[Contents] [Prev] [Next] [Index] [Report an Error]

Example: Configuring Full Antivirus Custom Objects (CLI)

To configure antivirus protection, you must first create your custom objects (MIME Pattern List, Filename Extension List, URL Pattern List, and Custom URL Category List).

  1. Configure the filename-extension custom object by first creating a name for the list. The following example creates the extlist1 custom object:
    user@host# set security utm custom-objects filename-extension extlist1

    Note: The Kaspersky scan engine ships with a read-only default extension list that you can use.

  2. Add extensions to the list. The following example adds the zip, js, and vbs extensions to the extlist1 custom object:
    user@host# set security utm custom-objects filename-extension extlist1 value [zip js vbs]
  3. Create MIME lists. The following example creates the avmime1 and ex-avmime1 lists:
    user@host# set security utm custom-objects mime-pattern avmime1user@host# set security utm custom-objects mime-pattern ex-avmime1
  4. Add MIME patterns to the lists. The following example adds patterns to the avmime1 and ex-avmime1 lists:
    user@host# set security utm custom-objects mime-pattern avmime1 value [video/quicktime image/x-portable-anymap x-world/x-vrml]user@host# set security utm custom-objects mime-pattern ex-avmime1 value [video/quicktime-inappropriate]

    Note: Because you use URL pattern lists to create custom URL category lists, you must configure URL pattern list custom objects before you configure custom URL category lists.

  5. Configure a URL pattern list custom object specifying a list of URLs that you want the device to bypass during scanning. The following example creates the urllist1 list:
    user@host# set security utm custom-objects url-pattern urllist1 value [http://www.url.com 5.6.7.8]

    When entering the URL pattern, note the following wildcard character support:

    • The \*\.[]\?* wildcard characters are supported.
    • You must precede all wildcard URLs with http://.
    • You can only use the asterisk * wildcard character if it is at the beginning of the URL and is followed by a period.
    • You can only use the question mark ? wildcard character at the end of the URL.
    • The following wildcard syntax IS supported: http://*.juniper.net, http://www.juniper.ne?, http://www.juniper.n??.
    • The following wildcard syntax is NOT supported: *.juniper.net , www.juniper.ne?, http://*juniper.net, http://*.
  6. Configure a custom URL category list custom object using the URL pattern list you created. The following example adds the urllist1 list to the custurl1 custom object:
    user@host# set security utm custom-objects custom-url-category custurl1 value urllist1

Related Topics

JUNOS Software Feature Support Reference for SRX Series and J Series Devices

[Contents] [Prev] [Next] [Index] [Report an Error]


[an error occurred while processing this directive]