Juniper Networks J-Series User Manual

Table 71: Summary of Key Stateful Firewall Filters Output Fields (continued)

Values

Field

Direction of the flow:

I

(input) or

O

(output).

Direction

Number of frames in the flow.

Frames

Monitoring Firewall Intrusion Detection Services (IDS)

To view intrusion detection service (IDS) information for stateful firewall filters, select
Monitor>Firewall>IDS Information. Click one of the following criteria to order the
display accordingly:

■

Bytes (received bytes)

■

Packets (received packets)

■

Flows

■

Anomalies

To limit the display of IDS information, type or select information in one or more of
the Narrow Search boxes listed in Table 72 on page 139, and click OK.

Table 72: IDS Search-Narrowing Characteristics

Entry or Selection

Narrow Search Box

Type a destination address prefix to display IDS information for only that prefix.

Destination Address

Select one of the following:

■

Destination—Displays information for an address under attack.

■

Pair—Displays information for a suspected attack source and destination pair.

■

Source—Displays information for an address that is a suspected attacker.

IDS Table

Select a number between 25 and 500 to display only a particular number of entries.

Number of IDS Entries to
Display

Type a number to display events with only that number of bytes, packets, flows, or
anomalies—whichever you selected to order the display. For example, to display all events
with more than 100 flows, click Flows and then type

100

in the Threshold box.

Threshold

Select a service set to display information for only the set.

Service Set

Alternatively, enter the following CLI

show

commands:

■

show services ids destination-table

■

show services ids source-table

■

show services ids pair-table

Using the Monitoring Tools

■

139

Chapter 7: Monitoring the Router and Routing Operations