Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

application-services (Security Policies)

 

Syntax

Hierarchy Level

Release Information

Statement modified in Junos OS Release 11.1. The web-proxy option is introduced in Junos OS Release 19.2R1.

Description

Enable application services within a security policy. You can enable service such as application firewall, IDP, UTM, SSL proxy, and so on by specifying them in a security policy permit action, when the traffic matches the policy rule.

Options

advanced-anti-malware-policySpecify advanced-anti-malware policy name.
application-firewallSpecify the rule sets configured as part of application firewall to be applied to the permitted traffic.
application-traffic-controlSpecify the rule sets configured as part of AppQoS, application-aware quality of service, to be applied to the permitted traffic.
gprs-gtp-profileSpecify GPRS tunneling protocol profile name.
gprs-sctp-profileSpecify GPRS stream control protocol profile name.
idpApply Intrusion detection and prevention (IDP) as application services.
redirect-wxSpecify the WX redirection needed for the packets that arrive from the LAN.
reverse-redirect-wxSpecify the WX redirection needed for the reverse flow of the packets that arrive from the WAN.
security-intelligence-policySpecify security-intelligence policy name.
uac-policy Enable Unified Access Control (UAC) for the security policy. This statement is required when you are configuring the SRX Series device to act as a Junos OS Enforcer in a UAC deployment.
captive-portal captive-portalSpecify the preconfigured security policy for captive portal on the Junos OS Enforcer to enable the captive portal feature. The captive portal policy is configured as part of the UAC policy. By configuring the captive portal feature, you can redirect traffic destined for protected resources to the IC Series device or to the URL you configure on the Junos OS Enforcer.
utm-policy utm-policySpecify UTM policy name. The UTM policy configured for antivirus, antispam, content-filtering, traffic-options, and Web-filtering protocols is attached to the security policy to be applied to the permitted traffic.
web-proxy profile-nameSpecify secure Web proxy profile name. The secure Web proxy profile is configured with dynamic application and external proxy server details. This profile is attached to the security policy and applied on the permitted traffic.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Related Documentation