F orwarding Interfaces) The IDP 75, 250, 800, and 8200 sens ors ha ve traffic ports (f orwar ding interfaces), which are located on the front of each de vice .
T raffic Por ts (Forw arding Interfaces) 11 Chapter 2: Hardware Overview Normal State When the IDP is active and NICs are in the normal state , NICs only pass Lay er 2 traffic if in tr ansparent mode and if La y er 2 b ypass is enabled. NSRP packets are not passed, so external b ypass units do no t behave corr ectly .
IDP 75, 250, 800, and 8200 Installation Guide 12 T raffic Ports (Forwarding Int erfaces) The fiber Ethernet ports are standar d interfaces and do not incorporate the integrated b ypass feature . A utomatic b y pass is av ailable for fiber ports through third-party de vices .
Management Ports 13 Chapter 2: Hardware Overview Peer Por t Modulation After peer port modulation (PPM) is enabled, the sensor deactivates all the interfaces in that virtual router if the link goes down fo r any of the interfaces in a virtual router .
IDP 75, 250, 800, and 8200 Installation Guide 14 IDP Sensor LEDs IDP Sensor LEDs This section describes the LEDs for the follo wing IDP sensor components: System st atus Management and hig.
IDP Sensor LEDs 15 Chapter 2: Hardware Overview Figure 8: LEDs for Management and HA Ports T raffic Por t LEDs The IDP 75, 250, 800, and 8200 sensor s each have tw o tr affic st atus LEDs on each traffic port. Har d Drive LEDs on F ront Panel The front panel of the sensors pro vi de access to har d disk drives f or 800 and 82 00 sensors only .
IDP 75, 250, 800, and 8200 Installation Guide 16 IDP Sensor LEDs Po w er Supply LEDs on Back Panel The back panel of the sensors pr ovide access t o pow er supplies on the 800 and 8200 sensors only . T able 1 1 show s the po wer sup ply LED definitions f or the 800 and the 8200 sensor s .
General Installation Guidelines 17 Chapter 3 Installing the Sensor This chapter describes how t o install the IDP sensor in an equipment rack. This chapter has the follo wing sections: General.
IDP 75, 250, 800, and 8200 Installation Guide 18 Rack Mounting the IDP Sensor Rack Mounting the IDP Sensor The location of the sensor an d the layout of your equipment rack or wiring room are crucial fo r proper sy stem operation. Use the follo wing guidelines while co nfiguring your equipment rack.
Rack Mounting the IDP Sensor 19 Chapter 3: Installing the Sensor Figure 9: Rail with Hinged Rear Bracket 2. Rot ate the hinges on both r ails so th at they allow the de vice to slide into the ra ck . 3. Slide the chassis into a set of r ails . 4. Secure the front br ackets t o the rack.
IDP 75, 250, 800, and 8200 Installation Guide 20 Connecting Pow er Figure 11: 1 RU Device (IDP 75) Midmount Brack et 2. Place the chassis int o position betwee n rack posts in the equipmen t rack and align the rack mounting brack et holes with the rack post holes.
Initial Configuration Options 21 Chapter 4 Configuring the IDP Sensor This chapter describes how to connect to the IDP sensor and configur e the device for y our network. After you hav e configured the sensor , you need t o connect the device in your network.
IDP 75, 250, 800, and 8200 Installation Guide 22 Connecting to the Sensor Simple Configuration V alues A simple configuration has the follo wing settings and values: Root passwor d—abc123 .
Connecting to the Sensor 23 Chapter 4: Configuring the IDP Sensor T o configure your sensor using the console seria l port, do the follo wing: 1. Connec t one end of th e pro vided RJ-45 null mo dem serial c able t o the CONSOLE port located on th e front of the senso r chassis .
IDP 75, 250, 800, and 8200 Installation Guide 24 Connecting to the Sensor The system configures y our interfaces . The following te xt appears: Configuring de fault route.. . The current default ro ute is: X.X. X.X Do you want to change th e default route ? (y/n) [n] 9.
Connecting to the Sensor 25 Chapter 4: Configuring the IDP Sensor 2. On a connected computer , open a W eb bro wser . T ype https://192.168.1.1 . 3. T ype the default user name ( r oot ) and password ( abc123 ). 4. Skip t o “Simple or A dv anced Configur ation Using the Management P ort” on page 25.
