The limitation you talk about is the "Policies with Counting Enabled", which is indeed 256 in the SRX380.
https://www.juniper.net/documentation/us/en/software/junos/security-policies/topics/topic-map/security-policy-configuration.html#concept_mrn_m2c_n2c
Normal hit-counters should be available for all 4096 policies the platform supports. These are available with this command and count the number of sessions the policy has handled:
show security policies hit-count
The explicit counters you can add to a policy are meant for more granular statistics like number of bytes and bps (look at the output titled "show security policies policy-name detail"):
show security policies
| Juniper |
remove preview |
|
| show security policies |
| Displays a summary of all security policies configured on the device. If a particular policy is specified, display information specific to that policy. The existing show commands for displaying the policies configured with multiple tenant support are enhanced. A security policy controls the traffic flow from one zone to another zone. |
| View this on Juniper > |
|
|
Unless you actually need the byte counters, the hit-counters are always there.
Original Message:
Sent: 04-10-2025 03:18
From: Anonymous
Subject: SRX 380 Rule count limit
This message was posted by a user wishing to remain anonymous
The SRX 380 has a policy rule hit counter limit of 256 rules. Is it possible to increase this limit? Also, if I were to use security director to manage this firewall and to view rule hit count, would this be subject to the same limit? i.e. is security director dependant on the rule counter limit on the firewall itself?