7. Juniper SRX Policy Configuration

Juniper SRX security policy is the main task of the SRX device to control traffic between zones.
Unlike firewall filter it works stateful. That means you only have to permit from the initiator zone to the destination zone. Return traffic is automatically allowed based on the session table.
In this section we will learn how to configure security policy. security policy monitoring will be discussed in the next specific section because of its importance.

Details

5. Juniper SRX applications and application-set object

Juniper SRX application and application-set objects are another required object in security policies.
In other words, when you configure a security policy, in addition to source address and destination address, the name of the application is also required to be configured.
Source address and destination address must be already configured in address book that we have discussed in the previous section. the application name must be also already configured in the list of applications.

Details

3. Juniper SRX Seccurity Zones Concept and Configuration

Juniper SRX security zones provide the ability to assign networks with different security requirements to different security zones, which is a prerequisite for controlling traffic between networks.
It is also possible to control traffic from different security domains to the Juniper device itself and vice versa, from the Juniper device to different security domains, which is a further discussion of this section.

Details

2. Juniper SRX Traffic Flow

Juniper SRX traffic flow knowledge is a requirement to troubleshoot connectivity over SRX device.
The way that the first packet of a new session is processed and forwarded in juniper SRX is different from processing and forwarding of a packet belonging to existing session.
In this section we will discuss how a new packet from a new session or a packet from existing session is forwarded in juniper SRX device.

Details