View Only
last person joined: 3 days ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.
  • 1.  anti-virus policy

    Posted 07-20-2011 02:36

    Hi there,

    I have all my policies set up from trust to untrust and there's a deny all at the very bottom which logs to a syslog server.


    I've been asked though am I blocking typical viruses....I need to give an answer asap.


    Is there a policy which will block say typical microsoft exploitation port attacks or is there an anti virus section on the SRX platform?


    Many thanks,




  • 2.  RE: anti-virus policy

    Posted 07-20-2011 02:41


    Do you have anything configured under [security utm]? Under [security idp]?
    If not, then you are NOT blocking any viruses or network attacks.
    To do this, you either need to configure antivirus (to scan files) or
    IDP (to scan traffic at layer 7 for network attacks). Both require subscription
    and high-memory version of SRX.

  • 3.  RE: anti-virus policy

    Posted 07-20-2011 03:56

    To configure anti-virus that means UTM?


    Also when I log into my srx via the webgui:


    Configure>Security>UTM>Anti-Virus> I see the Anti-Virus profiles configuration table with two entires:


    junos-av-defaults: kaspersky-lab-engine: UP: scan all


    Is this doing anything?







  • 4.  RE: anti-virus policy
    Best Answer

    Posted 07-20-2011 04:17

    Antivirus is a part of UTM feature set.


    The profiles you see are just default profiles. They are not doing anything if not applied to the policy.

    See p. 13 of

    for a quick configuration example. You will need an antivirus license to download/update

    your virus signatures.

  • 5.  RE: anti-virus policy

    Posted 07-20-2011 06:26

    Thanks PK 🙂