SRX Services Gateway
Highlighted
SRX Services Gateway

Screen option on SRX

‎10-08-2018 10:22 AM

Hi 

I would like to protect DNS, HTTP and HTTPs flood from external network. 

Which screen option feature can protect all floods?

 

 

1 REPLY 1
Highlighted
SRX Services Gateway
Solution
Accepted by topic author Halo
‎10-08-2018 10:34 AM

Re: Screen option on SRX

‎10-08-2018 10:31 AM

Halo,

 

Because DNS is mostly used over UDP, you can use the UDP flood screen. In the same way HTTP and HTTPS are TCP based and the SRX can protect against SYN flood attacks via the SYN flood option. Find more information about the options and its configuration via this link:

 

https://www.oreilly.com/library/view/juniper-srx-series/9781449339029/ch11.html

 

You might also want to check the Source IP Session Limit Screen and Destination IP Session Limit option. They can be found on the same link.

 

Hope it helps.

 

Pura Vida from Costa Rica - Mark as Resolved if it applies.
Kudos are appreciated too!
Feedback