Table of Contents
Advertisement
Configuring Antivirus Rules
Copyright © 2010, Juniper Networks, Inc.
In this example, you define a multicast rule that permits IGMP messages from the Trust
zone to the Untrust zone. You specify the original multicast group address object and a
different destination multicast group object.
In the main navigation tree, select Object Manager > Address Objects.
1.
In the main display area, click the Add icon and select Multicast Group. In the New
2.
Multicast Group dialog box, configure the following then click OK:
For Name, enter mcast1.
For Color, select green.
For IP Address, enter 232.1.1.1.
For Netmask, enter 16.
In the main display area, click the Add icon and select Multicast Group. In the New
Multicast Group dialog box, configure the following then click OK:
For Name, enter mcast2.
For Color, select red.
For IP Address, enter 232.1.1.2.
For Netmask, enter 16.
NOTE: NSM validation prevents you from setting a 32 bit netmask in
multicast.
In the main navigation tree, select Policies , then create a new multicast rule in the
Multicast rulebase of a new or existing security policy.
Right-click in the Source Group column and select Configure Source/Destination .
Antivirus settings are stored in a profile.
To assign an antivirus profile to a policy, do the following:
Double-click the Rule Options cell in a rule.
1.
In the Configure Options dialog, click the Antivirus tab.
2.
Select an Antivirus option:
3.
None—Turns off antivirus scanning for that rule.
Use External AV Server—Indicates that you want to use an External AV Server. You
must select the external AV server you wish to use.
Chapter 9: Configuring Security Policies
467
Advertisement
Table of Contents
