Firewall Policies Overview

Security Director provides you with four types of firewall policies:

The basic settings of a firewall policy are obtained from the policy profile. The basic settings include log options, firewall authentication schemes, and traffic redirection options.

Firewall policies are displayed in a tabular view. You can select a policy and apply rules either inline or using the + icon. For more information, see Creating Firewall Policy Rules.

Starting in Junos Space Security Director Release 19.3R1, you can assign IPS policy to the standard firewall policy rule. The CLI is generated for the IPS policy along with the standard firewall policy (to which the IPS policy is assigned) for devices with Junos OS Release 18.2 onward. Since the IPS policy name is directly used in the firewall policy rule, the [edit security idp active-policy policy-name] statement is deprecated in Junos OS Release 18.2 onward. You can import and convert the deprecated active policy CLI into a new CLI from Security Director. You can import the IPS policy for the deprecated active-policy for Junos OS version 18.2 and later. After the IPS policy is imported, the rules associated with the firewall policy for the device is updated with IPS policy details. On subsequent update from Security Director, you can see the new firewall policy CLIs, in preview, to attach IDP and the same can be updated to device.