Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Step 2: Up and Running

 

Enable the Juniper Networks Default Avira Antivirus Profile

As an introduction to using the UTM solution, let’s enable a simple UTM feature, Avira antivirus. In this example, we show you how to enable a preconfigured default Avira antivirus profile. When you enable the default Avira antivirus profile, you don’t have to configure additional parameters. Instead, you create a UTM policy with default antivirus profiles for all protocols, and apply the UTM policy in a security policy for the permitted traffic.

Here’s an example of how an SRX device interacts with Avira antivirus in a typical enterprise network.

Before You Begin

  • Verify that you have a Juniper Networks Avira Antivirus license and that it’s enabled on the SRX Series device. For more information on how to verify which licenses are activated on an SRX device, see Software Feature Licenses for SRX Series Devices.

  • Install your SRX Series devices with Junos OS Release 18.4R1 or later.

We’ve tested this example using an SRX1500 device with Junos OS Release 18.4R1.

Configure the SRX to Use the Default Avira Antivirus Profile

  1. Enable the Avira antivirus scan engine on your SRX Series device.
    user@host# set security utm default-configuration anti-virus type avira-engine
  2. Reboot the SRX Series device so the new scan engine can take effect.
  3. Set the default antivirus profile for HTTP, FTP, SMTP, POP3, and IMAP protocols.
    [edit]
    user@host# set security utm default-configuration anti-virus type avira
    user@host# set security utm utm-policy P1 anti-virus http-profile junos-av-defaults
    user@host# set security utm utm-policy P1 anti-virus ftp upload-profile junos-av-defaults
    user@host# set security utm utm-policy P1 anti-virus ftp download-profile junos-av-defaults
    user@host# set security utm utm-policy P1 anti-virus smtp-profile junos-av-defaults
    user@host# set security utm utm-policy P1 anti-virus pop3-profile junos-av-defaults
    user@host# set security utm utm-policy P1 anti-virus imap-profile junos-av-defaults
  4. Apply the UTM policy to the security policy.
    [edit]
    user@host# set security policies from-zone trust to-zone untrust policy POLICY-1 match source-address any
    user@host# set security policies from-zone trust to-zone untrust policy POLICY-1 match destination-address any
    user@host# set security policies from-zone trust to-zone untrust policy POLICY-1 match application any
    user@host# set security policies from-zone trust to-zone untrust policy POLICY-1 then permit application-services utm-policy P1
  5. Commit the configuration.
    [edit]
    user@host# commit

You can also watch the video Avira Antivirus Solution on SRX Series Devices to understand how to install and use Avira antivirus on your SRX Series devices.

Validate Avira Antivirus on the SRX

Here’s a safe way to verify that the Avira antivirus solution is working on an SRX device:

  1. Access the EICAR website.

    https://eicar.org.

  2. Download the Anti-malware test file.
  3. Follow the instructions on the screen.

    When you try to download an unsafe file, your device will display an error message. The message indicates that your device has blocked malicious content.