Security Services Administration Guide
The Junos operating system (Junos OS) supports the IP Security (IPsec) associations and the Internet Key Exchange (IKE) security services features. The IPsec suite provides network layer data security with functions such as authentication of origin, data integrity, confidentiality, replay protection, and non-repudiation of source. IKE defines mechanisms for key generation and exchange and manages security associations (SAs). An SA is a simplex connection that allows two hosts to communicate with each other securely by means of IPsec.
Junos OS Distributed Denial-of-Service (DDoS) protection identifies and suppresses malicious control packets while enabling legitimate control traffic to be processed. This protection enables the router to continue functioning while under attack from multiple sources. Junos OS DDoS protection provides a single point of protection management that enables network administrators to customize a profile appropriate for the control traffic on their networks.
Use the topics in this section to configure essential security services.