From the course: Juniper Security Policies Fundamentals
Introduction
- [Instructor] Security policies allow you to control the flow of traffic through the Junos OS device. These are also sometimes referred to as firewall rules. Using security policies, you can define who is the source of the traffic, who is the destination of the traffic, what type of traffic is to be matched, and what is the action to be performed on matching traffic. Security policies allow you to control every packet that passes through the security zones. This is referred to as transit traffic. From the perspective of security policies, traffic enters one security zone and exits another security zone. This combination of source zone and destination zone, or in other words, from zone and to zone, is called a context. Each context has an ordered list of security policies. Each policy is processed in the order that is defined in the context. Apart from permitting or denying traffic, security policies can also be used to encrypt, decrypt, authenticate, prioritize, schedule, filter, and monitor traffic that is passing through the device. Here are some examples of typically configured security policies. Allow HTTP or HTTPS from the trust zone, also known as the inside zone, to the untrust zone, which is typically the internet. Allow ICMP from the trust zone to the untrust zone. Allow SSH or RDP from the trust zone to the DMZ zone. Block ICMP from the untrust zone to the trust zone. Allow HTTP or HTTPS from the untrust zone to the DMZ zone.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.