SRX

Expand all | Collapse all

IDP ( ip actions)

Jump to Best Answer
  • 1.  IDP ( ip actions)

    Posted 06-03-2017 13:43

    i have a confusion regarding IP-actions which stop future attacks with matching attributes...

    why do i need to use it when the IDP policy itself stop the attack and record the target source address ???



  • 2.  RE: IDP ( ip actions)
    Best Answer

    Posted 06-03-2017 15:45

    Hi !

     

    IDP policy evaluation going through all rules is a quite time and CPU-cycle consuming task.

    If the same attack ( same packet) comes in again and again, with IP-action the attack is stopped without further evaluation of the IDP rules.

    ( it is like a cached result you are using before evaluating the packet further)

     

    regards

     

    Alexander