[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]

Enabling Unified Access Control on SRX Series and J Series Devices

JUNOS security policies enforce rules for transit traffic, defining what traffic can pass through the firewall. The policies control traffic that enters from one zone (from-zone) and exits another (to-zone). To enable an SRX Series or J Series device as a JUNOS Enforcer in a Unified Access Control (UAC) deployment, you must identify the zones through which UAC traffic will travel, define JUNOS security policies that encompass those zones, and enable UAC for those policies.

Before You Begin
  1. For background information, read Unified Access Control Overview.
  2. Set up the interfaces through which UAC traffic should enter the SRX Series or J Series device. See Understanding Security Zone Interfaces for background information and Configuring Interfaces—Quick Configuration for instructions.
  3. Group interfaces with identical security requirements into zones. See Understanding Security Zones for background information and Creating Security Zones for instructions.
  4. Create security policies to control the traffic that passes through the security zones. See Security Policies Overview for background information and Configuring Policies for instructions.

This topic covers:

CLI Configuration

To configure enable UAC through a JUNOS security policy, use the application-services statement:

edit security policies from-zone zone-name to-zone zone-name policy match then permit application-services uac-policy

Related Topics

[ Contents] [ Prev] [ Next] [ Index] [ Report an Error]