SRX

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  anti-virus policy

    Posted 07-20-2011 02:36

    Hi there,

    I have all my policies set up from trust to untrust and there's a deny all at the very bottom which logs to a syslog server.

     

    I've been asked though am I blocking typical viruses....I need to give an answer asap.

     

    Is there a policy which will block say typical microsoft exploitation port attacks or is there an anti virus section on the SRX platform?

     

    Many thanks,

     

    Paul


    #UTM
    #basics


  • 2.  RE: anti-virus policy

    Posted 07-20-2011 02:41

    Hi

    Do you have anything configured under [security utm]? Under [security idp]?
    If not, then you are NOT blocking any viruses or network attacks.
    To do this, you either need to configure antivirus (to scan files) or
    IDP (to scan traffic at layer 7 for network attacks). Both require subscription
    and high-memory version of SRX.



  • 3.  RE: anti-virus policy

    Posted 07-20-2011 03:56

    To configure anti-virus that means UTM?

     

    Also when I log into my srx via the webgui:

     

    Configure>Security>UTM>Anti-Virus> I see the Anti-Virus profiles configuration table with two entires:

     

    junos-av-defaults: kaspersky-lab-engine: UP: scan all

     

    Is this doing anything?

     

    Thanks,

     

    Paul

     

     



  • 4.  RE: anti-virus policy
    Best Answer

    Posted 07-20-2011 04:17

    Antivirus is a part of UTM feature set.

     

    The profiles you see are just default profiles. They are not doing anything if not applied to the policy.

    See p. 13 of

    http://www.juniper.net/us/en/local/pdf/app-notes/3500153-en.pdf

    for a quick configuration example. You will need an antivirus license to download/update

    your virus signatures.



  • 5.  RE: anti-virus policy

    Posted 07-20-2011 06:26

    Thanks PK 🙂