casb-policy
Syntax
casb-policy policy-name {
rules rule-name {
match {
application application-name {
actity activity-name {
[param-name param-value param-name param-value]
}
instance instance-name;
}
application-group application-group-name {
activity activity-name
}
}
then {
allow;
deny;
log-action;
}
}
log-activity [ login upload download ];
default-rule {
deny;
log-action;
}
}
Hierarchy Level
[edit security]
Description
Configure Cloud Access Security Broker (CASB) policy. CASB policy includes set of rules to match a section of traffic based on applications or instances and then specify actions to apply on the matched traffic and take active or passive preventive actions.
Options
| rules rule-name |
Configure rules for the CASB policy. |
| log-activity |
(optional) Define activity logging for the CASB policy. Available options are login, download, and upload. |
| default-rule |
The default CASB policy that defines the actions the device takes on a packet that does not match any other rule. This is mandatory statement. |
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 24.2R1.