Centralized management with nsm overview – Juniper Networks IDP SERIES IDP250 User Manual

Table 11: IDP Series On-Box Utilities (continued)

Usage

Software

You can use the

idp.sh

utility to start, stop, or get status information on

appliance processes.

For details, see the IDP Series Administration Guide.

idp.sh utility

You can use the

sctop

utility to monitor connection tables and view status.

For details, see the IDP Series Administration Guide.

sctop utility

You can use

bypassStatus

commands to display settings for the daemon

that monitors traffic interface NIC state.

For details, see the IDP Series Administration Guide.

bypassStatus
utility

You can use the IDP Reporter to view statistics on attacks the IDP Series
appliance has detected and responded to, as well as application volume
tracking (AVT) statistics.

For details, see the IDP Reporter User’s Guide.

IDP Reporter

Centralized Management with NSM Overview

Juniper Networks Network and Security Manager (NSM) is a central management server
capable of managing hundreds of IDP Series appliances and other Juniper Networks
devices, such as ScreenOS firewalls, SA Series appliances, and IC Series appliances. You
typically deploy NSM in a management subnet accessible to the NSM-managed devices.

Figure 9 on page 16

illustrates the flow of information between the tiers of the central

management solution: the NSM user interface, the NSM server, and IDP Series appliances.

Figure 9: IDP Series-NSM Communication

The IDP Series configuration, security policies, attack objects, and log records are stored
in NSM server databases and administered using the NSM user interface. Communication
between the NSM server and IDP Series appliances, and between the NSM server and
the NSM user interface, is encrypted and authenticated.

Copyright © 2012, Juniper Networks, Inc.

16

IDP250 Installation Guide