policy (Security)

Syntax

policy policy-name {match {application [ application-name-or-set ];destination-address { address-name ;}source-address { address-name ; }}scheduler-name scheduler-name ;then {count {alarm {per-minute-threshold number; per-second-threshold number ;}}(deny | reject);permit {application-services (redirect-wx | reverse-redirect-wx);destination-address {drop-translated;drop-untranslated;}destination-nat destination-name ;firewall-authentication {pass-through {access-profile profile-name ;client-match match-name ;web-redirect;}web-authentication {client-match user-or-group ;}}source-nat (pool pool-name | pool-set pool-set-name | interface);tunnel {ipsec-group-vpn group-vpn;ipsec-vpn vpn-name ;pair-policy pair-policy ;}}log {session-close;session-init;}}}

Hierarchy Level

[edit security policies from-zone zone-name to-zone zone-name ]

Release Information

Statement introduced in Release 8.5 of Junos OS.

Description

Define a security policy.

Options

policy-name —Name of the security policy.

The remaining statements are explained separately.

Usage Guidelines

For configuration instructions and examples, see the Junos OS Security Configuration Guide.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.