Understanding Firewall Policy Profiles
When a firewall policy profile is created, Security Director
creates an object in the Security Director
database that represents the firewall policy profile. You can use
this object in the security policies.
The following are the Juniper Networks predefined firewall policy
profiles:
- All Logging Enabled—All logging options are enabled.
Logging is enabled at session initiation and at the close of the session.
- All Logging Disabled—All logging options are disabled.
- Log Session Close—Logging of events is enabled when
sessions are closed.
- Log Session Init—Logging of events is enabled when
sessions are created.
Note: You cannot modify or delete Juniper Networks predefined
firewall policy profiles. You can only clone them and create new firewall
policy profiles.
You can create an object, which defines the user defined policy
profiles for the following settings:
- Log options:
- Log at session initiation
- Log at the close of a session
- Enable counting for the number of packets, bytes, and
sessions that enter the firewall for a given policy
- Alarm threshold options
- Firewall authentication advance settings:
- Service offload
- Pass-through authentication
- Web authentication
- User firewall authentication
- Infranet authentication
- Traffic redirection options:
- No traffic redirection
- Redirect WX—WX redirection for packets that arrive
from the LAN
- Reverse Redirect WX—WX redirection for the reverse
flow of packets that arrive from the WAN
- TCP-SYN Check and TCP Sequence Check—TCP session
options for firewall policy profile
Related Documentation
Help us to improve. Rate this article.
Feedback Received. Thank You!