Centralized management with nsm overview – Juniper Networks IDP SERIES IDP250 User Manual
Page 28
Table 11: IDP Series On-Box Utilities (continued)
Usage
Software
You can use the
idp.sh
utility to start, stop, or get status information on
appliance processes.
For details, see the IDP Series Administration Guide.
idp.sh utility
You can use the
sctop
utility to monitor connection tables and view status.
For details, see the IDP Series Administration Guide.
sctop utility
You can use
bypassStatus
commands to display settings for the daemon
that monitors traffic interface NIC state.
For details, see the IDP Series Administration Guide.
bypassStatus
utility
You can use the IDP Reporter to view statistics on attacks the IDP Series
appliance has detected and responded to, as well as application volume
tracking (AVT) statistics.
For details, see the IDP Reporter User’s Guide.
IDP Reporter
Centralized Management with NSM Overview
Juniper Networks Network and Security Manager (NSM) is a central management server
capable of managing hundreds of IDP Series appliances and other Juniper Networks
devices, such as ScreenOS firewalls, SA Series appliances, and IC Series appliances. You
typically deploy NSM in a management subnet accessible to the NSM-managed devices.
illustrates the flow of information between the tiers of the central
management solution: the NSM user interface, the NSM server, and IDP Series appliances.
Figure 9: IDP Series-NSM Communication
The IDP Series configuration, security policies, attack objects, and log records are stored
in NSM server databases and administered using the NSM user interface. Communication
between the NSM server and IDP Series appliances, and between the NSM server and
the NSM user interface, is encrypted and authenticated.
Copyright © 2012, Juniper Networks, Inc.
16
IDP250 Installation Guide