Juniper SRX UTM or Unified Threat Management is another security feature that integrates multiple security features including antivirus, antispam, content filtering and web filtering into a single device.
This section is just to review these features and we will show how to implement them in the next sections.
Juniper SRX UTM Overview
UTM means the integration of multiple security services into a single device, which may vary across vendors.
In juniper SRX device, it includes antivirus, antispam, content filtering and web filtering.
For antivirus, we have two options. Local Avira antivirus and cloud based Sophos antivirus.
Local antivirus needs more CPU and Memory resources.
Antispam feature check incoming and outgoing emails to identify spam. Spam emails can be blocked or just tagged.
It requires a third party database or local white list and block list to detect spam emails.
By content filtering feature, you can control traffic based on file type which is also called MIME type, file extension and protocol commands.
By file type, it means, as examples, jpg file or mp4 file.
By extension, it means, it checks just the extension of the file regardless of the file type.
For protocol command, ftp delete command or http post command are some examples.
By content filtering, you can also filter ActiveX and java applets which can be source of vulnerability especially in web browsers.
By web filtering features, you can limit web access based on web categories.
It can be implemented based on local “Websense” server or cloud based “Surfcontrol” server.
Juniper SRX UTM license Overview
Most of UTM features require a license but some features like content filtering and local web filtering or redirect based web filtering do not need any license to work.
This is a table taken from juniper website shows which of UTM feature require or do not require license to work.