[Next][Report an Error]

J-Web Quick Configuration

To configure antivirus protection using the J-Web configuration editor, you must first create your custom objects. (MIME Pattern List, Filename Extension List, URL Pattern List, and Custom URL Category List)

Configure a MIME Pattern List Custom Object as follows (see for overview information on MIME white lists):

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Custom Objects in the left pane.
  4. In the right pane, under MIME Pattern List, click the Add button to create MIME pattern lists. See Figure 61.

    Figure 61: Custom Object, Mime Pattern List, Quick Configuration

    Custom Object, Mime Pattern List,
Quick Configuration

  5. Next to MIME Name, enter a unique name for the list you are creating. Keep in mind that you are creating a MIME white list and a MIME exception list (if necessary). Both MIME lists appear in the MIME Whitelist and Exception MIME Whitelist fields when you configure antivirus. Therefore, the MIME list names you create should be as descriptive as possible.
  6. Under Values, in the box next to the Add button, enter the MIME pattern.
  7. Click the Add button to add your MIME pattern to the Values list box. Within this box, you can select an entry and use the up and down arrows to change the order of the list. You can also select an entry and use the X button to delete it from the list. Continue to add MIME patterns in this manner.
  8. Optionally, create a new MIME list to act as an exception list. The exception list is generally a subset of the main MIME list.
  9. Click the OK button to save the selected values as part of the MIME list you have created. See Figure 62. (This takes you back to the main configuration page.)

    Figure 62: Custom Object, MIME Pattern Configuration, Quick Configuration

    Custom Object, MIME Pattern Configuration,
Quick Configuration

  10. Under MIME Pattern List, select the check box beside the pattern list you created.
  11. Click Apply.

Configure a Filename Extension List Custom Object as follows (see ):

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Custom Objects in the left pane.
  4. In the right pane, under Filename Extension List, click the Add button to create a file extension list. See Figure 63.

    Figure 63: Custom Object, Filename Extension List, Quick Configuration

    Custom Object, Filename Extension
List, Quick Configuration

  5. Next to Extension Name, enter a unique name for the list you are creating. (This name appears in the Scan Option By Extension list when you configure an antivirus profile.)
  6. In the Default Filename Extension swap box, select one or more default values (press Shift to select multiple concurrent items or press Ctrl to select multiple separate items) and click the <- left arrow button to move the value or values to the Value box.
  7. Click the OK button to save the selected values as part of the extension list you have created. See Figure 64.

    Figure 64: Custom Object, Filename Extension Configuration, Quick Configuration

    Custom Object, Filename Extension
Configuration, Quick Configuration

  8. Under File Extension List, select the check box beside the extension list you created.
  9. Click Apply.

Configure a URL Pattern List Custom Object as follows:

Note: Because you use URL Pattern Lists to create Custom URL Category Lists, you must configure URL Pattern List Custom Objects before you configure a Custom URL Category List.

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Custom Objects in the left pane.
  4. In the right pane, under URL Pattern List, click the Add button to create a URL white list. See Figure 65.

    Figure 65: Custom Object, URL Pattern List, Quick Configuration

    Custom Object, URL Pattern List,
Quick Configuration

  5. Next to Category Name, enter a unique name for the list you are creating. This name appears in the Custom URL Category List Custom Object page for selection.
  6. Under Values, in the box next to the Add button, enter the URL or IP address you want added to list for bypassing scanning.

    Note: URL pattern wildcard support— The wildcard rule is as follows: \*\.[]\?* and you must precede all wildcard URLs with http://. You can only use “*” if it is at the beginning of the URL and is followed by a “.”. You can only use “?” at the end of the URL.

    The following wildcard syntax IS supported: http://*.juniper.net, http://www.juniper.ne?, http://www.juniper.n??. The following wildcard syntax is NOT supported: *.juniper.net , www.juniper.ne?, http://*juniper.net, http://*.

  7. Click the Add button to add your entry to the Values list box. Within this box, you can select an entry and use the up and down arrows to change the order of the list. You can also select an entry and use the X button to delete it from the list. Continue to add URLs or IP addresses in this manner.
  8. Click the OK button to save the selected values as part of the URL pattern list you have created. See Figure 66.

    Figure 66: Custom Object, URL Pattern Configuration, Quick Configuration

    Custom Object, URL Pattern Configuration,
Quick Configuration

  9. Under URL Category List, select the check box beside the URL pattern list you created.
  10. Click Apply.

Configure a Custom URL Category List Custom Object as follows: (See URL White List for overview information on URL white lists.)