IDP 75, 250, 800, and 8200 Installation Guide 26 Connecting to the Sensor QuickStar t Simple Configuration T able 12 provides the information y ou need for a simple configuration. ACM Advanced Configuration The A CM controls advanced configuration options, such as RADIUS, DNS, and SS H configuratio ns .
Connecting to the Sensor 27 Chapter 4: Configuring the IDP Sensor Networking Speed and duplex sett ings for IDP sensor i nterfaces . (Normally , these can be set to aut o-detect. With some switches , the speed and duplex settings hav e to be set manually .
IDP 75, 250, 800, and 8200 Installation Guide 28 Connecting Forwarding Interfaces In pro xy-ARP or router mode , if you ar e using multiple subnets in your pr otected network, you must configure st atic routes on the IDP sensor to these subnets . Without static r outes , incoming traffic t o those subnets can be lost.
Adding Y our Sensor to NSM 29 Chapter 5 Adding the Sensor to NSM This chapter describes how to add the IDP sensor to NetScreen-Security Manager (NSM) and push the Recommended policy . When you ha ve comp leted the steps in this chapter , y our IDP sensor will be protecting your netw ork.
IDP 75, 250, 800, and 8200 Installation Guide 30 Adding Y our Sensor to NSM Figure 12: Begin Add Device Procedure 4. On the Security Devices age , clic k the + button and select De vice to open the A dd Device wizar d (Figure 13). a. T ype a name and select a color to r epresent the de vice in the UI.
Adding Y our Sensor to NSM 31 Chapter 5: Adding the Sensor to NSM Figure 14: Add Device Wizard - Connection Settings 6. Enter the f ollowing connection inf ormation: a. Enter the IP address of the sensor . b . Enter admin in the A dmin User Name box.
IDP 75, 250, 800, and 8200 Installation Guide 32 Adding Y our Sensor to NSM 7. V erify the SSH ke y fingerpri nt to pr ev ent man-in-the-mid dle attacks: a. Connect a PC or terminal to the IDP sensor using the console serial port. b . Log in as r oot.
Checking the Status of Y our Sensor 33 Chapter 5: Adding the Sensor to NSM Figure 18: Add Device Wizard - Impor ting the Device 12. Click Finish to update the sensor with the Juniper Networks R ecommended policy . The Job Information dialog show s box th e st atus of the Update Device job .
IDP 75, 250, 800, and 8200 Installation Guide 34 Checking the Status of Y our Sensor.
Updating IDP Sensor Softwa re Using NSM Fir mware Manager 35 Chapter 6 Updating Softw are on the Sensor This chapter describe s how t o update the software on an IDP sensor .
IDP 75, 250, 800, and 8200 Installation Guide 36 U pdating IDP Sensor Softw are Without NSM Upgrading Sensor Softw are After you ha ve made the softwar e a vailable to NSM, y ou can use NSM to upgrade the sensor . T o upgrade the sensor using NSM: 1.
Reimaging the IDP Sensor 37 Chapter 6: Updating Software on the Sensor 7. Reboot the de vice when the script is finished. 8. T ype reboot and pr ess Enter . 9. Reconnect the HA cable after upgrad ing all of the se nsors in the cluster . 1 0. I n NSM, right-click the sensor in Device Manager , and then select A djust OS Ve r s i o n .
IDP 75, 250, 800, and 8200 Installation Guide 38 Reimaging the IDP Sensor.
Replacing a Pow er Supply (IDP 800, and 8200 Only) 39 Chapter 7 Ser vicing the De vice This chapter describes the service and main tenance of various components in your IDP sensors .
IDP 75, 250, 800, and 8200 Installation Guide 40 Replacing a Hard Drive (IDP 800 and 8200 Only) Install a Po w er Supply Y ou must hav e a pow er su pply bay a vailable bef ore y ou can install a pow er su pply . T o install a po wer supply: 1. T ake the new pow e r supply to the back of the device .
Replacing a Hard Drive (IDP 800 and 8200 Only) 41 Chapter 7: Servicing the Device T o re m ove a h ard d r i ve: 1. On the front of th e device identify the hard driv e y ou want t o remo v e . 2. Locate the blue release latch on the r ight side of the drive .
IDP 75, 250, 800, and 8200 Installation Guide 42 Replacing a Hard Drive (IDP 800 and 8200 Only).
