Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Unified Threat Management (UTM)

  • Support for content filtering based on file content (cSRX)—Starting in Junos OS Release 23.2R1, Content Security performs content filtering to determine the file type, based on the file content. Content security analyzes the file to accurately determine the file type.

    This feature replaces the legacy content filtering based on MIME type, content type, and protocol commands.

    You can define the content filtering rule-set and rules from the [edit security utm utm-policy <utm-policy-name> content-filtering] hierarchy and use these rules from the [edit security utm default-configuration content-filtering] hierarchy for controlling the traffic direction.

    The existing show security utm content-filtering statistics command is enhanced to display the content filtering system statistics and errors.

    [See Content Filtering, content-filtering (Security UTM Policy), utm, and utm default-configurationshow security utm content-filtering statistics.]

  • Support for Cache Preload for EWF (cSRX, SRX1500, SRX4100, SRX4200, SRX4600, SRX5400, SRX5600, SRX5800, and vSRX3.0)—Starting in Junos OS Release 23.2R1, we support preloading of cache with the top-rated, frequently visited URL list along with the classification information at the system startup stage. This feature is useful if your Internet connect is slow and you experience high latency while accessing the Web due to the remote categorization service.

    Because the Web-filter policy decision is based on the URL category information that is preloaded in the cache, you do not experience a lag even when you make the first request.

    See [Enhanced Web Filtering]

  • Support for intelligent Web filtering profile selection (cSRX, SRX1500, SRX4100, SRX4200, SRX4600, SRX5400, SRX5600, SRX5800, and vSRX3.0)—Starting in Junos OS Release 23.2R1, dynamic app information from Juniper Networks Deep Packet Inspection (JDPI) is used to retrieve policy information before the final policy match occurs. The Web filter profile is updated again after the final policy selection, based on the final application match.

    The Content Security profile that is retrieved based on the dynamic app information is more accurate than applying the default profile, which was the earlier approach.

    [See See Web Filtering]