SRX Next-Gen Firewalls

Thank you for your insights, Nikolay Semov. I'm fully aware that a 30-second timeout for tracking SYN packets is quite excessive, and I do intend to progressively reduce this value. The SRX4600, from a technical standpoint, supports stateful inspection ...

I'm trying to configure syslog traffic to a syslog server on a different location over a VPN connection I can see that the syslog traffic is being generated on the ge-0/0/0.1 (Untrust zone on my firewall) how can I set up so the syslog traffic is ...

Thank you, I'll run through this a few times on the lab units to get more familiar with the process. I think my hesitation was that I'd rather let the system handle configuration synchronization, rather than trying to do it myself, but when it comes time ...

I think it's one of those "do it at your own risk" types of things. I think the main concern is the behavior of the new node1 after it's connected and boots up but before you synchronize the config. As long as you can make sure it doesn't somehow ...

Ah, so it sounds like your concern is with traffic that doesn't belong to an existing session, rather than, or in addition to, lots of sessions being initiated with incomplete handshakes. I don't have answers, unfortunately, but this is an interesting ...

I tested this on my lab units, it seems to work correctly via this shortened process after doing a 'request chassis cluster configuration-synchronize' via console on the "new" node 1 then a 'commit full' on node 0. Do you see any issues with going about ...

Okay, thank you, good to know, I guess I would have gotten bit by that, if the config wouldn't sync even with an eg request chassis cluster configuration-synchronize. I'll just follow that article closely. Regarding the features, I've got no licenses, ...