SRX Next-Gen Firewalls

For the traffic to use the vpn connection the source and destination addresses have to be setup as allowed by the VPN configuration. And the routing on both sides of the tunnel also has to select the tunnel as the destination for that traffic. Is ...

Not at all. I'm simply pointing out a DDoS mitigation feature in the SRX. I just don't have the hard numbers you're seeking to draw a conclusion one way or the other. ------------------------------ Nikolay Semov ------------------------------

Nikolay Semov, I have reviewed your message. From your correspondence, I understand that you have doubts about whether the SRX4600 device can provide effective protection against DDoS attacks. Thank you for the document you shared. Indeed, you've provided ...

An interesting relatively recent feature related to DDoS mitigation, should you end up going with the SRX: https://supportportal.juniper.net/s/article/SRX-About-drop-flow ------------------------------ Nikolay Semov ------------------------------

Thank you for your insights, Nikolay Semov. I'm fully aware that a 30-second timeout for tracking SYN packets is quite excessive, and I do intend to progressively reduce this value. The SRX4600, from a technical standpoint, supports stateful inspection ...

I'm trying to configure syslog traffic to a syslog server on a different location over a VPN connection I can see that the syslog traffic is being generated on the ge-0/0/0.1 (Untrust zone on my firewall) how can I set up so the syslog traffic is ...

Thank you, I'll run through this a few times on the lab units to get more familiar with the process. I think my hesitation was that I'd rather let the system handle configuration synchronization, rather than trying to do it myself, but when it comes time ...