Encryption support for IDP packet capture

Feature(s) and their supported products/applications:

[Collapse All]

[Expand All]

You can enable a secure SSL or TLS connection to send an encrypted IDP packet capture log to the packet capture receiver. To establish the SSL or TLS connection, you must specify the SSL initiation profile that you want to use in the IDP packet log configuration. In earlier releases, when IDP detects an attack, it sends a decrypted IDP packet log to the packet capture receiver over UDP traffic. Sending a decrypted packet log is not a secure process, especially when packet-log is captured for encrypted traffic. To enable SSL or TLS connection for IDP packet log, run the set security idp sensor-configuration packet-log ssl-profile-name profile-name command. To view the new packet log counters, use the show security idp counters packet-log command.

Product / Application	Software	Introduced Release
vSRX	Junos OS	22.1R1
SRX300	Junos OS	22.2R1
SRX320	Junos OS	22.1R1
SRX340	Junos OS	22.1R1
SRX345	Junos OS	22.1R1
SRX380	Junos OS	22.1R1
SRX550 HM	Junos OS	22.1R1
SRX1500	Junos OS	22.1R1
SRX1600	Junos OS	23.4R1
SRX2300	Junos OS	23.4R1
SRX4100	Junos OS	22.1R1
SRX4120	Junos OS	25.2R1
SRX4200	Junos OS	22.1R1
SRX4300	Junos OS	24.2R1
SRX4600	Junos OS	22.1R1
SRX4700	Junos OS	24.4R1-S2
SRX5400	Junos OS	22.1R1
SRX5600	Junos OS	22.1R1
SRX5800	Junos OS	22.1R1

Feature Explorer AI

Encryption support for IDP packet capture

404: Page not found.

Encryption support for IDP packet capture