Please enable JavaScript.
Coggle requires JavaScript to display documents.
JNCIA-SEC - Coggle Diagram
JNCIA-SEC
Security Polices
-
-
Actions
-
Reject
for TCP protocol, a TCP reset is sent and for ICMP, UDP, or any orther IP protocol and ICMP reset is sent
-
-
-
-
-
-
Types of traffic
Transit traffic
Traffic enters an ingress interface and exist an egress interface
E.g: User traffic accessing to Internet
-
Exception traffic
Traffic terminates on the SRX device
E.g: ping, ssh session to SRX device
-
Operation mode
-
Packet mode
-
-
-
Security features like IPsec, NAT, UTM do not work in this mode
Interfaces
-
Types
-
Internal
Provide communication between the Routing Engine and the Packet Forwarding Engine which auto configured on boot
Include fxp1 and em0
Network
Provide physical connections to orther devices
Include: Ethernet, SONET, ATM, TI, DS3
Service
Provide traffic manipulating services such as encapsulation(es), encryption(gr-GRE), tunneling(st), tap, lsq(link service queuing)... through a physical interface card of software
-
Naming Convention
Most named as type-fpc/ pic / port
fpc -lexible PIC concentrator - line card slot number
pic - physical interface card - interface card slot number
port - port number
E.g: ge 1/0/1
-
Properties
Logical
Protocol Family: inet, inet6, iso, mpls, ethernet-switching
Address
Vlan tagging
Firewall filters or routing policies
Physical
Mode: half/full duplex
Speed: link speed
MTU
Encapsulation: PPP, frame relay, PPPoE
Firewall Filter
-
-
Contain atleast 1 term
a Term contains match conditions and actions.If all the match conditions are true, the action specified within term is taken
If no match conditions are specified, all the traffic matches the term
Actions
Non-Terminating
Perform functions such as incrementing a counter, logging infor ablout packet header, sampling the data or sending infor to a remote host
-
Terminating
-
Specified action is performed, no additional terms are examined
-
-
Security Zones
-
-
Functional Zone
Used for special purposes, like MGMT int => adding an interface to the management zone allows the interface to be used for OOB
Address Books
-
-
Address objects defined in 1 zone cannot be used in another
Objects in global add book can ues any zone
-
Sky ATP
-
Malware Analysis
-
Antivirus scanning
protects against viruses, trojans, worms, spyware and rootkits
-
-
-
-