Application Firewall in SRX 650

Victorhud · ‎02-02-2008

Hi:

I reviewed other 2 security products that have App-ID for application firewall, thats mean near 840 applications as: Public proxies (e.g., Hopster, Kproxy), Private proxies (e.g., CGIproxy ),Tunneling or circumvention applications (e.g., UltraSurf, TOR),Slingbox .

Is it possible with SRX 650 to recognize the applications as Ultrasurf,Tor or Proxies as Hopster or Tunneling as IP over DNS ,directly without to decode the protocol or to write a IDS/IPS rule?

I had read the SRX documentation and didnt find information about it.

Thanks in advance your help

Victor

fauzi@cnc.net.my · ‎09-08-2010

Hi Victor,

I have log case to JTAC and for SRX they didn't have any features yet to block it but I got news from them saying that the IDP team is around the clock to create a signature to block it but they said it going to take a long time.

As for know, I used normal shell script with iptables to block TOR traffic but it will need quite a high end server to do it.

Please refer to this website for more info.

http://www.brianhare.com/wordpress/2011/03/02/block-tor-exit-nodes-using-bash-script/

http://doc.norang.ca/iptables.html#sec-3

Many Thanks

Fauzi Matsa

JNCIA-JUNOS JNSS JNSA

Mauricio Oliveira · ‎09-07-2010

Enterprise firewalls (SRX100 ~ SRX650) don't have L7 fw fetarue yet, I think that's will be possible on 2H'2011.

Today only datacenter firewalls (SRX1400 ~ SRX5800) have this.

Application Firewall in SRX 650

Re: Application Firewall in SRX 650

Re: Application Firewall in SRX 650