This guide helps you to verify/troubleshoot the IDP attack database is downloaded and installed on a SRX device.
If your SRX is in a Chassis Cluster, refer to KB23423 - Verify/Troubleshoot IDP attack database on SRX in a Chassis Cluster.
Perform the following steps:
[Check Attack database version]
Run the command 'show security idp security-package-version'.
user@srx> show security idp security-package-version
node0:
----------------------------------------------------------------
Attack database version
:1732(Mon Jul 19 12:44:15 2010) <------
Detector version :10.4.140100525
Policy template version :N/A
Does the 'Attack database version' have a recent date?
- Yes - IDP is enabled and up-to-date:
For a list of other SRX/IDP issues, refer to the table in KB23424 - Troubleshooting IDP with SRX.
- No - The version is N/A: Continue to Step 2
- No - The version and date appear to be old: Jump to Step 3
- No - I get the message: Warning IDP disabled:
Run the following command from configuration mode to enable IDP:
delete system processes idp-policy disable
- No - The option to run the command is not there:
The IDP functionality is supported on High Memory SRX Branch and High-End devices.
Refer to the Junos 11.4 - SRX Feature Support Reference.
Note: The Detector version is automatically updated when the Attack Database is updated. Therefore, if the Attack database version is up-to-date, then the Detector version is up-to-date.
For information on when/how to download policy templates, refer to
KB16490 - How to use Predefined policy templates as IDP Policy in SRX and J-Series devices.
[Version is N/A]
Run the command 'show system license
'.
Do you see the feature 'idp-sig' (which is the IDP license)?
Then jump to Step 4 to check the status.
[Outdated database version]
Consider setting up the IDP signature database to be updated automatically.
For more information, refer to KB16491 - How to update IDP signature database automatically.
If you want to update the IDP signature database now, follow the instructions in Section II of
KB16489 - Quick Setup Guide for Configuring IDP on a SRX:
- II. Download and install the signature database
Then continue to Step 4 to check the status.
[Attack database download status?]
Check the status of the Attack database download with the following command. (You may have to repeatedly run the command if it is 'in Progress'.)
user@srx> request security idp security-package download status
What is the status?
[Attack database install status?]
Check the status of the Attack database install with the following command. (You may have to repeatedly run the command if it is 'in Progress'.)
user@srx> request security idp security-package install status
What is the status?