?
Solved

jupiter netscreen 25 port scanning t can protection

Posted on 2013-05-31
2
Medium Priority
?
668 Views
Last Modified: 2013-06-08
i have a netscreen ns 25,
in is screening => screen link
there is many categories like flood defence, MS-Windows Defense, Denial of Service Defense, Protocol Anomaly Reports -- IP Option Anomalies, Protocol Anomaly Reports -- TCP/IP Anomalies, Scan/Spoof/Sweep Defense

to protect from hack, should in setup in untrust zone or trust zone?

there is also select to setup thoese in v1-trust and v1-untrust zone, to protect from port scanning, use which zone?

expert please advice.
0
Comment
Question by:john80988
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 21

Expert Comment

by:Rick_O_Shay
ID: 39210458
Screens normally go in the untrust zone. You can see in the counters to see what ones are hitting.
0
 
LVL 70

Accepted Solution

by:
Qlemo earned 1500 total points
ID: 39213091
Those v1* zones cannot be used if your NS is in routing (versus bridging) mode. In bridging mode, the NS works like a switch.
With routing mode, you have a WAN and at least one LAN side. WAN is in the Untrust zone, and that is where the defense should start. So the prior answer is correct - you use Screening in Untrust most of the time.
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question