- play_arrow Overview
- Understanding the Common Criteria Evaluated Configuration
- Understanding Junos OS in FIPS Mode of Operation
- Understanding FIPS Mode of Operation Terminology and Supported Cryptographic Algorithms
- Identifying Secure Product Delivery
- Applying Tamper-Evident Seals to the Cryptographic Module
- Understanding Management Interfaces
- play_arrow Configuring Roles and Authentication Methods
- Understanding Roles and Services for Junos OS in FIPS Mode of Operation
- Understanding Services for Junos OS in FIPS Mode of Operation
- Downloading Software Packages from Juniper Networks
- Installing Junos Software Packages
- Understanding Zeroization to Clear System Data for FIPS Mode of Operation
- Loading Firmware on the Device
- How to Enable and Configure Junos OS in FIPS Mode of Operation
- play_arrow Configuring Administrative Credentials and Privileges
- Network Time Protocol
- play_arrow Configuring SSH and Console Connection
- play_arrow Configuring the Remote Syslog Server
- play_arrow Configuring Audit Log Options
- play_arrow Configuring Event Logging
- play_arrow Configuring a Secure Logging Channel
- play_arrow Configuring VPNs
- play_arrow Configuring Security Flow Policies
- play_arrow Configuring Network Attacks
- Configuring IP Teardrop Attack Screen
- Configuring TCP Land Attack Screen
- Configuring ICMP Fragment Screen
- Configuring Ping-Of-Death Attack Screen
- Configuring tcp-no-flag Attack Screen
- Configuring TCP SYN-FIN Attack Screen
- Configuring TCP fin-no-ack Attack Screen
- Configuring UDP Bomb Attack Screen
- Configuring UDP CHARGEN DoS Attack Screen
- Configuring TCP SYN and RST Attack Screen
- Configuring ICMP Flood Attack Screen
- Configuring TCP SYN Flood Attack Screen
- Configuring TCP Port Scan Attack Screen
- Configuring UDP Port Scan Attack Screen
- Configuring IP Sweep Attack Screen
- play_arrow Configuring the IDP Extended Package
- play_arrow Configuring Cluster Mode
- play_arrow Performing Self-Tests on a Device
- play_arrow Configuration Statements
- checksum-validate
- code
- data-length
- destination-option
- extension-header
- header-type
- home-address
- identification
- icmpv6 (Security IDP Custom Attack)
- ihl (Security IDP Custom Attack)
- option-type
- reserved (Security IDP Custom Attack)
- routing-header
- sequence-number (Security IDP ICMPv6 Headers)
- type (Security IDP ICMPv6 Headers)
Configuring Traffic Filter Rules
Traffic filter rules can be configured on a device to enforce validation against protocols attributes and direct traffic accordingly to the configured attributes. These rules are based on zones on which network interfaces are bound.
The following procedure describes how to configure traffic
filter rules to direct FTP traffic from source trustZone
to destination untrustZone
and from source network trustLan
to destination network untrustLan
. Here,
traffic is traversing from the devices interface A on trustZone
to interface B on untrustZone
.
Here, trustZone
and untrustZone
are
preconfigured security zones and trustLan
and untrustLan
are preconfigured network addresses.