Junos OS Firewalls Flashcards
What is the function of a firewall in Junos OS?
A firewall in Junos OS is used to filter traffic based on security policies, blocking or allowing traffic between different networks or zones.
How can you configure a basic firewall filter in Junos OS?
You can configure a basic firewall filter in Junos OS using the commands: set firewall family inet filter <filter-name> term <term-name> from <criteria> then accept.</criteria></term-name></filter-name>
What is the difference between a security policy and a firewall filter in Junos OS?
A security policy defines rules for controlling traffic between security zones, while a firewall filter provides granular control over traffic filtering, often used for controlling ingress and egress traffic on interfaces.
How do you apply a firewall filter to an interface in Junos OS?
You apply a firewall filter to an interface using the command: set interfaces <interface-name> unit 0 family inet filter input <filter-name>.</filter-name></interface-name>
What is the concept of security zones in Junos OS?
Security zones are logical grouping of interfaces in Junos OS that define the trust level of the interfaces, such as untrusted (outside) and trusted (inside) zones.
How do you configure a security policy in Junos OS?
You configure a security policy in Junos OS by defining rules for traffic between security zones using the command: set security policies from-zone <zone1> to-zone <zone2> policy <policy-name> match source-address <src-addr> destination-address <dst-addr> application <app> then permit.</app></dst-addr></src-addr></policy-name></zone2></zone1>
What command is used to view active firewall sessions in Junos OS?
You can view active firewall sessions in Junos OS using the command: show security flow session.
What are the common actions available in a Junos OS firewall filter rule?
The common actions in a firewall filter rule are “accept,” “discard,” and “reject,” which define how traffic should be handled based on the rule’s criteria.
How can you troubleshoot firewall filter issues in Junos OS?
You can troubleshoot firewall filter issues by using commands like show firewall, show security policies, and reviewing logs with show log messages.
What is the purpose of stateful inspection in Junos OS firewalls?
Stateful inspection in Junos OS tracks the state of active connections and ensures that only packets belonging to valid sessions are allowed through, providing more advanced security than simple packet filtering.