Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


match (Security Policies Global)


Hierarchy Level


Configure security global policy match criteria.


We recommend that, for security reasons and to avoid spoofing traffic, when you create a multizone policy you use identical matching criteria (source address, destination address, application) and an identical action. For more information see Global Policy Overview.


The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement modified in Junos OS Release 8.5. Statement updated with source-identity option in Junos OS Release 12.1. Statement updated with to-zone and from-zone options in Junos OS Release 12.1X47-D10.

Statement updated with source-identity-feed and destination-identity-feed options in Junos OS Release 21.1R1.