From the course: Juniper Security Policies Fundamentals
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Packet flow for transit traffic
From the course: Juniper Security Policies Fundamentals
Packet flow for transit traffic
- [Instructor] Before we start configuring security policies it is important to understand the Junos packet flow. On the screen now I have a diagram representing the packet flow. When a packet arrives at the Junos interface it is first checked to see if it matches an existing session. If it matches an existing session it takes the fast path. The packet information is used to match an existing session in the session table. The packet is subjected to screens, network address translation, ALG, also known as application layer gateway, and other layers of in-services and forwarded out the egress interface. If the packet does not match an existing session it takes the first path, also known as the slow path. The packet is first subjected to screen checks. This allows the Junos device to detect and prevent different internal and external attacks. The SRX is a zone based firewall. This means all security policies are tied to zones, and zones are tied to interfaces. Security policies match…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.