Solved

jupiter netscreen 25 port scanning t can protection

Posted on 2013-05-31
2
660 Views
Last Modified: 2013-06-08
i have a netscreen ns 25,
in is screening => screen link
there is many categories like flood defence, MS-Windows Defense, Denial of Service Defense, Protocol Anomaly Reports -- IP Option Anomalies, Protocol Anomaly Reports -- TCP/IP Anomalies, Scan/Spoof/Sweep Defense

to protect from hack, should in setup in untrust zone or trust zone?

there is also select to setup thoese in v1-trust and v1-untrust zone, to protect from port scanning, use which zone?

expert please advice.
0
Comment
Question by:john80988
2 Comments
 
LVL 21

Expert Comment

by:Rick_O_Shay
ID: 39210458
Screens normally go in the untrust zone. You can see in the counters to see what ones are hitting.
0
 
LVL 69

Accepted Solution

by:
Qlemo earned 500 total points
ID: 39213091
Those v1* zones cannot be used if your NS is in routing (versus bridging) mode. In bridging mode, the NS works like a switch.
With routing mode, you have a WAN and at least one LAN side. WAN is in the Untrust zone, and that is where the defense should start. So the prior answer is correct - you use Screening in Untrust most of the time.
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
harden EXCH2013 7 58
Ping in Fortigate 2 41
Configure IP on Sonicwall 2 29
MFA in Azure for a hybrid org 2 45
As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Many businesses neglect disaster recovery and treat it as an after-thought. I can tell you first hand that data will be lost, hard drives die, servers will be hacked, and careless (or malicious) employees can ruin your data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question