Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

About the Default Profiles for Unified Firewall Policy Page

To access this page, select Configuration > Firewall > Default Settings.

Use this page to view and edit the default settings for unified firewall policies. In a unified firewall policy, dynamic application is used as a match criteria and therefore a separate application firewall is not configured on a device (CPE or next-generation firewall) to allow or block traffic to an application.

The unified firewall takes some time to detect the application in a traffic and act upon it. The default profiles help in providing security during that time.

Note:

The unified firewall policy settings are applied on a device only when Junos OS version 18.2R1 or later is installed on the device.

The default settings comprise the following:

  • A Content Security profile to define antispam, antivirus, content filtering and web filtering behavior.

  • An SSL proxy profile to define the action to be taken when server certificates are not authenticated.

  • An IPS profile to define the actions to be taken when the traffic matches the attack objects specified in the IPS profile.

  • Reject Settings to define an action when the firewall blocks traffic for a particular application:

    • Take no action

    • Provide a redirect URL to redirect the traffic to another application or URL.

    • Provide a block message to display or log a message indicating that the traffic for the particular application is blocked by the firewall policy.

Tasks You Can Perform

You can perform the following tasks from this page:

Field Descriptions

Table 1 describes the fields on the Default Profiles for the Unified Firewall Policy page.

Table 1: Default Profiles for the Unified Firewall Policy Page

Setting

Guideline

Default Content Security Policy

Content Security profile assigned for the unified firewall policy, which is set the default Content Security policy.

Default SSL Profle

SSL proxy profile assigned for the unified firewall policy, which is set as the default SSL proxy profile.

Default IPS Profile

IPS profile assigned for the unified firewall policy, which is set as the default IPS policy on the device.

Reject Settings

Reject Action

The action assigned to the unified firewall policy when a firewall blocks application traffic:

  • None: No message or redirection is provided.

  • Redirect URL: The firewall redirects the traffic to the specified URL.

  • Text: The firewall displays or logs the message configured for this field.

Related Documentation