Security zone

Security Zone

Functional zone

Functional Zone

For information about the interfaces that are supported on your device, see the JUNOS Software Interfaces and Routing Configuration Guide.

Address books

Configuring Address Books

Policy application sets

Policy Application Sets Overview

Schedulers

Configuring Schedulers

Policy applications

Understanding Internet-Related Predefined Policy Applications

Internet Control Message Protocol (ICMP) predefined policy application

Understanding the ICMP Predefined Policy Application

Internet-related predefined policy applications

Understanding Internet-Related Predefined Policy Applications

Microsoft predefined policy applications

Understanding Microsoft Predefined Policy Applications

Dynamic routing protocols predefined policy applications

Understanding Dynamic Routing Protocols Predefined Policy Applications

Streaming video predefined policy applications

Understanding Streaming Video Predefined Policy Applications

Sun remote procedure protocol (RPC) predefined policy applications

Understanding Sun RPC Predefined Policy Applications

Security and tunnel predefined policy applications

Understanding Security and Tunnel Predefined Policy Applications

IP-related predefined policy applications

Understanding IP-Related Predefined Policy Applications

Instant messaging predefined policy applications

Understanding Instant Messaging Predefined Policy Applications

Management predefined policy applications

Understanding Management Predefined Policy Applications

Mail predefined policy applications

Understanding Mail Predefined Policy Applications

UNIX predefined policy applications

Understanding UNIX Predefined Policy Applications

Miscellaneous predefined policy applications

Understanding Miscellaneous Predefined Policy Applications

Custom policy Applications

Understanding Custom Policy Applications

Policy application timeouts

Understanding Policy Application Timeouts

Policy verification

Understanding Policy Ordering

Web authentication

Web Authentication

Pass-through authentication

Pass-Through Authentication

Local authentication server

Firewall User Authentication Overview

RADIUS authentication server

Firewall User Authentication Overview

LDAP authentication server

Firewall User Authentication Overview

SecurID authentication server

Understanding SecurID User Authentication

Bad IP option

Understanding Bad IP Option Protection

Block fragment traffic

Blocking Fragmented ICMP Packets

FIN flag without ACK flag set protection

Blocking Packets with FIN Flag/No ACK Flag Set

ICMP flood protection

Understanding ICMP Flood Attacks

ICMP fragment protection

Understanding ICMP Fragment Protection

Large size ICMP packet protection

Understanding Large ICMP Packet Protection

Loose source route option

Blocking Packets with Either a Loose or Strict Source Route Option Set

IP record route option

SCREEN Options for Detecting IP Options Used For Reconnaissance

IP security option

SCREEN Options for Detecting IP Options Used For Reconnaissance

IP address spoof

Blocking IP Spoofing

IP stream option

SCREEN Options for Detecting IP Options Used For Reconnaissance

IP strict source route option

Blocking Packets with Either a Loose or Strict Source Route Option Set

IP address sweep

Understanding IP Address Sweeps

IP timestamp option

SCREEN Options for Detecting IP Options Used For Reconnaissance

Land attack protection

Understanding Land Attacks

Ping of death attack protection

Understanding Ping of Death Attacks

Port scan

Understanding Port Scanning

Source IP based session limit

Understanding Session Table Flood Attacks

SYN-ACK-ACK proxy protection

Understanding SYN-ACK-ACK Proxy Flood Attacks

SYN and FIN flags set protection

Blocking Packets with SYN and FIN Flags Set

SYN flood protection

Understanding SYN Flood Attacks

SYN fragment protection

Understanding SYN Fragment Protection

Teardrop attack protection

Understanding Teardrop Attacks

TCP packet without flag set protection

Blocking Packets with No Flags Set

Unknown protocol protection

Understanding Unknown Protocol Protection

UDP flood protection

Understanding UDP Flood Attacks

WinNuke attack protection

Understanding WinNuke Attacks

Destination IP address translation

Destination IP Address Translation Overview

Static Network Address Translation (NAT)

Example: Configuring Static NAT on SRX-series Services Gateways

Policy-based NAT

Understanding NAT-Dst Policy-Based NAT on J-series Services Routers

Source IP address translation

Source IP Address Translation Overview

NAT interface source pools

Understanding NAT Interface Source Pools

Chassis cluster formation

Understanding Chassis Cluster Formation

Active/active chassis cluster (that is, cross-box data forwarding over the fabric interface)

Understanding Chassis Cluster Formation

Redundancy group 0 (backup for Routing Engine)

Redundancy Group 0: Routing Engines

Redundancy groups 1 through 255

Redundancy Groups 1 Through 255

Redundant Ethernet interfaces

Understanding Redundant Ethernet Interfaces

Control plane failover

Understanding the Control Plane

Data plane failover

Understanding the Data Plane

All JUNOS flow-based routing functionality

JUNOS Software Interfaces and Routing Configuration Guide

Policy-based and route-based VPNs

Virtual Private Networks (VPNs)

Tunnel mode

Understanding IPsec Operational Modes

Authentication Header (AH) protocol

Understanding IPsec Security Protocols

Encapsulating Security Payload (ESP) protocol

Understanding IPsec Security Protocols

IKE phase 1

Understanding IPsec Tunnel Negotiation

IKE phase 2

Understanding IPsec Tunnel Negotiation

Manual key management

Understanding IPsec Key Management

Autokey management

Understanding IPsec Key Management

Antireplay (packet replay attack prevention)

Replay Protection

Dead peer detection (DPD)

Configuring an IKE Gateway and Peer Authentication

Internet Key Exchange (IKE) support

Internet Key Exchange

Entrust, Microsoft, and Verisign certificate authorities (CAs)

Understanding Certificates

Automated certificate enrollment using Simple Certificate Enrollment Protocol (SCEP)

Using Digital Certificates

Automatic generation of self-signed certificates

Understanding Self-Signed Certificates

Distinguished Encoding Rules (DER), Privacy-Enhanced Mail (PEM), Public-Key Cryptography Standard 7 (PKCS7), and X509 certificate encoding

Manually Loading a CRL onto the Device

Manual installation of DER-encoded and PEM-encoded CRLs

Manually Loading a CRL onto the Device

Online certificate revocation list (CRL) retrieval through LDAP and HTTP

PKI Management and Implementation

CRL update at user-specified interval

Understanding Certificate Revocation Lists

FTP Application Layer Gateway (ALG)

Configuring Application Layer Gateways—Quick Configuration

Trivial File Transfer Protocol (TFTP) ALG

Configuring Application Layer Gateways—Quick Configuration

H.323 ALG

Understanding the H.323 ALG

Media Gateway Control Protocol (MGCP) ALG

Understanding the MGCP ALG

Point-to-Point Tunneling Protocol (PPTP) ALG

Configuring Application Layer Gateways—Quick Configuration

REAL ALG

Table 72

Remote procedure call (RPC) ALG

Understanding the RPC ALG

Remote shell (RSH) ALG

Configuring Application Layer Gateways—Quick Configuration

Real-Time Streaming Protocol (RTSP) ALG

Configuring Application Layer Gateways—Quick Configuration

Skinny Call Control Protocol (SCCP) ALG

Understanding the SCCP ALG

Session Initiation Protocol (SIP) ALG

Understanding the SIP ALG

Structured Query Language (SQL) ALG

Configuring Application Layer Gateways—Quick Configuration

TALK ALG

Configuring Application Layer Gateways—Quick Configuration

Netscreen Remote VPN client

NetScreen-Remote VPN Client