While firewalls handle security at layer two through four of the OSI model, a different approach is necessary to cover application attacks.  When you have inbound Internet traffic coming into your network, at some point you will have to open a hole through your firewall. In the best case, your Internet facing servers will be on DMZ segment, separate from your internal resources, but this isn't always the case.

How does IDP work? Attack signatures. An IDP has a database of signatures of attacks on specific applications. In order to protect your network, we configure the IDP to the specific applications that you need to let into your network from the Internet. When an attacker attempts to access your server using a signature attack from our database, the attack is stopped and logged. Therefore, the key to a successful IDP installation is that it has a large signature database and that database is updated on a regular basis.

Juniper IDP Products - Juniper delivers IDP signatures via two different product vehicles. One is a software license and add-on to their firewall product line. This IDP is called Deep Inspection. It provides a database of approximately 250 - 500 signatures for the most common servers that small and medium sized businesses implement.  The second is a hardware IDP platform. This IDP runs on its own dedicated server.  The Juniper hardware IDP products support a database with thousands of attack signatures.

DHK offers three Intrustion Dectection and Prevention services:

1. Configuration of Deep Inspection on your NetScreen firewall.

2. Installation and support of your hardware based Juniper IDP.

3. Management solutions for your Juniper IDP.

For more information, or to get started with our Intrusion Detection and Prevention services, please e-mail security@dhk.com or call 866-905-8174. Our security sales team is available from 9am to 5pm, Monday through Friday. If you call outside of these hours, please leave a message with one of our live agents.