Message Image

Skip main navigation (Press Enter).

SRX

View Only

last person joined: yesterday

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

Back to discussions

Expand all | Collapse all

IDP ( ip actions)

Jump to Best Answer

Erdem06-03-2017 13:43

i have a confusion regarding IP-actions which stop future attacks with matching attributes... why do ...

alexander.marhold06-03-2017 15:45Best Answer

Hi ! IDP policy evaluation going through all rules is a quite time and CPU-cycle consuming task. ...

1. IDP ( ip actions)

0 Recommend
Erdem
Posted 06-03-2017 13:43

Reply Reply Privately
i have a confusion regarding IP-actions which stop future attacks with matching attributes...

why do i need to use it when the IDP policy itself stop the attack and record the target source address ???
2. RE: IDP ( ip actions)
Best Answer

0 Recommend
alexander.marhold
Posted 06-03-2017 15:45

Reply Reply Privately
Hi !

IDP policy evaluation going through all rules is a quite time and CPU-cycle consuming task.

If the same attack ( same packet) comes in again and again, with IP-action the attack is stopped without further evaluation of the IDP rules.

( it is like a cached result you are using before evaluating the packet further)

regards

Alexander

Powered by Higher Logic