SRX

last person joined: yesterday 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Comment fields - PCI Justification requirements

    Posted 03-26-2011 01:25

    Is there a less than obvious way to put comments into security policies and address-books?

     

    stupid google just finds some form of "leave a comment" in every blog on the internet making it a bit tricky to search for =/

     

    If not, what are you doing to document your security policy justifications?

     

    Thanks

    Mark


    #annotate
    #comment
    #PCI


  • 2.  RE: Comment fields - PCI Justification requirements
    Best Answer

    Posted 03-26-2011 03:24

    You can add comments anywhere in a configuration with the annotate command.  Just navigagte to the policy and put in your comment.

     

    http://www.juniper.net/techpubs/en_US/junos10.4/topics/task/configuration/junos-software-configuration-comments-adding.html

     

    You may also be interested in this white paper on implementing PCI.  This oulines what an autidor is looking for and their implementation in Juniper systems.

     

    http://www.juniper.net/us/en/local/pdf/whitepapers/2000268-en.pdf



  • 3.  RE: Comment fields - PCI Justification requirements

    Posted 03-28-2011 12:19

    Thanks!  I figured there was some method I was missing, "comments" is just a hard word to search

     

    Thanks for the link to the PCI pdf too!



  • 4.  RE: Comment fields - PCI Justification requirements

    Posted 07-13-2011 12:40

    is there a way to annotate using the J-WEB or is this currently limited to the CLI ?