Note: Because you use URL Pattern Lists to create Custom URL Category Lists, you must configure URL Pattern List Custom Objects before you configure a Custom URL Category List. URL Pattern List Custom Objects are described in the previous section.

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Custom Objects in the left pane.
  4. In the right pane, under Custom URL Category List, click the Add button to create a URL white list. See Figure 67.

    Figure 67: Custom Object, Custom URL Category List, Quick Configuration

    Custom Object, Custom URL Category
List, Quick Configuration

  5. Next to Category Name, enter a unique name for the list you are creating. This name appears in the URL Whitelist list when you configure an antivirus profile.
  6. Under Values, in the box next to the Add button, select a URL Pattern List name from the list for bypassing scanning.
  7. Click the Add button to add your entry to the Values list box. Within this box, you can select an entry and use the up and down arrows to change the order of the list. You can also select an entry and use the X button to delete it from the list. Continue to add URLs or IP addresses in this manner.
  8. Click the OK button to save the selected values as part of the custom URL list you have created. See Figure 68.

    Figure 68: Custom Object, Custom URL Category Configuration, Quick Configuration

    Custom Object, Custom URL Category
Configuration, Quick Configuration

  9. Under URL Category List, select the check box beside the extension list you created.
  10. Click Apply.

Now that your custom objects have been created, you can configure the antivirus feature profile.

  1. Select the Configuration tab at the top of the page.
  2. Select UTM in the left pane, under Quick Configuration, to expand the UTM category. Once UTM is expanded, Anti-Virus, Web Filtering, Anti-Spam, Content Filtering, and Custom Objects become available.
  3. Select Anti-Virus in the left pane.
  4. Next to MIME Whitelist, select the custom object you created from the list.
  5. Next to Exception MIME Whitelist, select the custom object you created from the list.
  6. Next to URL Whitelist, select the custom object you created from the list.
  7. Next to Type, select the type of engine you are using from the list. For full antivirus protection, you should select Kaspersky Lab Engine.
  8. Next to Pattern Update URL, enter the URL for the pattern database in the box. Note that the URL is http://update.juniper-updates.net/AV/SRX210 and you should not change it. See for more information.
  9. Next to Interval, enter the time interval for automatically updating the pattern database in the box. The default interval is 60. See for more information.
  10. Select the No Auto Update check box if you do not want the pattern file updated automatically.
  11. Next to Admin emails to be notified about pattern file update, enter the e-mail addresses of the administrators who should receive e-mail notifications when updates are made to the pattern file.
  12. Next to Custom message subject for notification, enter the text to appear in the subject line of the notification email. (The limit is 255 characters.)
  13. Next to Custom message for notification, enter the text to appear in the body of the notification e-mail.
  14. Click the Add button below the Profile Name table to create a profile for the Kaspersky Lab Engine. See Figure 69.

