SRX

last person joined: 16 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  Order of global and zone specific policy?

    Posted 02-23-2016 12:04

    Hello Expert

     

    What is the order of global security policy and zone specific policy? Means first all zone based policies are evaluated and then all global policies will be evaluated?



  • 2.  RE: Order of global and zone specific policy?
    Best Answer

    Posted 02-23-2016 12:12

    Hi aeroplane,

     

     

    Yes, that is the order first all zone specific polices are tested/checked and if the packet doesn't apply to any of the zone "contextes" then after that the global zone policy is applied and checked.



  • 3.  RE: Order of global and zone specific policy?

    Posted 02-23-2016 12:18

    Here is a reference from Juniper on it with more details if you like :

     

    "For example, if a policy lookup is performed, regular security policies have priority over global policies. Therefore, in a policy lookup, regular security policies are searched first and if there is no match, global policy lookup is performed."

     

     

    https://www.juniper.net/techpubs/en_US/junos13.1/topics/concept/security-policy-global-policy-overview.html



  • 4.  RE: Order of global and zone specific policy?

    Posted 02-23-2016 21:51

    Thank you