Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Device Security

  • Support for security feeds (AAMW, DNS, ETI, and SecIntel) (cSRX)—Starting in Junos OS Release 23.2R1, cSRX can receive threat feeds and intelligence such as advanced anti-malware (AAMW), Domain Name System (DNS), Encrypted Traffic Insights (ETI), and Security Intelligence (SecIntel) from the policy enforcer.

    To enable profile inspection, you assign an AAMW profile and a SecIntel profile group to security policies . After the feeds are generated, you can use the feeds as dynamic address entries against which you match designated traffic and perform policy actions.

    [See Juniper Advanced Threat Prevention Cloud (ATP Cloud) and Security Policies User Guide for Security Devices.]

  • Explicit proxy support (cSRX)—Starting in Junos OS Release 23.2R1, cSRX supports explicit proxy for remote users and mobile users. Explicit proxy acts as a secure web gateway between the client and actual destination server. Additionally, explicit proxy manages the session between a client to cSRX and from cSRX to the actual server. You must use an explicit proxy if you use proxy auto-configuration (PAC) on your end users’ endpoints.

    Explicit web-proxy on cSRX does not listen to Junos events related to the physical interface (IFD), logical interface (IFL), interface family (IFF), or interface address (IFA). Therefore, cSRX cannot determine whether the interface is up or down.

    [See Understanding Explicit Proxy and Downloading the Junos OS IDP Signature Package through an Explicit Proxy Server Overview.]

  • Policy support for explicit proxy (cSRX)—Starting in Junos OS Release 23.2R1, cSRX supports security policy configuration for explicit proxy.

    [See Understanding Explicit Proxy and Downloading the Junos OS IDP Signature Package through an Explicit Proxy Server Overview.]