Juniper NS-IDP-1100F Intrusion Detection & Protection Start Price USD 30,000.00 Current Price USD 30,000.00 Time Left - Bid Count 0 Buy It Now Price - Reserve Price - Start Time Sunday, June 29, 2008 End Time Wednesday, July 09, 2008 Location Deutsch Wagram See more about 'Juniper NS-IDP-1100F Intrusion Detection & Protection' Description EXCESS STOCK FROM COMPANY TAKEOVER FACTORY NEW, WARRANTY EXPIRED The Juniper Networks Intrusion Detection and Prevention (IDP) products provide comprehensive and easy-to-use in-line protection to stop network and application-level attacks before they inflict any damage to the network, minimizing the time and costs associated with maintaining a secure network. Using industry-recognized stateful detection and prevention techniques, Juniper Networks IDP provides zero-day protection against worms, trojans, spyware, keyloggers and other malware from penetrating the network or spreading from already infected users to others. Juniper Networks IDP not only helps protect networks against attacks, it provides information on rogue servers as well as types and versions of applications and operating systems that may have unknowingly been added to the network. Armed with the knowledge that applications such as peer-to-peer or instant messaging have been added to the network, administrators can more easily enforce security policies and maintain compliance with corporate application use policy. Juniper Networks IDP also provides DiffServ markings to allow the upstream router to enforce bandwidth limitations on nonessential applications. Not only can administrators control the access of specific applications, but they can ensure that business-critical applications receive a predictable quality of service. Juniper Networks IDP products are managed by Juniper Networks Netscreen Security Manager (NSM), a centralized, rule-based management solution offering granular control over the system’s behavior, easy access to extensive logging, fully customizable reporting and management of all Juniper FW/VPN/IDP systems from a single user interface. With the combination of highest security coverage, granular network control and visibility, and centralized management, Juniper Networks IDP is the best solution to keep critical information assets safe. Juniper Networks IDP 1100 offer market-leading IPS capabilities to large enterprises as well as service providers. Supporting various high-availability options, the Juniper IDP 1100 offer continual security coverage for enterprise and service provider networks. Features and Benefits Traffic Detection Methods Juniper Networks IDP products offer a combination of eight different detection methods to accurately identify the traffic flowing through the network. While providing the highest flexibility, the various detection methods also minimize false positives. Feature Feature Description Benefit Stateful Signature Detection Signatures are applied only to relevant portions of the network traffic determined by the appropriate protocol context. Minimize false positives. Protocol Anomaly Detection Protocols usage against published RFCs is verified to detect any violations or abuse. Proactively protect network from undiscovered vulnerabilities. Backdoor Detection Heuristic-based anomalous traffic patterns and packet analysis detect trojans and rootkits. Prevent proliferation of malware in case other security measures have been compromised. Traffic Anomaly Detection Heuristic rules detect unexpected traffic patterns that may suggest reconnaissance or attacks. Proactively prevent reconnaissance activities or block DDOS attacks. IP Spoofing Detection The validity of allowed addresses inside and outside the network are checked. Permit only authentic traffic while blocking disguised source. DoS Detection SYN cookie-based protection from SYN flood attacks. Protect your key network assets from being overwhelmed with SYN floods. Layer 2 Detection Layer 2 attacks are detected using implied rules for ARP table restrictions, fragment handling, connection timeouts and byte/length thresholds for packets. Prevent compromised host from polluting an internal network using methods such as ARP cache poisoning. Network Honeypot Open ports are impersonated with fake resources to track reconnaissance activities. Gain insight into real-world network threats and proactively defend your network before a critical asset can be attacked. IDP Capabilities Juniper Networks IDP products offer several unique features that assure the highest level of network security. Feature Feature Description Benefit Protocol Decodes More than 60 protocol decodes are supported along with more than 500 contexts to enforce proper usage of protocols. Accuracy of signatures are improved through precise contexts of protocols. Signatures1 There are more than 5500 signatures for identifying anomalies, attacks, spyware and applications. Attacks are accurately identified and attempts at exploiting a known vulnerability are detected. Traffic Interpretation Reassembly, normalization and protocol decoding are provided. Overcome attempts to bypass other IDP detections by using obfuscation methods. Application Awareness/Identification Use context, protocol information and signatures to identify applications on any port. Enable rules and policies based on application traffic rather than ports — protect or police standard applications on non-standard ports. Zero-Day Protection Protocol anomaly detection and same-day coverage for newly found vulnerabilities are provided. Your network is already protected against any new exploits. Recommended Policy Group of attack signatures are identified by Juniper Networks Security Team as critical for typical enterprise to protect against. Installation and maintenance are simplified while ensuring the highest network security. Multi-Operational Modes Various configuration modes are available including Sniffer, Transparent, Bridge and Router mode. Provide flexibility to deploy an IDP in wide range of network scenarios. Granular Traffic Control To support a wide range of business requirements, Juniper Networks IDP products offer granular control over the flow of traffic in the network. Feature Feature Description Benefit Active Traffic Responses Various response methods are supported including drop packet, drop connection, close client, close server and close client/server. Provide appropriate level of response to attacks. QoS/DiffServ Marking Packets are marked using DSCP. Optimize network and ensure necessary bandwidth for business-critical applications. Passive Traffic Responses Several passive responses such as logging and TCP reset are supported. Provide visibility into current threats on the network, and ability to preempt possible attacks. VLAN-Aware Rules Unique policies are applied to different VLANs. Apply unique policies based on department, customer and compliance requirements. Place a Bid!