Junos OS Features Supported in cSRX for Contrail HBF
cSRX Container Firewall provides Layer 4 through 7 secure services for a Contrail HBF in a containerized environment.Table 1 provides a high-level summary of the security features supported on cSRX.
To determine the Junos OS features supported on cSRX, use the Juniper Networks Feature Explorer, a Web-based application that helps you to explore and compare Junos OS feature information to find the right software release and hardware platform for your network. See Feature Explorer.
Security Features |
Considerations |
---|---|
Application Tracking (AppTrack) |
|
Application Firewall (AppFW) |
|
Application Identification (AppID) |
|
Basic Firewall Policy |
|
Brute force attack mitigation |
|
DoS/DDoS protection |
|
Intrusion Prevention System (IPS) |
For SRX Series IPS configuration details, see: Understanding Intrusion Detection and Prevention for SRX Series |
IPv4 |
|
Interfaces |
Supports two revenue (ge) interfaces. Out-of-band management Interface (eth0 In-band interfaces (ge-0/0/0 to ge-0/0/1) |
Jumbo Frames |
|
SYN cookie protection |
|
Malformed packet protection |
|
Routing |
Supports secure-wire mode forwarding only. |
Content Security |
Includes support for all Content Security functionality on the cSRX platform, such as:
For SRX Series Content Security configuration details, see: Unified Threat Management Overview For SRX Series Content Security antispam configuration details, see: |
User Firewall |
Includes support for all user firewall functionality on the cSRX platform, such as:
For SRX Series user firewall configuration details, see: |
Zones and Zone based IP spoofing |