security-intelligence-policy
Syntax
security-intelligence-policy {
geo-ip
threat-level threat-level {
policy-map policy-name
};
threat-action {
drop;
drop-and-log;
drop-and-sample;
drop-log-and-sample;
log;
log-and-sample;
sample;
}
white-list;
black-list;
}
Hierarchy Level
[edit services web-filter profile profile-name] [edit services web-filter profile profile-name url-filter-template template-name]
Description
Define the threat level and action for the Web filter profile. The packets are redirected at the Packet Forwarding Engine based on the configured threat-level action associated with the threat-level of the destination IP address.
Options
| threat-level |
Define the Web filtering threat level. The value ranges from 1 through 10 |
| policy-map |
Map the threat level to a user-attribute defined by the url-filterd. |
| threat-action |
Define the way the Packet Forwarding Engine processes packets in response
to a threat. Only one action can be configured for each threat level
that is defined. The default threat-action is
|
| white-list | Allow the IP addresses configured either as a file or as an IP address-list . |
| black-list | Block the IP addresses configured either as a file or as an IP address-list . |
Required Privilege Level
system—To view this statement in the configuration.
system-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 19.3R1 on MX Series routers with Juniper Advanced Threat Prevention Cloud (Juniper ATP Cloud) .
Support added in Junos OS Release 19.3R2 for Next Gen Services on MX Series routers MX240, MX480, and MX960 with the MX-SPC3 services card