1 / 9

Présentation IDP Sondes de détection d’intrusion

Présentation IDP Sondes de détection d’intrusion. Stéphane DAVAUDET Chef Produit Stephane.davaudet@westconsecurity.fr 01 41 85 10 09. Pain: Constant Noise Level. Viruses Spy-Ware Malicious users Worms More IT staff has to deal with this everyday Juniper IDP addresses this.

Télécharger la présentation

Présentation IDP Sondes de détection d’intrusion

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Présentation IDPSondes de détection d’intrusion Stéphane DAVAUDET Chef Produit Stephane.davaudet@westconsecurity.fr 01 41 85 10 09

  2. Pain: Constant Noise Level • Viruses • Spy-Ware • Malicious users • Worms • More • IT staff has to deal with this everyday • Juniper IDP addresses this

  3. IDS – Intrusion Detection System Typically out of line of the data flow on a tap. Evaluates deeper into the packet to validate protocol, search for exploits and anomalies. All 7 layers of the OSI model can be parsed. HELP IDS Dynamic ACL request sent to the router/firewall, or TCP RESET sent to close the session

  4. IPS – Intrusion Prevention System Typically inline of the data flow. Evaluates deeper into the packet to validate protocol, search for exploits and anomalies. All 7 layers of the OSI model can be parsed. Does not have to rely on other devices in the network to complete it’s task. IPS

  5. Les Produits « Standalone IDP » IDP 4.1 • IDP 1100C/F • Large central site or high traffic areas • 1 GB Max Throughput* • 500,000 Maximum Sessions • 4 GB Memory • HA Clustering • Fiber or Copper Gigabit Port Versions • Dual SCSI drives and redundant power • IDP 600C/F • Medium to large central site or high traffic areas • 500Mb Throughput • 200,000 Maximum Sessions • 4 GB Memory • HA Clustering • Fiber or Copper Gigabit Port Versions • Dual SCSI drives and redundant power • IDP 200 • Medium central site and large branch offices • 250Mb Throughput • 50,000 Maximum Sessions • 1 GB Memory • HA Clustering • and Integrated Bypass Ports • IDP 50 • Small network segments or low speed links • 50Mb Throughput • 10,000 Maximum Sessions • 1 GB Memory • Integrated Bypass Ports *As tested with IDP 3.0 software

  6. Juniper ISG 1000 Juniper ISG 2000 Les Modules IDP pour les Netscreen-ISG Le meilleur de la Sécurité + du réseau dans une même plateforme • « IDP Security Blade » pour • ISG 1000 • ISG 2000 • La Solution intégrée á 2 besoins : • Intégration de l’IDP á la Gateway (IDP et FW/VPN) • Les mêmes Hautes Performances des “standalone” Multi-Gig IDP

  7. IDP Modules – where do they fit ? IDP Modules can go in any one of the three slots (Slots#1-3) of the NetScreen-ISG 2000 System to make it a fully Integrated FW/VPN/IDP System! You can have up to 3 Security Modules in one ISG-2000 IDP SM (Slots # 1-3)

  8. Proof: Market Recognition • Highly recognized IPS product • Winner ‘Editors Choice’ – Network Computing: ‘The Great IPS Test’ • Winner ‘Best Multifunction Appliance’ – Network Computing (Well-Connected) • Winner ‘Best IPS Appliance’ – Network Computing (Well-Connected) • Winner ‘Product of the Year’ – SearchNetworking.com • Winner ‘Product of the Year’ – IDG Research / TechWorld • Winner ‘Best Deployment Scenario’ ISP Guide: City of Burbank, Juniper IDP Customer • Awarded ‘NSS Certification’ for Industry Approved IPS: IDP 600F • Winner ‘Product of the Year’ – ISG 1000 - ZDnet Australia • Winner ‘Editors Choice’ – IDP 200 - ZDnet Australia

  9. Les arguments clés IDP • Détections des anomalies dans les protocoles • Visualiser l’activité réseau (Security Explorer), rapports d’activité réseau • Mettre en place des règles de réaction en fonction des attaques

More Related