Security Features on SRX 650 Services Gateways

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

The following tables list security features that are supported on SRX 650 services gateways.

Table 14: Zones

Feature	More Information
Security zone	Security Zone
Functional zone	Functional Zone
For information about the interfaces that are supported on your device, see the JUNOS Software Interfaces and Routing Configuration Guide.

Table 15: Flow

Feature	More Information
Flow-based processing	SRX 3400 and SRX 3600 Services Gateways Overview

Table 16: Security Policy

Feature	More Information
Address books	Configuring Address Books
Policy application sets	Policy Application Sets Overview
Schedulers	Configuring Schedulers
Policy applications	Understanding Internet-Related Predefined Policy Applications
Internet Control Message Protocol (ICMP) predefined policy application	Understanding the ICMP Predefined Policy Application
Internet-related predefined policy applications	Understanding Internet-Related Predefined Policy Applications
Microsoft predefined policy applications	Understanding Microsoft Predefined Policy Applications
Dynamic routing protocols predefined policy applications	Understanding Dynamic Routing Protocols Predefined Policy Applications
Streaming video predefined policy applications	Understanding Streaming Video Predefined Policy Applications
Sun remote procedure protocol (RPC) predefined policy applications	Understanding Sun RPC Predefined Policy Applications
Security and tunnel predefined policy applications	Understanding Security and Tunnel Predefined Policy Applications
IP-related predefined policy applications	Understanding IP-Related Predefined Policy Applications
Instant messaging predefined policy applications	Understanding Instant Messaging Predefined Policy Applications
Management predefined policy applications	Understanding Management Predefined Policy Applications
Mail predefined policy applications	Understanding Mail Predefined Policy Applications
UNIX predefined policy applications	Understanding UNIX Predefined Policy Applications
Miscellaneous predefined policy applications	Understanding Miscellaneous Predefined Policy Applications
Custom policy Applications	Understanding Custom Policy Applications
Policy application timeouts	Understanding Policy Application Timeouts

Table 17: Firewall Authentication

Feature	More Information
Web authentication	Web Authentication
Pass-through authentication	Pass-Through Authentication
Local authentication server	Firewall User Authentication Overview
RADIUS authentication server	Firewall User Authentication Overview
LDAP authentication server	Firewall User Authentication Overview
SecurID authentication server	Understanding SecurID User Authentication

Table 18: Infranet Authentication

Feature	More Information
JUNOS Enforcers in Unified Access Control (UAC) deployments	Infranet Authentication

Table 19: Attack Detection and Prevention

Feature	More Information
Bad IP option	Understanding Bad IP Option Protection
Block fragment traffic	Blocking Fragmented ICMP Packets
FIN flag without ACK flag set protection	Blocking Packets with FIN Flag/No ACK Flag Set
ICMP flood protection	Understanding ICMP Flood Attacks
ICMP fragment protection	Understanding ICMP Fragment Protection
Large size ICMP packet protection	Understanding Large ICMP Packet Protection
Loose source route option	Blocking Packets with Either a Loose or Strict Source Route Option Set
IP record route option	Screen Options for Detecting IP Options Used For Reconnaissance
IP security option	Screen Options for Detecting IP Options Used For Reconnaissance
IP address spoof	Blocking IP Spoofing
IP stream option	Screen Options for Detecting IP Options Used For Reconnaissance
IP strict source route option	Blocking Packets with Either a Loose or Strict Source Route Option Set
IP address sweep	Understanding IP Address Sweeps
IP timestamp option	Screen Options for Detecting IP Options Used For Reconnaissance
Land attack protection	Understanding Land Attacks
Ping of death attack protection	Understanding Ping of Death Attacks
Port scan	Understanding Port Scanning
Source IP based session limit	Understanding Session Table Flood Attacks
SYN-ACK-ACK proxy protection	Understanding SYN-ACK-ACK Proxy Flood Attacks
SYN and FIN flags set protection	Blocking Packets with SYN and FIN Flags Set
SYN flood protection	Understanding SYN Flood Attacks
SYN fragment protection	Understanding SYN Fragment Protection
Teardrop attack protection	Understanding Teardrop Attacks
TCP packet without flag set protection	Blocking Packets with No Flags Set
Unknown protocol protection	Understanding Unknown Protocol Protection
UDP flood protection	Understanding UDP Flood Attacks
WinNuke attack protection	Understanding WinNuke Attacks

Table 20: Network Address Translation

Feature	More Information
Destination IP address translation	Destination IP Address Translation Overview
Static Network Address Translation (NAT)	Understanding Static NAT
Rule-based NAT	Understanding Rule-Based Destination NAT
Source IP address translation	Source IP Address Translation Overview
NAT interface source pools	Understanding NAT Interface Source Pools
Configuring proxy Address Resolution Protocol (ARP)	Configuring Proxy ARP

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]