Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configure the Security Intelligence Policy on the SRX Series Device

    Define a policy for infected hosts.

    1. Define a profile:

      set services security-intelligence profile <profile_name> category Infected-Hosts

      Example: set services security-intelligence profile ih-profile category Infected-Hosts

    2. Define rules for the profile and set the action:

      set services security-intelligence profile <profile_name> rule <rule-name> match threat-level [threat level]

      set services security-intelligence profile <profile_name> rule <rule-name> match threat-level [action options]

      Note: Ten is the threat level category for infected hosts.

      Examples: set services security-intelligence profile ih-profile rule secintelrule1 match threat-level 10

      set services security-intelligence profile ih-profile rule secintelrule1 then action permit

    3. Define the security intelligence policy and link it with the profile:

      set services security-intelligence policy <policy-name> Infected-Hosts <profile_name>

      Example: set services security-intelligence policy secintelpolicy1 Infected-Hosts ih-profile

    4. Enable the security intelligence policy in the firewall policy:

      set security policies from-zone <source zone name> to-zone <destination zone name> policy <firewall policy name> then permit application-services security-intelligence-policy<SecIntel policy name>

      Example: set security policies from-zone source-zone1 to-zone dest-zone2 policy firewall-policy1 match source-address any

      set security policies from-zone source-zone1 to-zone dest-zone2 policy firewall-policy1 match destination-address any

      set security policies from-zone source-zone1 to-zone dest-zone2 policy firewall-policy1 match application any

      set security policies from-zone source-zone1 to-zone dest-zone2 policy firewall-policy1 then permit application-services securityintelligence-policy secintel-policy1

    Modified: 2017-10-10