ngfw
Syntax
ngfw {
default-profile {
application-traffic-control {
rule-set rule-set;
}
ssl-proxy {
profile-name profile-name;
}
}
}
Hierarchy Level
[edit security], [edit security logical-systems logical-system-name]
Description
Specify a default profile to manage conflicts when a security policy lookup returns a list of policies before the final application is identified.
The initial policy lookup phase occurs prior to identifying a dynamic application. If there are multiple policies present in the potential policy list that contain different SSL proxy profiles, then the SRX Series Firewall applies the default profile until a more explicit match has occurred.
You can configure a default profile for an SSL proxy and for
an application quality of service (AppQoS) under the [edit security
ngfw] hierarchy level.
You can configure an SSL proxy profile under the [edit
services ssl proxy] hierarchy level, which can be applied as
the default SSL proxy profile under the [edit security ngfw] hierarchy level. Similarly, you can configure application traffic
rule sets under the [edit class-of-service] hierarchy level,
and apply the rule set under the [edit security ngfw] hierarchy
level as the default AppQoS rule set.
Options
| application-traffic-control | Specify the application traffic control rule as the default rule.
|
||
| ssl-proxy | Specify the SSL forward proxy profile or the SSL reverse proxy profile as the default profile.
|
Required Privilege Level
services—To view this statement in the configuration.
services-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 18.2R1