Professional Documents
Culture Documents
Jun Sonde
Jun Sonde
Jun Sonde
Product Overview
With the growing number of
applications allowed in from the
Internet and the increased exposure
to sophisticated network attacks, its
ever more important for companies
to safeguard their networks. Evasive
methods of delivering exploits
continue to increase and the problem
is further compounded by the
growing number of application and
OS vulnerabilities, as well as the
increasing speed with which new
attacks are created to exploit these
vulnerabilities. Juniper Networks
IDP Series Intrusion Detection and
Prevention Appliances offer the
latest capabilities in in-line network
intrusion prevention system (IPS)
functionality to manage the use
of unwanted applications and
protect the network from a wide
range of attacks delivered by those
allowed applications. IDP Series
appliances deliver comprehensive
threat coverage and industryleading response time for maximum
protection of network resources.
Product Description
Juniper Networks IDP Series Intrusion Detection and Prevention Appliances provide
comprehensive management of unwanted applications and easy-to-use in-line protection
that stops network- and application-level attacks before they inflict any damage,
minimizing the time and costs associated with maintaining a secure network. Using
industry-recognized stateful detection and prevention techniques, the IDP Series provides
zero-day protection against worms, trojans, spyware, key loggers, and other malware from
penetrating the network or spreading from already infected users.
IDP Series Intrusion Detection and Prevention Appliances not only help protect networks
against attacks, they provide information on rogue servers, as well as types and versions
of applications and operating systems that may have unknowingly been added to
the network. Application signatures, available on the IDP Series, go a step further by
enabling accurate detection and reporting of volume used by applications such as
social networking, peer-to-peer, or instant messaging. Armed with the knowledge of
specific applications running in the network, administrators can use application policy
enforcement rules to easily manage these applications by limiting bandwidth, restricting
their use, or prioritizing them lower with DiffServ marking. Not only can administrators
control the access of specific applications, they can ensure that business-critical
applications receive a predictable quality of service (QoS) while enforcing security policies
to maintain compliance with corporate application usage policies.
Collaborative projects are commonplace in todays workplace. Making sure that security policies
are easily enforced requires knowledge of how those collaborative user groups are formed.
The IDP Series works in harmony with Juniper Networks Unified Access Control infrastructure
to enforce application and security policies based on user-role information learned from the
IC Series Unified Access Control Appliances. The IC Series interacts with companies Active
Directory (AD) or LDAP servers to assign users to roles and provides host information upon
which the IDP Series can act. This extends the application policy enforcement (APE) and IPS
rules for management of applications and more control over threats.
Feature
Feature Description
Benefit
Application awareness/
identification
Protocol decodes
Traffic interpretation
Zero-day protection
Recommended policy
As of June 2009, there are 6,200 signatures available with daily updates provided.
Feature
Feature Description
Benefit
Backdoor detection
IP spoofing detection
Layer 2 detection
Network honeypot
Feature
Feature Description
Benefit
QoS/DiffServ marking
Recommended actions
IPAction
VLAN-aware rules
Centralized Management
Centralized management of IDP Series appliances and firewall products is enabled through Network and Security Manager. NSM has tight
integration across multiple platforms that enables simple and intuitive network-wide security management.
Feature
Feature Description
Benefit
Role-based administration
Domains
Object locking
Job manager
Feature
Feature Description
Benefit
IDP reporter
Profiler
Security explorer
Application profiler
IDP75
IDP250
IDP800
IDP8200
Specifications
IDP75
IDP250
IDP800
IDP8200
Dimensions and
Power
Dimensions (W x H x D)
17 x 1.69 x 15 in
(43.2 x 4.3 x 38.1 cm)
17 x 1.69 x 15 in
(43.2 x 4.3 x 38.1 cm)
17 x 3.4 x 19 in
(43.2 x 8.6 x 48.3 cm)
17 x 3.4 x 19 in
(43.2 x 8.6 x 48.3 cm)
Weight
15 lb
16.5 lb
27 lb
41 lb
N/A
N/A
(Optional)
36 - 75 VDC, 24 - 11 A
Hot swappable, dual
Redundant, 710 W max
(Optional)
36 - 75 VDC, 24 - 11 A
Hot swappable, dual
redundant, 710 W max
75,000 hrs
73,000 hrs
108,000 hrs
73,000 hrs
Memory
1 GB
2 GB
4 GB
16 GB
Hard drive
80 GB
80 GB
2 x 74 GB Redundant RAID
1 array
2 x 74 GB Redundant RAID
1 array
Fixed I/O
N/A
N/A
N/A
Management
N/A
Max session
100,000
300,000
1 Million
5 Million
Throughput
150 Mbps
300 Mbps
1 Gbps
10 Gbps
Redundant power
No
No
Yes
Yes
DC
No
No
Yes
Yes
RAID
No
No
Yes
Yes
Built-in bypass
Yes
Yes
Yes
Yes
Operating temperature
41 to 104 F
(5 to 40 C)
41 to 104 F
(5 to 40 C)
41 to 104 F
(5 to 40 C)
41 to 104 F
(5 to 40 C)
Storage temperature
-40 to 158 F
(-40 to 70 C)
-40 to 158 F
(-40 to 70 C)
-40 to 158 F
(-40 to 70 C)
-40 to 158 F
(-40 to 70 C)
8% to 90% noncondensing
8% to 90% noncondensing
8% to 90% noncondensing
8% to 90% noncondensing
5% to 95% noncondensing
5% to 95% noncondensing
5% to 95% noncondensing
5% to 95% noncondensing
Altitude (operating)
10,000 ft
(3,048 m)
10,000 ft
(3,048 m)
10,000 ft
(3,048 m)
10,000 ft
(3,048 m)
Altitude (storage)
40,000 ft
(12,192 m)
40,000 ft
(12,192 m)
40,000 ft
(12,192 m)
40,000 ft
(12,192 m)
Ports
Performance
Redundancy
Environment
Ordering Information
Model Number
Model Number
Description
Accessories
IDP250
IDP800
IDP8200
Description
UNIV-74G-HDD
UNIV-PS-710W-DC
UNIV-PS-400W-AC
UNIV-PS-700W-AC
UNIV-PS-300W-AC
IDP-FLASH
IDP-FLASH-8200
UNIV-MR2U-FAN
UNIV-HE2U-FAN
IDP-10GE-2XFP
UNIV-HE2URAILKIT
IDP-1GE-4COP-BYP
UNIV-MR2URAILKIT
IDP-1GE-4SFP
IDP-1GE-4SX-BYP
UNIV-SFP-COP
UNIV-MR1URAILKIT
UNIV-SFP-FLX
UNIV-SFP-FSX
UNIV-SFP-FSR
UNIV-SFP-FLR
Management
NS-SM-S-BSE
NS-SM-ADD-50D
NS-SM-ADD-100D
APAC Headquarters
EMEA Headquarters
Phone: 35.31.8903.600
or 408.745.2000
Phone: 852.2332.3636
Fax: 408.745.2100
Fax: 852.2574.7803
Fax: 35.31.8903.601
www.juniper.net
Copyright 2012 Juniper Networks, Inc. All rights reserved. Juniper Networks, the Juniper Networks logo, Junos,
NetScreen, and ScreenOS are registered trademarks of Juniper Networks, Inc. in the United States and other
countries. All other trademarks, service marks, registered marks, or registered service marks are the property of
their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper
Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.