Each entry point of the internet to the internal network must be protected by the firewall. The external firewall which faces direct to the Internet must be configured by default to deny all traffic not specifically permitted by the firewall security policy. This is to ensure that maximum network security is enforced against all un-trusted and unauthorized networks and in order to protect against Internet based attacks.
A Firewall can, if effectively deployed and maintained, limit the risk to an internal network of exploitation of vulnerabilities in the TCP/IP protocol suite by external parties. This is achieved by filtering the network traffic and preventing known harmful traffic from reaching the trusted network.
Evasive methods of delivering exploits continue to increase and the problem is further compounded by the growing number of application and OS vulnerabilities, as well as the increasing speed with which new attacks are created to exploit these vulnerabilities. Network security products such as Firewalls with the capabilities of preventing in-line network intruders are required. Consider the Juniper Networks IDP Series Intrusion Detection and Prevention Appliances.
Unwanted network and application-level attacks always inflict any damage into the networks and causing the cost overhead associated with the recovery effort. With Juniper IDP network security product, you can assure that the product will stop them before they cause the damage. Juniper IDP is powered by industry-recognized Stateful detection and prevention techniques to provide zero-day protection against worms, Trojans, spyware, key loggers, and other malware from penetrating the network or spreading from already infected users.
Juniper IDP network security product can provide information on rogue servers, as well as types and versions of applications and operating systems that may have unknowingly been added to the network.
Juniper IDP network security product series contain application signatures which go a step further by enabling accurate detection and reporting of volume used by applications such as instant messaging, social networking, or peer-to-peer. Juniper IDP have the knowledge of specific applications running in the network to allow you use application policy enforcement rules to easily manage these applications by limiting bandwidth, restricting their use, or prioritizing them lower with DiffServ marking. You can ensure that business-critical applications receive a predictable quality of service (QoS) while enforcing security policies to maintain compliance with corporate application usage policies.
Features and Benefits
Juniper IDP network security product series include the use of context, protocol information, and signatures to identify applications on any port. You can also enable rules and policies based on application traffic rather than ports that will help you protect or police standard applications on non-standard ports.
Juniper IDP series support more than 60 protocol decodes along with more than 500 contexts to enforce proper usage of protocols. With protocol decodes, the accuracy of signatures is improved through precise context of protocols.
Predefined and custom signatures
More than 6,200 predefined signatures are included for identifying anomalies, attacks, spyware, and applications. Customization of signatures to personalize the attack database is allowed. This will allow you identify the attacks accurately and detect any attempts at exploiting a known vulnerability.
Juniper IDP series provide reassembly, normalization, and protocol decoding to help overcome attempts to bypass other IDP Series detections by using obfuscation methods.
Application Volume Tracking (AVT)
AVT helps you to track and collect volumetric application usage information to create proper application policies based on observed network bandwidth consumption by application.
Juniper IDP provides Protocol anomaly detection and same-day coverage for newly found vulnerabilities to protect your networks against any new exploits.
IDP Series Intrusion Detection and Prevention Appliances are managed by Juniper Networks Network and Security Manager, a centralized, rule-based management solution offering granular control over the system’s behavior. NSM also provides easy access to extensive logging, fully customizable reporting, and management of all Juniper Networks firewall/VPN/IDP Series appliances from a single user interface. With the combination of highest security coverage, granular network control, and visibility and centralized management, the IDP Series is the best solution to keep critical information assets safe.
By Ki Grinsing