- management {
-
- host-inbound-traffic {
-
- protocols {
-
protocol-name
;
-
protocol-name
<except>;
- }
-
- system-services {
-
service-name ;
-
service-name <except>;
- }
- }
-
- interfaces interface-name {
-
- host-inbound-traffic {
-
- protocols {
-
protocol-name
;
-
protocol-name
<except>;
- }
-
- system-services {
-
service-name
;
-
service-name
<except>;
- }
- }
- }
- screen
screen-name ;
- }
- [edit security zones]
Statement introduced in Release 8.5 of JUNOS software.
Specify the host for out-of-band management interfaces. You can set firewall options in this zone to protect the management interface from different types of attacks. Because this zone cannot be specified in policies, traffic entering from this zone can only be traffic originating from the device itself and cannot transit out from any other zone.
This statement is supported on J-series and SRX-series devices.
The remaining statements are explained separately.
For configuration instructions and examples, see the JUNOS Software Security Configuration Guide.
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.