Skip to content
ATO Pathways
Log In
Overview
Search
Catalogs
SCAP
OSCAL
Catalogs
Profiles
Documents
References
Knowledge Base
Platform Documentation
Compliance Dictionary
Platform Changelog
About
Catalogs
XCCDF
Juniper SRX SG IDPS Security Technical Implementation Guide
SRG-NET-000249-IDPS-00176
The Juniper Networks SRX Series Gateway IDPS must drop packets or disconnect the connection when malicious code is detected.
The Juniper Networks SRX Series Gateway IDPS must drop packets or disconnect the connection when malicious code is detected.
An XCCDF Rule
Details
Profiles
Prose
The Juniper Networks SRX Series Gateway IDPS must drop packets or disconnect the connection when malicious code is detected.
Medium Severity
<VulnDiscussion>Configuring the IDPS to discard and/or redirect based on local organizational incident handling procedures minimizes the impact of this code on the network. Once an attack object in the IPS policy is matched, the SRX can execute an action on that specific session, along with actions on future sessions. The ability to execute an action on that particular session is known as an IDPS action. IDPS actions can be one of the following: No-Action, Drop-Packet, Drop-Connection, Close-Client, Close-Server, Close-Client-and-Server, DSCP-Marking, Recommended, or Ignore. IP actions are actions that can be enforced on future sessions. These actions include IP-Close, IP-Block, and IP-Notify</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>