Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

application-services (Security Policies)

Syntax

Hierarchy Level

Description

Enable application services within a security policy. You can enable service such as application firewall, IDP, Content Security, SSL proxy, and so on by specifying them in a security policy permit action, when the traffic matches the policy rule.

Options

advanced-anti-malware-policy

Specify advanced-anti-malware policy name.

application-firewall

Specify the rule sets configured as part of application firewall to be applied to the permitted traffic.

application-traffic-control

Specify the rule sets configured as part of AppQoS, application-aware quality of service, to be applied to the permitted traffic.

casb-policy

Specify CASB policy name.

gprs-gtp-profile

Specify GPRS tunneling protocol profile name.

gprs-sctp-profile

Specify GPRS stream control protocol profile name.

idp

Apply Intrusion detection and prevention (IDP) as application services.

redirect-wx

Specify the WX redirection needed for the packets that arrive from the LAN.

reverse-redirect-wx

Specify the WX redirection needed for the reverse flow of the packets that arrive from the WAN.

security-intelligence-policy

Specify security-intelligence policy name.

security-intelligence

Specify the security intelligence feed post action. The following feeds are supported:

  • add-destination-identity-to-feed
  • add-destination-ip-to-feed
  • add-source-identity-to-feed
  • add-source-ip-to-feed
security-metadata-streaming-policy Enable metadata streaming of the traffic permitted by the security policy.
uac-policy

Enable Unified Access Control (UAC) for the security policy. This statement is required when you are configuring the SRX Series Firewall to act as a Junos OS Enforcer in a UAC deployment.

captive-portal captive-portal

Specify the preconfigured security policy for captive portal on the Junos OS Enforcer to enable the captive portal feature. The captive portal policy is configured as part of the UAC policy. By configuring the captive portal feature, you can redirect traffic destined for protected resources to the IC Series device or to the URL you configure on the Junos OS Enforcer.

Content Security-policy Content Security-policy

Specify Content Security policy name. The Content Security policy configured for antivirus, antispam, content-filtering, traffic-options, and Web-filtering protocols is attached to the security policy to be applied to the permitted traffic.

web-proxy profile-name

Specify secure Web proxy profile name. The secure Web proxy profile is configured with dynamic application and external proxy server details. This profile is attached to the security policy and applied on the permitted traffic.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement modified in Junos OS Release 11.1.