ScreenOS Firewalls (NOT SRX)
Showing results for 
Search instead for 
Do you mean 
Reply
Highlighted
Contributor
Posts: 26
Registered: ‎04-22-2010
0 Kudos

Default policy For SSG

Hi There:

 

may advise the default policy in the following platform, global policy is permit or deny  :

 

SSG5  

SSG20

SSG140

SSG320M

SSG350M

SSG520M

SSG550M

 

Thanks for any feedback.

 

Bin

 

 

Super Contributor
Posts: 231
Registered: ‎12-01-2008
0 Kudos

Re: Default policy For SSG

Hi

 

if im not wrong all juniper firewall have default policy with deny action

 

thanks


EL

Distinguished Expert
Posts: 3,816
Registered: ‎03-30-2009
0 Kudos

Re: Default policy For SSG

The defaut policy for any zone to zone traffic is deny.  You can override this select by placing a default allow rule at the bottom of the policy stack.

 

When you create a zone the default setting is to allow intrazone traffic but you can change that to deny as part of the zone configuration.

Steve Puluka BSEET
Juniper Ambassador
Senior IP Engineer - DQE Communications Pittsburgh, PA
JNCIA-ER JNCIA-EX JNCIS-SEC JNCIP-SEC JNCSP-SEC
JNCIS-FWV JNCIS-SSL JNCDA
JNCIS-SP
ACE PanOS 6
MCP - Managing Server 2003 MCP - Windows XP Professional
MCTS Windows 7
http://puluka.com/home