Security Policy Schedulers Overview

Schedulers are powerful features that allow a policy to be activated for a specified duration. You can define schedulers for a single (nonrecurrent) or recurrent time slot within which a policy is active. You can create schedulers irrespective of a policy, meaning that a scheduler cannot be used by any policies. However, if you want a policy to be active within a scheduled time, then you must first create a scheduler.

When a scheduler times out, the associated policy is deactivated and all sessions associated with the policy are also timed out.

If a policy contains a reference to a scheduler, the schedule determines when the policy is active, that is, when it can be used as a possible match for traffic. Schedulers allow you to restrict access to a resource for a period of time or remove a restriction.

The following guidelines apply to schedulers:

• A scheduler can have multiple policies associated with it; however, a policy cannot be associated with multiple schedulers.
• A policy is active during the time when the scheduler it refers to is also active.
• When a scheduler is off, the policy is unavailable for policy lookup.

• A scheduler can be configured as one of the following:

  • Scheduler can be active for a single time slot, as specified by a start date and time and a stop date and time.
  • Scheduler can be active forever (recurrent), but as specified by the daily schedule. The schedule on a specific day (time slot) takes priority over the daily schedule.
  • Scheduler can be active within a time slot as specified by the weekday schedule.
  • Scheduler can have a combination of two time slots (daily and timeslot).

Related Topics

• JUNOS Software Feature Support Reference for SRX Series and J Series Devices
• Security Policies Overview
• Example: Configuring Schedulers (CLI)
• Example: Associating a Policy to a Scheduler (CLI)
• Verifying Scheduled Policies