Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?




Hierarchy Level


Specify the number of application firewall rule configurations that a primary administrator can configure for a primary logical system or user logical system, when the security profile is bound to the logical systems and tenant systems.

Tasks performed by the primary administrator are:

  • Uses security profiles to provision logical systems with resources.

  • Binds security profiles to the primary logical system and the user logical systems.

  • Configures more than one security profile, and allocating different numbers of resources in various profiles.

Only the primary administrator can create security profiles and bind them to logical systems.


  • maximum amount—A maximum allowed quota. If a logical system requires more of a resource than its reserved amount allows, it can use resources configured for the global maximum amount if they are available—that is, if they are not allocated to other logical systems. The maximum allowed quota specifies the portion of the free global resources that the logical system can use. The maximum allowed quota does not guarantee that the amount specified for the resource in the security profile is available. Logical systems compete for global resources.

  • reserved amount—A reserved quota that guarantees that the resource amount specified is always available to the logical system.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 11.4.

The edit tenant tenant-name security application-firewall level is introduced in Junos OS Release 18.4R1.