Advanced Deployment Modes 43 Chapter 8 Advanced Configuration This chapter describes advanced configuration options and has the follo wing sections: A dvanced Deployment Modes on p age 43 .
IDP 75, 250, 800, and 8200 Installation Guide 44 Advanced Deployment Modes Figure 21: Bridge Mode T able 14: Advantages and Disadvantages of Bridge Mode Advantages Disadvantages Reliably r esp.
Advanced Deployment Modes 45 Chapter 8: Advanced Configuration Router Mode Figure 22 show s a sensor that is config ured in bridge mode . T able 15 lists the advant ag es and disadv antages of bridge mode .
IDP 75, 250, 800, and 8200 Installation Guide 46 IDP High Availability Deployment Modes Proxy-ARP Mode Figure 23 show s a sensor that is config ured in bridge mode .
47 Appendix A Specifications This appendix pro vides general specifications for the IDP sensors and st andards f or compliance . It has the follo wing sections: IDP 75 T echnical Specification.
IDP 75, 250, 800, and 8200 Installation Guide 48 IDP 75 T echnical Specifications IDP 75 T echnical Specifications T ables 17–20 list the physical, A C pow er , power cord , and environmental technical specifications for the IDP 75 sensor . T able 17: Physica l Specifications Specification Va l u e Height 1 RU (1.
IDP 250 T echnical Specifications 49 Appendix A: Specifications IDP 250 T echnical Specifications T ables 2 1–24 list the phy sical, A C power , power cor d, and environmental technical specifications for the IDP 250 sensor . T able 21: Physica l Specifications Specification V alue Height 2 RU (2.
IDP 75, 250, 800, and 8200 Installation Guide 50 IDP 800 T echnical Specifications IDP 800 T echnical Specifications T ables 25–28 list the physical, A C pow er , power cord , and environmental technical specifications for the IDP 800 sensor . T able 25: Physica l Specifications Specification V alue Height 2 RU (2.
IDP 8200 T echnical Specifications 51 Appendix A: Specifications IDP 8200 T echnical Specifications T ables 29–32 list the physical, A C pow er , power cord , and environmental technical specifications for the IDP 8200 sensor . T able 29: Physica l Specifications Specification V alue Height 2 RU (2.
IDP 75, 250, 800, and 8200 Installation Guide 52 Safety Compliance Safety Compliance UL 60950, Thir d Edition — Safety of Information T echnology Equipment CS A C2.
Index 53 Index A AC M configuration information......... .............. ................. .. 26 audience f or documentatio n ................. ................. ............ xi B bypass mode internal bypass ................... .............. .....
IDP 75, 250, 800, and 8200 Installation Guide 54 Index.
Een belangrijk punt na aankoop van elk apparaat Juniper Networks IDP75 (of zelfs voordat je het koopt) is om de handleiding te lezen. Dit moeten wij doen vanwege een paar simpele redenen:
Als u nog geen Juniper Networks IDP75 heb gekocht dan nu is een goed moment om kennis te maken met de basisgegevens van het product. Eerst kijk dan naar de eerste pagina\'s van de handleiding, die je hierboven vindt. Je moet daar de belangrijkste technische gegevens Juniper Networks IDP75 vinden. Op dit manier kan je controleren of het apparaat aan jouw behoeften voldoet. Op de volgende pagina's van de handleiding Juniper Networks IDP75 leer je over alle kenmerken van het product en krijg je informatie over de werking. De informatie die je over Juniper Networks IDP75 krijgt, zal je zeker helpen om een besluit over de aankoop te nemen.
In een situatie waarin je al een beziter van Juniper Networks IDP75 bent, maar toch heb je de instructies niet gelezen, moet je het doen voor de hierboven beschreven redenen. Je zult dan weten of je goed de alle beschikbare functies heb gebruikt, en of je fouten heb gemaakt die het leven van de Juniper Networks IDP75 kunnen verkorten.
Maar de belangrijkste taak van de handleiding is om de gebruiker bij het oplossen van problemen te helpen met Juniper Networks IDP75 . Bijna altijd, zal je daar het vinden Troubleshooting met de meest voorkomende storingen en defecten #MANUAl# samen met de instructies over hun opplosinge. Zelfs als je zelf niet kan om het probleem op te lossen, zal de instructie je de weg wijzen naar verdere andere procedure, bijv. door contact met de klantenservice of het dichtstbijzijnde servicecentrum.