Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Create a DNS Security and ETI Policy

You can create a DNS security and ETI policy using the DNS security and ETI profile.

  1. Select Configure > Firewall Policy > DNS Security & ETI Policy.

    The DNS Security & ETI Policy page is displayed.

  2. Click the + icon.

    The Create DNS Security & ETI Policy page is displayed.

  3. Configure the values according to the guidelines provided in Table 1.
  4. Click OK.
Table 1: Create a DNS Security & ETI Policy




Enter a name for the DNS Security policy. The name must be a unique string of alphanumeric and special characters; 63-character maximum. Special characters such as < and > are not allowed.

Device Association

Click Select to assign devices to the DNS Security and ETI Policy. Select the devices from the Available column and move them to the Selected column.

Source Zone

The source zone is where the originating traffic for your connection is coming from. This zone is tied to your interface. If you can determine the interface from where the traffic is processed, you can determine the source zone of the traffic.

Destination Zone

The destination zone indicates the zone from where traffic exits the Juniper firewall. You can determine this zone by identifying the interface that the traffic exits after routing. The interface that traffic exits is bound to a zone, and that zone is the destination zone.

DNS Security & ETI Profile*

Select a DNS Security & ETI profile.