Chapter 12. Content Security

12.0. Introduction

This chapter summarizes the feature set for application security within ScreenOS. Juniper Networks firewalls have traditionally been stateful inspection firewalls. A stateful inspection security device looks at the network and transport layers of the ISO/OSI model, following the connection from client socket to server socket, but is typically not aware of the data transported within that connection of the application layer. However, deep inspection, pioneered by Juniper since ScreenOS version 5.0, is aware of the application communicating via the connection.

The ScreenOS content security feature set includes four feature groups:

  • Antivirus

  • Antispam

  • URL filtering

  • Deep inspection and integrated IDP

In larger networks, standalone, dedicated machines and servers provide these features. However, in smaller-and medium-size networks, it might be desirable to integrate these features into a single ScreenOS device for the obvious reasons of cost efficiency and convenience. For example, in this scenario, an administrator has to support only a single device and has to purchase a subscription signature service with only one vendor. Also, for smaller networks, antivirus capability and URL filtering do not require an external server, but you can add one for scalability in medium-size networks.

Antivirus capability exists in both internal and external configurations. In the internal configuration, the antivirus scanner and signatures are loaded onto the firewall. ...

Get ScreenOS Cookbook now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.