SRX

last person joined: 9 hours ago 

Ask questions and share experiences about the SRX Series, vSRX, and cSRX.

  • 1.  SRX240 UTM License

    Posted 06-07-2015 23:45

    Dear Experts,

     

        Requesting suggestion from you on a point, Although we know that it's better to go with the same..But still in search for key points...posting a query here-

     

    We are using Juniper SRX240H2 (without UTM license) at perimeter level in our network with Internet & MPLS connectivity. Is this really require to go for UTM license for better manageability of security features as i suppose most of them will be handle without UTM licenses although i agreed that full features will not be there. Could you pls suggest workaround , i.e what all UTM feature we can use up to some extent without having license.

     

    It would be easy for me to understand, If anyone of you can share basis comparision details with and without UTM license can be done on SRX240H2 device.

     

    Regards

    SB



  • 2.  RE: SRX240 UTM License

     
    Posted 06-07-2015 23:53

    Hello SB20 ,

     

    To enable UTM feature in SRX240 , you need to have the Licences installed . Without which mojority  of the UTM features does not works . Please check the below doccumentation for the same . :

     

    http://www.juniper.net/documentation/en_US/junos12.1x46/topics/concept/security-branch-device-utm-understanding.html

     

    But some of the features does not need licence which are :

     

    Content filtering , Web-filtering :redirect  , web-filtering local .

    Please see: 

    http://www.juniper.net/documentation/en_US/junos12.1/topics/concept/utm-license-understanding.html

     

    You may get trial licences for other features . Please get in touch with Juniper CCare for same



  • 3.  RE: SRX240 UTM License

    Posted 06-08-2015 00:04

    Thanks Sam,

     

    One thing to add which was missed out in prior post , we have taken IPS license. 

     

      As you replied ..If this is the case, then nothing(from below list) can be enable even upto certain extent wihtout UTM license.

     

    1.spam

    2.phishing attacks

    3.viruses (I understand this can be handle without UTM license, by installating seperate Antivirus solution server).

    4.trojans and spyware infected files  (This can be handle through IPS)

    5.unapproved website access.   (Even this can also be done without UTM license, if have the list of websites to be block)

    6.unapproved content.

     

    regards

    SB



  • 4.  RE: SRX240 UTM License

     
    Posted 06-08-2015 00:10

    Hello SB20 ,

     

    I had made some corrections in my previous post since some of the UTM feature works without licence .

     

    1.spam --> Need licences .

    2.phishing attacks

    > It needed Licenced UTM feature .

    3.viruses (I understand this can be handle without UTM license, by installating seperate Antivirus solution server).

    > If you need solution withing SRX using UTM Antivirus , we ned licence , else you need to go with extenal solution .

    4.trojans and spyware infected files  (This can be handle through IPS)

    > IPS can take care

    5.unapproved website access.   (Even this can also be done without UTM license, if have the list of websites to be block)

    > If you have blacklist , then we can implement  it using wef-filtering :local , which does not need licence .

    6.unapproved content.

    > Content filtering does not need licence .



  • 5.  RE: SRX240 UTM License

    Posted 06-08-2015 00:25

    Gr8 Sam,

     

    This is what exactly i was looking for.

     

    Now, a minor query. As you replied that Content Filtering (point#6) does'nt leed UTM license.

    6.unapproved content.

    > Content filtering does not need licence .

     

    Can you pls share If there any default local profile available on SRX to implement this (without UTM license).

     

    Regards

    SB



  • 6.  RE: SRX240 UTM License

     
    Posted 06-08-2015 00:30

    Hello SB ,

     

    Content filter can basically block FTP Commands ,  MIME patterns, file extensions, and protocol commands. The protocols that at supported are HTTP, FTP and E-mail.

     

    Please check the below KB for the same :

     

    http://kb.juniper.net/InfoCenter/index?page=content&id=KB17285



  • 7.  RE: SRX240 UTM License

    Posted 06-08-2015 00:44

    Thanks  SAM,

     

      Means in my case, we require UTM license for Anti-Spam and Phising Attack only.

     

    Rest will not need UTM license and can be taken care either with 

    1. Third Party Antivirus Solution (for Antivirus),

    2. SRX IPS License (for Trojans and Spyware Infected Files healing/Detection),

    3. Local profile "wef-filtering :local" (Web Filtering),

    4. Setting up a Content Filter(Content Filtering).

     

     I am just cross verifying.



  • 8.  RE: SRX240 UTM License
    Best Answer

     
    Posted 06-08-2015 00:50

    Hello SB ,

     

    Rest of the points are correct , except one ,

     

    2. SRX IPS License (for Trojans and Spyware Infected Files healing/Detection), --> IPS cannot efficiently track malicious files healing /Detection since these gets active on host machine and can be tracked down only using Anti-Virus .  IPS basically matches the Signature patterns and Block/Allows conenction .  Here in Trojans and Spyware Infected Files healing/Detection it cannot help to my knowledge .  For that Anti-Virus engine need to kick in .