Full Antivirus Configuration Overview

When configuring antivirus protection, you must first create the antivirus custom objects you are using. Those custom objects may include the MIME pattern list, MIME exception list, and the filename extension list. Once you have created your custom objects, you can configure full antivirus protection, including intelligent prescreening, and content size limits.

To configure full file-based antivirus protection:

  1. Configure UTM custom objects for the UTM feature. The following example enables the mime-pattern, filename-extension, url-pattern, and custom-url-category custom-objects:

    user@host# set security utm custom-objects mime-patternuser@host# set security utm custom-objects filename-extensionuser@host# set security utm custom-objects url-patternuser@host# set security utm custom-objects custom-url-category

  2. Configure the main feature parameters using feature profiles. The following example enables options using the anti-virus feature profile:

    user@host# set security utm feature-profile anti-virus kaspersky-lab-engine pattern-updateuser@host# set security utm feature-profile anti-virus kaspersky-lab-engine profileuser@host# set security utm feature-profile anti-virus kaspersky-lab-engine profile fallback-optionsuser@host# set security utm feature-profile anti-virus kaspersky-lab-engine profile notification-optionsuser@host# set security utm feature-profile anti-virus kaspersky-lab-engine profile scan-optionsuser@host# set security utm feature-profile anti-virus kaspersky-lab-engine profile tricklinguser@host# set security utm feature-profile anti-virus mime-whitelistuser@host# set security utm feature-profile anti-virus url-whitelist

  3. Configure a UTM policy for each protocol and attach this policy to a profile. The following example configure the utmp2 UTM policy for the HTTP protocol:

    user@host# set security utm utm-policy utmp2 anti-virus http-profile http1

  4. Attach the UTM policy to a security policy. The following example attaches the utmp2 UTM policy to the p2 security policy:

    user@host# set security policies from-zone trust to-zone untrust policy p2 then permit application-services utm-policy utmp2

Related Topics

Junos OS Feature Support Reference for SRX Series and J Series Devices

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.