application-firewall (Application Services)
Syntax
application-firewall {
rule-set rule-set-name;
}
Hierarchy Level
[edit security policies from-zone zone-name to-zone zone-name policy policy-name then permit application-services]
Description
Specify the rule sets configured as part of application firewall to be applied to permitted traffic in a security policy.
The application firewall is defined by a collection of rule sets. You can implement an application firewall by defining one or more application firewall rule sets and creating rules for each rule set that permit, reject, or deny traffic based on the application ID. These rule sets can be defined independently and shared across network security policies. Then you configure a security policy to invoke the application firewall service and specify the rule set to be applied to permitted traffic.
Starting in Junos OS Release 18.2R1, the application firewall
(AppFW) functionality is deprecated. As a part of this change, the [edit security application-firewall] hierarchy and all the
configuration options under this hierarchy are deprecated— rather
than immediately removed—to provide backward compatibility and
an opportunity to bring your configuration into compliance with the
new configuration.
Options
rule-set rule-set-name—Name of the rule set that contains
application firewall specification rules.
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 11.1.