Day One: Configuring Junos Policies and Firewall Filters

Pairing routing policy and firewall filters may, at first glance, seem like an odd combination for a routing book, after all, filters are for security and policy is about manipulating route attributes and readvertisement.

While route advertisement decisions can impact security, these two topics are more logically bundled into a single book because of the high degree of similarity in their Junos configuration syntax. Knowing one simply helps you learn the other, and given that both are critically important topics in modern IP networks, their synergy should not be ignored.

“Day One: Configuring Junos Policies and Firewall Filters” shows how the savvy network administrator can make unified and robust efficiencies using two similar tools from their Junos toolbox.

“Jack Parks provides clear, concise descriptions and configuration examples to illustrate basic concepts as well as complex examples that demystify policy and filter operations and capabilities that are not widely understood. This is your chance to finally understand why that nested firewall or Boolean grouped policy did not behave as you expected.”
- Harry Reynolds, Author, Senior Test Engineer, Juniper Networks

Sample Pages

Download Book

Day One books are a free download for our J-Net members*. If you’re not a J-Net member, create a user account now. It’s fast and there’s no commitment or spam. Once you’re a member you can come back and download any of the Day One books.

Download: J-Net Member
Download: Not a J-Net Member

* If you have an existing Juniper user account, you can use it to login to J-Net

About the Author(s)

Jack W. Parks, IV has worked since 1992 in almost every position known in the realm of IT. After serving eight years in the United States Air Force, Jack transitioned to the corporate world and worked in the large Enterprise and ISP market spaces. Most recently he has focused on Enterprise Routing and Switching, Service Provider Routing, MPLS, and VPNs. With a B.S. in Business Information Systems from John Brown University and several industry certifications, including CCIE #11685 & JNCIE-M #666, Jack is currently a Juniper Networks Systems Engineer based in Atlanta, Georgia.

Author Q & A

What got you started on this book?

I was looking for a new writing project that would help my customers learn and use Junos. Routing policy seemed like the perfect starting point. Policy is used with every routing protocol and in every network.

Who is this book for?

This book is for anyone who wants to learn Junos policy and firewall filters. There is a great section on policiers too. With all the research I had to do to develop the material, I'll probably keep this book on my desk as a reference.

After reading this book, what’s the take away?

I would hope the reader would better understand what the function of policy is and how to use it in their network. A little know-how with policy can take you far in Junos. The firewall and policier chapters take the reader into another type of policy, stateless firewall filters or ACLs.

What are you hoping that people will learn from this book?

Network devices communicate with each other using routing protocols. Controlling the flow of reachability information is crucial to the proper operation of the network. All of that control is accomplished through policy. I hope that people are better able to understand and create policy that is useful in their networks.

What do you recommend as the next item to read after this book?

I think I’m done with technology reading for the near future. Next on my reading list is the Game of Thrones.

What’s your inspiration?

Continued learning. Part of that process is writing about different topics so that I can master them in detail. Explaining technology to others will show you how weak you may be in a specific subject.

What’s your favorite bit/part in the book?

My favorite part of the book is Chapter 3 policy lab. Hands-on lab time beats reading text any day.