Chapter 9 Configuring Security Policies - Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1 Administration Manual

CHAPTER 9
Configuring Security Policies
Copyright © 2010, Juniper Networks, Inc.
Firewall rules define access to your network, including permitted services, users, and time
periods. You can also use firewall rules to control the shape of your network traffic as it
passes through the firewall or to log specific network events. Multicast rules permit
multicast control traffic, such as IGMP or PIM-SM messages, to cross Juniper Networks
security devices. Multicast rules permit multicast control traffic only; to permit data traffic
(both unicast and multicast) to pass between zones, you must configure firewall rules.
Because all incoming and outgoing network traffic passes through your firewall, it is the
ideal location to control the traffic flowing on your network. Creating security policies
enables you to define what type of traffic should be permitted on your network, as well
as how that traffic is treated while inside. A security policy can contain firewall rules (in
the Zone and Global rulebases), multicast rules (in the Multicast rulebase), and IDP rules
(in the Application Policy Enforcement (APE), IDP, Exempt, Backdoor Detection, SYN
Protector, Traffic Anomalies, and Network Honeypot rulebases).
This chapter contains the following sections:
About Security Policies on page 430
Creating a Security Policy on page 438
Configuring Firewall Rules on page 442
Configuring Multicast Rules on page 459
Configuring Antivirus Rules on page 461
Configuring Antispam Rules on page 462
Configuring IDP Rules on page 462
Configuring Application Policy Enforcement (APE) Rules on page 476
Configuring Exempt Rules on page 484
Configuring Backdoor Rules on page 486
Configuring SYN Protector Rules on page 491
Configuring Traffic Anomalies Rules on page 495
Configuring Network Honeypot Rules on page 499
Installing Security Policies on page 501
Managing Rules and Policies on page 507
429