EasyManua.ls Logo

Juniper Junos OS User Manual

Juniper Junos OS
158 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #84 background imageLoading...
Page #84 background image
16. Specify the action to be taken on traffic that matches conditions specified in the
security policy. The security policy action must be to permit the flow.
[edit]
user@host# set security policies from-zone untrust to-zone DMZ policy P1 then
permit application-services idp
Results From configuration mode, confirm your configuration by entering the show security
policies command. If the output does not display the intended configuration, repeat the
configuration instructions in this example to correct it.
[edit]
user@host# show security policies
from-zone untrust to-zone DMZ {
policy P1 {
match {
source-address any;
destination-address DMZ-address-set-http;
application junos-http;
}
then {
permit {
application-services {
idp;
}
}
}
}
}
If you are done configuring the device, enter commit from configuration mode.
Verification
Confirm that the configuration is working properly.
Verifying the IDP Configuration
Purpose Verify that the IDP configuration is working properly.
Action From operational mode, enter the show security idp status command.
user@host>show security idp status detail
PIC : FPC 0 PIC 0:
State of IDP: Default, Up since: 2013-01-22 02:51:15 GMT-8 (2w0d 20:30 ago)
Packets/second: 0 Peak: 0 @ 2013-02-05 23:06:20 GMT-8
KBits/second : 0 Peak: 0 @ 2013-02-05 23:06:20 GMT-8
Latency (microseconds): [min: 0] [max: 0] [avg: 0]
Packet Statistics:
[ICMP: 0] [TCP: 0] [UDP: 0] [Other: 0]
Flow Statistics:
ICMP: [Current: 0] [Max: 0 @ 2013-02-05 23:06:20 GMT-8]
Copyright © 2016, Juniper Networks, Inc.68
Getting Started Guide for Branch SRX Series

Table of Contents

Question and Answer IconNeed help?

Do you have a question about the Juniper Junos OS and is the answer not in the manual?

Juniper Junos OS Specifications

General IconGeneral
CategoryNetwork Operating System
Operating SystemJunos OS
TypeModular
Supported HardwareJuniper routers, switches, and security devices
ArchitectureModular
Configuration ModelHierarchical configuration
Automation SupportPython, Ansible, Puppet, Chef, REST API, NETCONF
High AvailabilityGraceful Routing Engine Switchover (GRES), Nonstop Active Routing (NSR)
Security FeaturesFirewall, VPN
Routing ProtocolsBGP, OSPF, IS-IS, RIP, MPLS
Switching ProtocolsVLAN, STP, RSTP, MSTP, LACP
Management InterfacesCLI, NETCONF, REST API, SNMP

Summary

Configuring an SRX Series Device for the First Time

Understanding Methods to Manage the Branch SRX Series

Explains various methods for configuring and monitoring SRX Series devices.

Mandatory Settings to Configure the Branch SRX Series

Lists essential configuration settings required for initial device setup.

Connecting the Branch SRX Series Through the Console Port for the First Time

Provides steps to connect the SRX Series device via the console port.

Configuring Internet Access for the Branch SRX Series

Details how to enable Internet access for the SRX Series device.

Configuring Security Zones and Policies for SRX Series

Understanding Security Zones and Policies for SRX Series

Explains how zones and policies control traffic flow in security policies.

Security Policy

Configuring NAT for SRX Series

Understanding NAT for SRX Series

Explains Network Address Translation (NAT) and its types supported on SRX Series.

Example: Configuring Destination NAT for SRX Series

Managing Licenses for SRX Series

Updating Licenses for a Branch SRX Series

Guides on installing and updating licenses for advanced SRX Series features.

Configuring UTM for Branch SRX Series

Understanding Unified Threat Management for Branch SRX Series

Introduces Unified Threat Management (UTM) for network security features.

Example: Configuring Unified Threat Management for a Branch SRX Series

Configuring Intrusion Detection and Prevention for SRX Series

Understanding Intrusion Detection and Prevention for SRX Series

Explains Intrusion Detection and Prevention (IDP) policies for network traffic.

Example: Configuring Intrusion Detection and Prevention for SRX Series

Operational Commands

show security flow session

show security nat destination summary

show security policies

show security zones

show system license (View)

show system services dhcp client

Related product manuals