Présentation IDP
Sondes de détection d’intrusion
Stéphane DAVAUDET
Chef Produit
[email protected]
01 41 85 10 09
Pain: Constant Noise Level
Viruses
Spy-Ware
Malicious users
Worms
More
IT staff has to deal with this everyday
Juniper IDP addresses this
IDS – Intrusion Detection System
Typically out of line of the data flow on a tap. Evaluates deeper into the packet to validate
protocol, search for exploits and anomalies. All 7 layers of the OSI model can be parsed.
IDS
HELP
Dynamic ACL request
sent to the
router/firewall, or TCP
RESET sent to close
the session
IPS – Intrusion Prevention System
Typically inline of the data flow. Evaluates deeper into the packet to validate
protocol, search for exploits and anomalies. All 7 layers of the OSI model can be
parsed. Does not have to rely on other devices in the network to complete it’s task.
IPS
Les Produits « Standalone IDP »
IDP 1100C/F
Large central site or high
traffic areas
• 1 GB Max Throughput*
IDP 600C/F
IDP 200
Medium central site and
large branch offices
IDP 50
Small network segments
or low speed links
• 50Mb Throughput
• 250Mb Throughput
• 50,000 Maximum Sessions
• 1 GB Memory
• HA Clustering
and Integrated Bypass Ports
• 10,000 Maximum Sessions
• 1 GB Memory
• Integrated Bypass Ports
*As tested with IDP 3.0 software
Medium to large central
site or high traffic areas
• 500Mb Throughput
• 200,000 Maximum Sessions
• 4 GB Memory
• HA Clustering
• Fiber or Copper Gigabit Port
Versions
•Dual SCSI drives and redundant
power
• 500,000 Maximum Sessions
• 4 GB Memory
• HA Clustering
• Fiber or Copper Gigabit Port
Versions
•Dual SCSI drives and redundant
power
Les Modules IDP pour les Netscreen-ISG
Le meilleur de la Sécurité + du réseau dans une même plateforme
« IDP Security Blade » pour
•
•
ISG 1000
ISG 2000
La Solution intégrée á 2 besoins :
•
•
Intégration de l’IDP á la Gateway (IDP et FW/VPN)
Les mêmes Hautes Performances des “standalone” Multi-Gig IDP
Juniper ISG 1000
Juniper ISG 2000
IDP Modules – where do they fit ?
IDP Modules can go in any one of the three slots (Slots#1-3) of the
NetScreen-ISG 2000 System to make it a fully Integrated FW/VPN/IDP System!
You can have up to 3 Security Modules in one ISG-2000
IDP SM
(Slots # 1-3)
Proof: Market Recognition
Highly recognized IPS product
•
•
•
•
•
•
•
•
•
Winner ‘Editors Choice’ – Network Computing: ‘The Great IPS Test’
Winner ‘Best Multifunction Appliance’ – Network Computing (Well-Connected)
Winner ‘Best IPS Appliance’ – Network Computing (Well-Connected)
Winner ‘Product of the Year’ – SearchNetworking.com
Winner ‘Product of the Year’ – IDG Research / TechWorld
Winner ‘Best Deployment Scenario’ ISP Guide: City of Burbank, Juniper IDP
Customer
Awarded ‘NSS Certification’ for Industry Approved IPS: IDP 600F
Winner ‘Product of the Year’ – ISG 1000 - ZDnet Australia
Winner ‘Editors Choice’ – IDP 200 - ZDnet Australia
Les arguments clés IDP
Détections des anomalies dans les protocoles
 Visualiser l’activité réseau (Security Explorer), rapports
d’activité réseau
 Mettre en place des règles de réaction en fonction des
attaques