Figure 2: User Traffic Allowed; Figure 3: User Traffic Blocked - Juniper V10000 Implementation Manual

IMPLEMENTATION GUIDE -Juniper Networks SRX Series Services Gateways/Websense V10000
Figure 2 illustrates the ladder diagram for user traffic allowed by the Websense V10000. The V10000 proxies the traffic
between the user and the Internet via the V10000 P1 port. The proxied traffic is indicated by the separate dark gray and
light gray traffic flows.
Figure 3 illustrates the ladder diagram for user traffic that is blocked and redirected by the V10000.
4
User attempts to
access a URL
SRX Series redirects
tra c to V10000
SRX Series routes
tra c to the
URL and performs
NAT if necessary
User attempts to
access a URL
User browser
redirected to
V10000 C port
User sees
"blocked page"
on browser
SRX Series
Websense V10000
P1

Figure 2: User traffic allowed

SRX Series
SRX Series redirects
tra c to V10000
On a policy violation, the
V10000 blocks tra c and
redirects the user's Web browser

Figure 3: User traffic blocked

INTERNET
V10000 policy allows
tra c, establishes new
tra c flow (proxy) to
the URL
V10000 proxies
the end-to-end
tra c flow to
the target URL
Websense V10000
P1 C
Copyright © 2010, Juniper Networks, Inc.