beautypg.com

Proxy-arp mode, Idp high availability deployment modes, Figure 23: proxy-arp mode – Juniper Networks IDP 800 User Manual

Page 60

background image

IDP 75, 250, 800, and 8200 Installation Guide

46

„

IDP High Availability Deployment Modes

Proxy-ARP Mode

Figure 23 shows a sensor that is configured in bridge mode. Table 16 lists the
advantages and disadvantages of bridge mode.

Figure 23: Proxy-ARP Mode

IDP High Availability Deployment Modes

You must deploy the IDP sensors in bridge, router, transparent, or proxy-ARP
mode to enable a high availability solution.For details on deployment modes and
HA clusters, see the NetScreen-Security Manager Administrator’s Guide.

Table 16: Advantages and Disadvantages of Proxy-ARP Mode

Advantages

Disadvantages

„

Reliably responds to and prevents
attacks

„

Simple, transparent deployment

„

Network nodes may need to update
cached ARP entries

Management Server
IP 2.2.2.4

User Interface
IP 2.2.2.5

Protected Machines

Hub or
Switch

Firewall

eth2
IP 1.1.1.254
Forwarding Interface

Server1
IP 1.1.1.2
GW 1.1.1.1

Server2
IP 1.1.1.3
GW 1.1.1.1

Server3
IP 1.1.1.4
GW 1.1.1.1

IP 2.2.2.1

IP 1.1.1.1

IDP Sensor

Hub or
Switch

eth3
IP 1.1.1.5
Forwarding Interface

eth0 IP 2.2.2.7
MGT Interface

Internet

This manual is related to the following products:
See also other documents in the category Juniper Networks Hardware: