ScreenOS fetching defaults

Although I am not that familiar with ScreenOS, it is worth of mentioning this hidden command I have found. It is a handy command fetching system defaults such as max number of addresses etc. host-> get sys-cfg acl rule mem size number: 16384 ADSL Sub-if limit number: 0 alarm glog number: 128 def apppry scheduler
Read More »

routing instances and rib-groups

Here is a short routing instance and rib-group configuration. I assume you have configured routing instance named “untrust” Configure routing instance root@host# show routing-instances untrust {     instance-type virtual-router;     interface ge-0/0/1.0; } Display Routes root@host> show route inet.0: 6 destinations, 6 routes (3 active, 0 holddown, 3 hidden) + = Active Route,
Read More »

JNCIS-SEC exam

It is needless to say that I am very much interested in JUNOS. Recently I have taken JNCIS-SEC exam though  it was a bit more difficult than I expected. Now I want to run for JNCIP-SEC and JNCIS-SP. I don’t know which one will be the first but I feel hungry for both routing and
Read More »

SRX packet mode

JunOS can have two modes which are Flow and Packet mode in the following devices; J-series services routers (I think after 9.3 version). This is also called junos enhanced services (junos-es) SRX security devices In default configuration SRX devices work in flow mode by which security policies are in place and unless otherwise allowed, packets
Read More »

JNCIS-SEC [ Web Filtering ]

There are three types of Web Filtering solutions: 1) Integrated Web Filtering:  This solution intercepts every HTTP request in a TCP connection. Then device identifies the category of a URL either from user-defined categories or from a category server (Surf Control Content Portal by Websense) 2) Redirect Web Filtering: This solution intercepts HTTP requests and
Read More »

JNCIS-SEC [ Content Filtering ]

Content filtering blocks or permits certain types of traffic based on the MIME type, file extension and protocol command. The content filter controls file transfers across the gateway. The content filter module evaluates traffic before all other UTM modules except Web Filtering. There are three types of content filters: 1) MIME Pattern Filter: It is
Read More »

JNCIS-SEC [ Antivirus ]

There are two types of protection techniques a) Full Antivirus Protection b) Express Antivirus Protection A) Full Antivirus Protection Files are scanned against a signature database.  Data packets are received and the original application content e.g email attachment is reconstructed. Kaspersky lab provides scan engine and if antivirus license expires, you can continue to use
Read More »

JNCIS-SEC [ Antispam ]

SPAM is an unwanted message as everyone knows. When SRX detects a message deemed to be spam, it blocks the email message or tags it with a configured string.  You can use a 3rd party spam block list (SBL) or create your own (whitelist or blacklist)  A) Server Based Antispam Filtering Firewall performs SBL lookups
Read More »

JNCIS-SEC [ Introduction to UTM ]

JNCIS-SEC exam has recently added UTM into its topic list  which I think makes the exam more difficult. I will try to summarize what I get from Junos Security Guide and present my configuration. Lets start with the first Introduction to UTM Unified Thread Management (UTM) is used to describe the consolidation of several security features
Read More »