From Juniper SRX SG IDPS Security Technical Implementation Guide
Part of SRG-NET-000512-IDPS-00194
Associated with: CCI-000366
If the IDP or UTM licenses are allowed to lapse, the Juniper SRX IDPS can still inspect traffic and continue to use the outdated signature database for rules, objects, and dynamic groups. However, updates to the signature database cannot be downloaded from Juniper Networks. This puts the network at risk since the updates are used to addresses new CERT and IAVM vulnerabilities.
In operational mode, enter show system license. If the license expiration for idp-sig and all other licenses installed are past today's date, this is a finding.
Update the expired licenses immediately following the procedures on the vendor website.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer