Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Create a Content Security Profile

Use the Create Content Security Profiles page to configure content security profiles. Content security consolidates several security features to protect against multiple threat types. The Create Content Security Profiles wizard provides step-by-step procedures to create a content security profile. You can configure antispam, antivirus, Web filtering, and content filtering profiles by launching the respective wizards from the wizard.

To create a content security profile:

  1. Select SRX > Security Subscriptions > Content Security > Content Security.

    The Content Security Profiles page appears.

  2. Click the add icon (+) to create a new content security profile.

    The Create Content Security Profiles wizard appears, displaying brief instructions about creating a content security profile.

  3. Complete the configuration according to the guidelines provided in Table 1.
    Note:

    Fields marked with * are mandatory.
  4. Click Finish.

    A content security profile is created. You are returned to the content security Profiles page where a confirmation message is displayed. After you create a content security profile, you can assign it to a firewall policy rule on the Security Policy page.

Table 1: Content Security Profile Settings

Setting

Guideline

General Information

Name

Enter a unique name for the content security profile. The maximum length is 29 characters.

Description

Enter a description for the content security profile. The maximum length is 255 characters.

Traffic Options

Note:

In an attempt to consume all available resources, a malicious user might generate a large amount of traffic all at once. To prevent such activity from succeeding, you can impose traffic options.

Connection Limit per Client

Specify the connection limit per client for client connections on the device. The default is 2000 and a value of 0 means that there is no connection limit.

Action when connection limit is reached

Specify the action that must be taken when the connection limit is reached. The available actions are No action (default), Log and permit, and Block.

Click Next to continue.

Web Filtering Profiles by Traffic Protocol

HTTP

Select the Web filtering profile to be applied for HTTP traffic.

Note:

To select Juniper NextGen Web filtering profile, you must have Junos OS version 23.4R1 or later installed.

Alternatively, click Create Another Profile to create a Web filtering profile. The Create Web Filtering Profiles wizard appears. See Create a Web Filtering Profile for an explanation of the fields on this wizard.

Click Back to go the preceding step or click Next to go to the next step.

Antivirus Profiles by Traffic Protocol

Apply to all protocols

Click the toggle button to enable a single antivirus profile to all traffic protocols and then specify the profile in the Default Profile field.

If you disable the toggle button, which is the default, you can specify antivirus profiles for each traffic type .

Default Profile

Select the antivirus profile to be applied to all traffic protocols.

Click Back to go the preceding step or click Next to go to the next step.
Note:

Click Create Another Profile to create an antivirus profile that you can then assign. The Create Antivirus Profiles wizard appears. See Create an Antivirus Profile for an explanation of the fields on this wizard.

HTTP

Select the antivirus profile to be applied to HTTP traffic.

FTP Upload

Select the antivirus profile to be applied to FTP upload traffic.

FTP Download

Select the antivirus profile to be applied to FTP download traffic.

IMAP

Select the antivirus profile to be applied to IMAP traffic.

SMTP

Select the antivirus profile to be applied to SMTP traffic.

POP3

Select the antivirus profile to be applied to POP3 traffic.

Click Back to go the preceding step or click Next to go to the next step.

Antispam Profiles by Traffic Protocol

SMTP

Select the antispam profile to be applied for SMTP traffic.

Alternatively, click Create Another Profile to create an antispam profile. The Create Antispam Profiles wizard appears. See Create an Antispam Profile for an explanation of the fields on this wizard.

Click Back to go the preceding step or click Next to go to the next step.

Content Filtering Profiles by Traffic Protocol

Apply to all protocols

Click the toggle button to apply a single content filtering profile to all traffic protocols and then specify the profile in the Default Profile field.

If you disable this toggle button, which is the default, you can specify antivirus profiles for each traffic type.

Default Profile

Select the content filtering profile to be applied to all traffic protocols.

Click Back to go the preceding step or click Next to go to the next step.
Note:

Click Create Another Profile to create a content filtering profile that you can then assign. The Create Content Filtering Profiles wizard appears. See Create a Content Filtering Profile for an explanation of the fields on this wizard.

HTTP

Select the content filtering profile to be applied to HTTP traffic.

FTP Upload

Select the content filtering profile to be applied to FTP upload traffic.

FTP Download

Select the content filtering profile to be applied to FTP download traffic.

IMAP

Select the content filtering profile to be applied to IMAP traffic.

SMTP

Select the content filtering profile to be applied to SMTP traffic.

POP3

Select the content filtering profile to be applied to POP3 traffic.

Click Back to go the preceding step.
Content Filtering (New)
Content Filtering Profile Select the content filtering policy to be applied for devices running Junos OS Release 21.4 or later.