Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
For a long time, the SRX has been able to periodically download IPv4 and IPv6 prefixes from external sources and map them to objects used in firewall policies. Essentially, this is the easiest way to automate the firewall rule base when rules act as templates, and IP sources or destinations are...
The SRX4700 100Gbps Full Duplex IPSEC tunnel TechPost demonstrates the ability of the HPE Juniper Networking flagship 1RU firewall device to encrypt 100Gbps traffic patterns from a single system, such as a server or storage device, communicating within site-to-site tunnels. These single-tunnel,...
Junos 24.2R1 brings improvement for selected Juniper SRX series devices, particularly on MPLS and packet-mode/flow-mode processing. This post includes a simple example of an MPLS-enabled SRX device processing 'family inet' in flow mode without relying on selective packet services, as was common...
Let's highlight the flexibility of Multi-Node High Availability (MNHA) and JUNOS while providing design considerations when implementing MNHA in a hybrid deployment model. Introduction Every network environment is unique and has different requirements and caveats. The focus will be...
Let's expand on the article on vSRX on mini-PC with details on another platform and use case. This time, the Juniper vSRX is deployed on a specific fanless, rugged, DIN-mountable, and DC-powered PC for industrial applications, featuring plenty of Ethernet interfaces and 4G/5G connectivity,...
Example settings for connecting a VPN from the native IKEv2 client on Android 13+ to a Juniper SRX firewall. Due to the client's nature, use cases may include basic remote access and embedded/IoT scenarios where additional software is undesirable. Introduction For connecting a VPN from the...
In this short post, we’ll look at configuring the SRX for 6-to-4 NAT (NAT64) when using IPv6-only clients with an external DNS64 server. We’ll also quickly examine how the mechanism to dynamically perform this translation works. Introduction If you’re reading this blog, you probably know...
Describes the ability of the Juniper SRX, in conjunction with the CloudATP service, to enforce DNS query blocking through an API-driven, multi-tenant approach. Each tenant has its own virtual router, ingress zone, dedicated API token, and independent visibility for granular control and...
In this post, we’ll take a technical dive into Multi-Node High Availability (MNHA) on Juniper’s SRX platforms – a flexible approach to providing redundancy on stateful network security devices. Introduction High Availability (HA) is a very commonly deployed function on NGFW platforms....
Junos configuration details and KPIs of a real-life SRX4600 CGN deployment for an operator serving fixed customers. The SRX has been used as a Carrier Grade NAT (CGN) or mobile Gi/SGi firewall since the early days. Due to popular demand, this TechPost aims to describe the Junos...