View Only


This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.

Expand all | Collapse all

IDP Direction on SRX

Jump to Best Answer
This thread has been viewed 0 times
  • 1.  IDP Direction on SRX

    Posted 03-28-2016 12:05
    Hi, My understanding says it is more worth to apply IDP only from Untrust to all zones direction as this is direction from where most attacks come from and decrease the amount of traffic processed by IDP if you have a lot LAN to LAN or cross site traffic over MPLS. Please share your insights. Am

  • 2.  RE: IDP Direction on SRX
    Best Answer

    Posted 03-30-2016 02:00

    Hello Ammy ,


    Generally we does not recommend to open policy from Untrust to Trust untill you have some web services or application hosting . But when you have untrust to trust policy , its advanced to have IDP policy for the same . But if you have appID or Apptracker , thats applied from trust to untrust based on requirement . Normally the IDP is applied from Untrust to trust .

  • 3.  RE: IDP Direction on SRX

    Posted 03-30-2016 07:47

    Thanks Sam.