You can block a source
IP address from accessing either all applications or only selected
applications. The block operation requires the listed policy rules
to be edited to block the source IP address from accessing one or
more applications. Then you can view the policy changes by clicking
the policy name or view affected devices by clicking the device count.
Also, you can click the policy to view the affected rules, edit the
rules, and save them, if required.
Note: Starting in Junos Space Security Director Release 21.1,
when unified policy rules permit the traffic, selecting block action
creates block rules in the appropriate unified policy.
To block the source IP address:
- Select Monitor > Applications.
The Application Visibility page is displayed.
- Click the SOURCE IP tab.
The top 50 source IPs are displayed.
- In the Chart View, hover over the source IP address you
want to block.
A pop up window is displayed with information on the number
of sessions, bandwidth consumption, and top five applications of that
particular IP address.
Note: Click View All Applications to view all the
applications of the source IP address on the APPLICATIONS-Grid View
tab. You can select an application and block it by clicking Block
Application.
- Click Block IP to block the source IP address
from accessing all applications.
The Block Application page is displayed.
Block the source IP address from accessing a particular application
by selecting the application listed under the Top 5 Applications table,
and then click Block Application(s).
The Block User page is displayed. All the policies that need
to be edited to block the IP address from accessing the applications
are listed under the Policy Name column.
- Select Run now to immediately publish or update
the changes or select Schedule at a later time to publish
or update the changes later.
- Click Save to save the configuration settings.
Click Publish to publish the changes.
Click Update to update the changes.
