Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

View Security Policy Version Details

To view the details of the security policy versions:

  1. Click Security > Security Policies.
    The Security Policies page is displayed.
  2. Select the security policy and click More > Manage Policy Versions.

    The Manage Version page is displayed.

  3. Select the security policy version to view and click View Details.

    Table 1 explains the fields on the Version Details page.

    Table 1: Policy Version Detail Fields

    Field

    Description

    Version Details
    Policy Version The versions of the security policy in descending order.
    Created By The e-mail address of the user who created the security policy version.
    Created On The date and time when the security policy version was created.
    Policy Details
    Name

    The name of the security policy.

    Rules The number of rules associated with the security policy.
    Description The description of the security policy.
    Rules

    Seq

    The sequence number of the security policy rule.

    The security policy lookup is performed in the sequence that the policies are configured. The first policy that matches the traffic is used.

    Rule Name

    The name of the security policy rule.

    Sources

    The source endpoint to which a security policy rule applies.

    A source endpoint consists of zones, addresses, and identities.

    Destinations

    The destination endpoint to which a security policy rule applies.

    A destination endpoint can be zones, addresses, and URL categories.

    Applications/Services

    The applications and services associated with the security policy.

    Action

    The action that applies to all traffic that matches the specified criteria.

    • Permit—Devices permit traffic using the type of security authentication applied to the security policy.
    • Deny—Devices silently drop all packets for the session and do not send any active control messages such as TCP resets or ICMP unreachable.
    • Reject—Devices send a TCP reset message if the protocol is TCP. Devices send an ICMP reset if the protocols are UDP, ICMP, or any other IP protocol. This option is useful when dealing with trusted resources so that applications do not waste time waiting for timeouts and instead get the active message.
    • Redirect—Devices redirect traffic to the configured redirect URL or display a custom message when HTTP requests are blocked.

    • Tunnel—Devices permit traffic using the type of VPN tunneling options applied to the policy.

    Security Services

    The security subscription profiles that are applied to a security policy rule. Hover your cursor over the highlighted advanced security options to view the details.

    • IPS—The IPS profile to monitor and prevent intrusions.

    • Content Security—The Content Security profile for protection against multiple threat types, such as spam and malware, and control access to unapproved websites and content.

      To choose the Juniper NextGen Content Security profile, your device needs to have Junos OS version 23.3R1 or later.

    • Decrypt profile—The decrypt profile to encrypt and decrypt the SSL connection between the client and the server to obtain granular application information. The profile enables you to apply advanced security subscriptions protection and detect threats.

    • Flow-based AV—The flow-based antivirus profile to scan packets in the payload content for threats in real-time and block the content if a threat is detected.

    • Anti-malware profile—The anti-malware profile to define which files to send to the ATP Cloud for inspection and the action to be taken when malware is detected.

    • SecIntel profile group—The SecIntel profile group to add SecIntel profiles, such as C&C, DNS, and infected hosts.

    Options

    The scheduling, logging, and rule options applicable to the security policy rule.