IMPLEMENTATION GUIDE -Juniper Networks SRX Series Services Gateways/Websense V10000
Figure 2 illustrates the ladder diagram for user traffic allowed by the Websense V10000. The V10000 proxies the traffic
between the user and the Internet via the V10000 P1 port. The proxied traffic is indicated by the separate dark gray and
light gray traffic flows.
Figure 3 illustrates the ladder diagram for user traffic that is blocked and redirected by the V10000.
4
User attempts to
access a URL
SRX Series redirects
tra c to V10000
SRX Series routes
tra c to the
URL and performs
NAT if necessary
User attempts to
access a URL
User browser
redirected to
V10000 C port
User sees
"blocked page"
on browser
SRX Series
Websense V10000
P1
Figure 2: User traffic allowed
SRX Series
SRX Series redirects
tra c to V10000
On a policy violation, the
V10000 blocks tra c and
redirects the user's Web browser
Figure 3: User traffic blocked
INTERNET
V10000 policy allows
tra c, establishes new
tra c flow (proxy) to
the URL
V10000 proxies
the end-to-end
tra c flow to
the target URL
Websense V10000
P1
C
Copyright © 2010, Juniper Networks, Inc.