Juniper IDP vs Fortinet Firewalls
To begin with let it be clear Juniper IDP is not a session based firewall. What does that mean? Well it doesn’t monitor the stream per TCP/UDP session, doesn’t perform complete disaseembly of the packet for analyzing it – it just looks at first 100 byte of the packet and doesn’t go further beyond for signature analysis. Therefore, it cannot do granular packet inspection which may be needed to find data leak or confidential information bypass between respective zones or vlans.