Related Documentation
Understanding Unified Threat Management for Branch SRX Series
Unified Threat Management (UTM) is an optional function for the branch SRX Series that provides an integrated suite of network security features to protect against multiple threat types including spam and phishing attacks, viruses, trojans and spyware infected files, unapproved website access, and unapproved content.
With UTM, you can implement a comprehensive set of security features that include antispam, antivirus, Web filtering, and content filtering protection.
The UTM features provide the ability to prevent threats at the SRX Series device before the threats enter the network.
The following UTM modules are supported:
- Antispam—Antispam blocks and filters unwanted e-mail traffic by scanning inbound and outbound SMTP e-mail traffic by using some combination of spam block lists (SBL) and user-configured blacklists and whitelists.
- Antivirus—Antivirus feature uses an integrated scanning engine and virus signature databases to protect against viruses, trojans, rootkits, worms, and other types of malicious code from reaching devices on your network.
- Web filtering—Web filtering allows you to permit or block access to specific websites individually or based on the categories to which the website belongs.
- Content filtering—Content filtering provides basic data loss prevention functionality. Content filtering filters traffic based on MIME type, file extension, and protocol commands.
The SRX Series has predefined system profiles (antispam, antivirus, or Web filtering) designed to provide basic protection. You can use a predefined profile to bind to the UTM policy or you can also create a component (antispam, antivirus, Web filtering, or content filtering) profile.
Table 1 provides UTM modules, feature profiles, and supported protocol details.
Table 1: Default UTM Profiles on Branch SRX Series
UTM Modules | Categories | Types | Default Profiles | Supported Protocols |
|---|---|---|---|---|
Antispam | NA | smtp-profile | junos-as-defaults | SMTP |
Antivirus | Full antivirus | kaspersky-lab-engine | junos-av-defaults | SMTP, POP3, IMAP, HTTP and FTP |
Express antivirus | juniper-express-engine | junos-eav-defaults | ||
Sophos antivirus | sophos-engine | junos-sophos-av-defaults | ||
Web filtering | Integrated Web filtering | surf-control-integrated | junos-wf-cpa-default | HTTP |
Redirect Web filtering | websense-redirect | junos-wf-websense-default | ||
Local Web filtering | juniper-local | junos-wf-local-default | ||
Enhanced Web filtering | juniper-enhanced | junos-wf-enhanced-default | ||
Content filtering | NA | NA | NA | SMTP, POP3, IMAP, HTTP, and FTP |
To enable UTM on your SRX Series , you must:
- Install UTM licenses (See Updating Licenses for a Branch SRX Series.)
- Create UTM profiles for UTM components (antispam, antivirus, content filtering, and Web filtering)
- Map a UTM profile to a UTM policy
- Map a UTM policy to a security policy
For more details on UTM, see Junos OS UTM Library for Security Devices.
