Copyright © 2009, Juniper Networks, Inc. 7
APPLICATION NOTE - Quickstart Guide for Branch SRX Series Services Gateways
UTM Configuration
The example continues with the addition of several common unified threat management (UTM) features to the
configuration. Before configuring any UTM features, the UTM feature license must be installed on the device.
The license keys can be installed using one of the two following methods. These commands are operational mode
commands.
1. Download from LMS server directly. (This method is recommended, but Internet access is required.)
request system license update
2. Install manually. (This process is used when the license keys are available as a text file.)
request system license add terminal
You can now verify that the license was installed using the operational mode command “show system license.”
Antivirus Configuration
Having an SRX Series Services Gateway use the express antivirus engine to scan HTTP traffic is also very easy.
1. Configure the SRX Series device to use the express antivirus engine.
set security utm feature-prole anti-virus type juniper-express-engine
2. Configure a UTM policy to use the predefined antivirus profile http-profile “junos-eav-defaults.”
set security utm utm-policy custom-utm-policy anti-virus http-prole junos-eav-defaults
3. Apply the UTM policy to the existing trust to untrust security policy.
set security policies from-zone trust to-zone untrust policy default-permit then permit
application-services utm-policy custom-utm-policy
4. Use the “commit” command at the CLI prompt in the configuration mode to activate the configuration.
commit
Note: The predefined profile “junos-eav-defaults” is preconfigured with antivirus engine fallback options, scanning
options, and notification messages. The defaults can be viewed by using the operational mode command:
show conguration groups junos-defaults security utm feature-prole anti-virus juniper-express-
engine prole junos-eav-defaults
(60 pagine)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commenti su questo manuale