Tightly integrated into the entire Juniper Networks firewall/ VPN platforms is the Deep Inspection firewall, a proven, 3rd generation IPS solution that builds on the strengths of Stateful inspection and integrates Stateful signatures and protocol anomaly detection mechanisms to provide both network and application-level attack protection at the perimeter. Using policy-based management, administrators can pick and choose which protocols to inspect with protocol anomaly detection and/or Stateful signatures, what types of attacks to look for and which action to take if an attack is discovered. Attack coverage can be tailored to specific attack protection requirements using any one of four different Signature Packs1
• Base Signature Pack: Protects Internet-facing protocols and services with a wide range of worm, client-to-server, and server-to-client signatures.
• Server Signature Pack: Detects and blocks external attacks that are targeting server infrastructure.
• Client Signature Pack: Stops trojans, worms and other malware with an array of “client” oriented attack objects.
• Worm Mitigation Signature Pack: Detects client-to-server and server-to-client worms to deliver comprehensive worm coverage against mass, fast-moving worm outbreaks.
Would you like more information about Juniper IPS Services
Then please download the datasheet by clicking here
IPS (Deep Inspection FW) Specifications
Methods of detection - Two methods of detection:
- 1. Stateful Signatures
- 2. Protocol Anomaly (Zero-day coverage)
Worm protection - Yes
Trojan protection - Yes
Other malware protection - Yes
Reconnaissance protection - Yes
Client to server and server to client attack protection - Yes
Create custom attack signatures - Yes
Application contexts for signature customization - 90+
Stream Signatures for worm mitigation - Yes – in worm mitigation signature pack. Stream256 used in other signature packs.
Number of response options -
- Close: Severs connection and sends RST to client and server
- Close Server: Severs connection and sends RST to server
- Close Client: Severs connection and sends RST to client
- Drop: Severs connection without sending anyone a RST
- Drop Packet: Drops a particular packet, but does not sever connection
- Ignore: After detecting an attack signature or anomaly, the Juniper Networks NetScreen 5000 Series Security System makes a log entry and stops checking – or ignores – the remainder of the connection.
- None: No action
Attack notification mechanisms -
- Session Packet Log
- Session Summary
- E-mail
- SNMP
- Syslog
- Webtrends
Create and enforce appropriate application usage policies - Yes– For Instant messenger and Peer to Peer applications
Frequency of updates - Monthly and Emergency
Would you like to be the first to review this product? See the contribute tab.
Have you purchased or used this product before?
Why not help your fellow visitors by giving them the benefit of your opinion.
Simply click here to log in or register and enter a few details about your experience with this product.
Your personal details are not shared with others and your review is counted with others to form an average rating. To guard against spammers and inflammatory remarks - all reviews will be moderated before they are posted.