Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Planning Services for Custom Firewall Exceptions

    Typically, you use custom exceptions to provide bandwidth management as well as firewall exceptions. Using custom exceptions that do both simplifies the way you integrate BoD and firewall services. For example, you can create custom exceptions to police traffic or to assign a traffic class to the traffic and to specify firewall behavior.

    See examples of services for custom exceptions in the sample data:

    • l=Limit1Mbs, l=entJunosStatelessFW, o=Scopes, o=umc
    • l=Limit2Mbs, l=entJunosStatelessFW, o=Scopes, o=umc
    • l=Limit5kbs, l=entJunosStatelessFW, o=Scopes, o=umc

    The sample services and the associated policies are designed for a subscriber–facing interface on a provider edge device. When you create policies, policy direction (input or output) can map to incoming or outgoing traffic depending on whether the SRC-managed interface is a subscriber–facing interface on a service provider edge device, or a service–provider facing interface on the customer edge device in an enterprise. When you configure policies for services designed for use through the Enterprise Management Portal, you typically assume that:

    • Source IP addresses and ports are inside an enterprise
    • Destination IP addresses and ports are outside an enterprise

    Modified: 2012-12-12