 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
Firewall filters allow you to control packets transiting the router to a network destination and packets destined for and sent by the router. You can configure firewall filters to control which data packets are accepted on and transmitted from the physical interfaces, and which local packets are transmitted from the physical interfaces and the Routing Engine. Firewall filters provide a means of protecting your router from excessive traffic. Firewall filters that control local packets can also protect your router from external aggressions, such as DoS attacks.
To protect the Routing Engine, you can configure a firewall filter only on the router’s loopback interface. Adding or modifying filters for each interface on the router is not necessary. You can design firewall filters to protect against ICMP and Transmission Control Protocol (TCP) connection request (SYN) floods and to rate-limit traffic being sent to the Routing Engine. For more information about firewall filters, see the JUNOS Policy Framework Configuration Guide.
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |