JNCIS-SEC [ Introduction to UTM ]

JNCIS-SEC exam has recently added UTM into its topic list  which I think makes the exam more difficult. I will try to summarize what I get from Junos Security Guide and present my configuration. Lets start with the first Introduction to UTM

Unified Thread Management (UTM) is used to describe the consolidation of several security features into one device.  Security features provided are;

1) Antispam
2) Full File-Based Antivirus: It provides file scanning for viruses against a virus signature database. It first collects packets and then reconstructs the application content (e.g an attachment) and scans the file. Kaspersky Lab provides the scanning engine.
3) Express Antivirus:  It is a less CPU intensive operation though it scans files against a signature database. Unlike full antivirus, it streams received data packages to the scan engine.  Virus scanning is handled by a hardware pattern matching engine and Juniper provides the scan engine.
4) Content Filtering: Blocking certain types of traffic based on MIME type, embedded objects etc.”
5) Web filtering: Preventing access to inappropriate content.  Three types of filtering available

a) Integrated web filtering
b) Redirect web filtering
c) Juniper Local Web Filtering

 TIP:  UTM requires 1GB memory because of which, you can’t use it in srx devices such as SRX-240B. B stands for BASE and it has 512M memory. You must have something like SRX-240H . H stands for HIGH and it has 1GB memory.

License management is done via the following operational command;

root@host> request system license ?
Possible completions:
  add                  Add license keys from file, local or from server
  delete               Delete license keys
  save                 Save license keys to file, local or to server
  update               Start autoupdate license keys from LMS servers

About: rtoodtoo

Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN // JNCIE-SEC #223 / RHCE / PCNSE


One thought on “JNCIS-SEC [ Introduction to UTM ]”

  1. Hello!
    Do you have any experience of how to setup a group of users for web filtering based on their RADIUS authentication?

    Thanks in front! You have really nice blog!

You have a feedback?

Discover more from RtoDto.net

Subscribe now to keep reading and get access to the full archive.

Continue reading