    Figure 69: Antivirus Full Configuration, Quick Configuration

    Antivirus Full Configuration, Quick
Configuration

  15. Next to Profile Name, enter a unique name in the box.
  16. Next to Trickling Timeout, enter timeout parameters. Note that trickling applies only to HTTP. HTTP trickling is a mechanism used to prevent the HTTP client or server from timing out during a file transfer or during antivirus scanning. See for overview details.
  17. Next to Intelligent Prescreening, select the check box to enable intelligent prescreening if you are using it. See for details. (Intelligent prescreening is only intended for use with non-encoded traffic. It is not applicable for mail protocols (SMTP, POP3, IMAP and HTTP POST).
  18. Next to Scan Option, select either the All option button if you are scanning all content or the By Extension option button if you are scanning by file extensions. If you select By Extension, you must select a Filename Extension List custom object from the accompanying list. See for overview information.
  19. Next to Content Size Limit, enter content size parameters. The content size check occurs before the scan request is sent. The content size refers to accumulated TCP payload size. See for details.
  20. Next to Timeout, enter scanning timeout parameters. See for overview details.
  21. Next to Decompress Layer Limit, enter decompression layer limit parameters. See for details.
  22. Next to Default (fallback option), select Log and Permit or Block from the list. (Note that in most cases, Block is the default fallback option.) See for a detailed overview of this feature and each fallback category.
  23. Next to Corrupt File (fallback option), select Log and Permit or Block from the list.
  24. Next to Password File (fallback option), select Log and Permit or Block from the list.
  25. Next to Decompress Layer (fallback option), select Log and Permit or Block from the list.
  26. Next to Content Size (fallback option), select Log and Permit or Block from the list.
  27. Next to Engine Not Ready (fallback option), select Log and Permit or Block from the list.
  28. Next to Timeout (fallback option), select Log and Permit or Block from the list.
  29. Next to Out Of Resources (fallback option), select Log and Permit or Block from the list.
  30. Next to Too Many Request (fallback option), select Log and Permit or Block from the list.
  31. Under Virus Detection, next to Type, select Protocol Only or Message from the list. Here you are selecting whether to send a specific protocol only message or not. See for overview information.
  32. Under Virus Detection, select the Notify Mail Sender check box to enable this notification.
  33. Under Virus Detection, next to Custom message subject, enter text to appear in the subject line of your custom message for this notification (if you are using a custom message).
  34. Under Virus Detection, next to Custom Message, enter text for the message body of your custom message for this notification (if you are using a custom message). See for overview information.
  35. Under Fallback Block, next to Type, select Protocol Only or Message from the list to select the type of notification that is sent when a fallback option of block is triggered.
  36. Under Fallback Block, select the Notify Mail Sender check box to enable this notification.
  37. Under Fallback Block, next to Custom message subject, enter text to appear in the subject line of your custom message for this notification (if you are using a custom message).
  38. Under Fallback Block, next to Custom Message, enter text for the message body of your custom message for this notification (if you are using a custom message).
  39. Under Fallback Non Block, select the Notify Mail Sender check box to enable this notification when a fallback option without a blocking action is triggered.
  40. Under Fallback Non Block, next to Custom message subject, enter text to appear in the subject line of your custom message for this notification (if you are using a custom message).
  41. Under Fallback Non Block, next to Custom Message, enter text for the message body of your custom message for this notification (if you are using a custom message).
  42. Click OK to return to the main Antivirus configuration page. See Figure 70.

    Figure 70: Antivirus Full Configuration, Quick Configuration

     Antivirus Full Configuration,
Quick Configuration

  43. Select the check box in the Profile Name table for the profile you are using.

    Note: You create a separate antivirus profile for each antivirus protocol. These profiles may basically contain the same configuration information, but when you are creating your UTM policy for an antivirus profile, the UTM policy configuration page provides separate antivirus profile selection fields for each supported protocol.

  44. Click Apply. See Figure 71.

    Figure 71: Antivirus Full Profile Selection, Quick Configuration

    Antivirus Full Profile Selection,
Quick Configuration

Next, you configure a UTM policy for antivirus to which you attach the antivirus profile you have configured.

  1. Select Security Policies > UTM Policies.
  2. Click Add.
  3. In the Policy Name box, enter a unique name for the UTM policy you are creating
  4. Under Anti-Virus, select a profile you have configured from the list for each protocol.
  5. In the Session Per Client Over Limit list, select one of the following: Log and Permit, Block. This is the action the device takes when the session per client limit for this UTM policy is exceeded.
  6. In the Session Per Client Limit box, enter a session per client limit from 0 to 20000 for this UTM policy.
  7. Click OK. This takes you back to the UTM Policies page.
  8. Select the check box in the UTM Policy table for the policy you are using.
  9. Click Apply.

Next, you attach the UTM policy to a security policy that you create.

  1. Select Security Policies > FW / VPN Policies.
  2. Next to Default Policy Action, select one of the following: Deny-All, Permit-All.
  3. Next to From Zone, select a zone from the list.
  4. Next to To Zone, select a zone from the list.
  5. Under Zone Direction, click Add a Policy.
  6. In the Policy Name box, enter a unique name for the security policy you are creating.
  7. Under Match Criterias, choose a Source Address. Do this by selecting an entry in the Source Address Book box and clicking the <— button to move it to the Matched box.
  8. Under Match Criterias, choose a Destination Address. Do this by selecting an entry in the Destination Address Book box and clicking the <— button to move it to the Matched box.
  9. Under Match Criterias, choose an Application or Applications. Do this by selecting junos-<protocol> (for all protocols that support antivirus scanning) in the Application Sets box and clicking the <— button to move them to the Matched box.
  10. Next to Policy Action, select one of the following: Permit, Deny, Reject.

    Note: When you select Permit for Policy Action, several additional fields become available, including UTM Policy.

  11. Next to UTM Policy, select the appropriate policy from the list. This attaches your UTM policy to the security policy.

    Note: There are several fields on this page that are not described in this section. See the Security Policies section for detailed information on configuring security policies and all the available fields.

  12. Click OK. This takes you back to the main Security Policies configuration page.
  13. Under Policies, select the check box beside the security policy you created.
  14. Click Apply.

[Next][Report an Error]