Juniper SRX100 Bedienungsanleitung


Lesen Sie kostenlos die 📖 deutsche Bedienungsanleitung für Juniper SRX100 (11 Seiten) in der Kategorie Nicht kategorisiert. Dieser Bedienungsanleitung war für 13 Personen hilfreich und wurde von 2 Benutzern mit durchschnittlich 4.5 Sternen bewertet

Seite 1/11
APPLICATION NOTE
Copyright © 2009, Juniper Networks, Inc.
QUICKSTART GUIDE FOR BRANCH SRX SERIES
SERVICES GATEWAYS
Configuring Basic Security and Connectivity on Branch SRX Series Services Gateways
ii Copyright © 2009, Juniper Networks, Inc.
APPLICATION NOTE - Quickstart Guide for Branch SRX Series Services Gateways
Table of Figures
Figure 1: Corporate and branch-office network infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Figure 2: Corporate and branch-office network infrastructure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Table of Contents
Introduction ........................................................................................1
Scope ..............................................................................................1
Design Considerations ...............................................................................1
Hardware Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Software Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Description and Deployment Scenario . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Default Firewall Configuration ........................................................................1
Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Firewall Configuration for Outbound Access Using IRB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
IPsec VPN Configuration .............................................................................5
Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
UTM Configuration ..................................................................................7
Antivirus Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
Web Filtering Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
IDP Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Summary ..........................................................................................9
About Juniper Networks ..............................................................................9
Copyright © 2009, Juniper Networks, Inc. 1
APPLICATION NOTE - Quickstart Guide for Branch SRX Series Services Gateways
Introduction
The purpose of this application note is to walk the reader through the steps necessary to configure Juniper
Networks® SRX Series Services Gateways out of the box to provide secure connectivity to the Internet and remote
sites. The example configurations can be leveraged to build more complicated configurations that will meet the
security requirements of modern branch and remote offices.
After reading this document, you should be able to configure branch SRX Series Services Gateways to pass traffic
and provide several common security services.
Scope
This paper introduces the Juniper Networks JUNOS® Software CLI and will help the reader configure SRX Series
Services Gateways for the first time and provide a building block for more advanced configurations. It does not
include advanced security configuration examples or network design guidelines. Additional Juniper Networks
documentation is available for readers at www.juniper.net/techpubs/software/junos/index.html#srx.
Design Considerations
Hardware Requirements
Juniper Networks SRX Series Services Gateways (Certain features described in this document are not available
across the entire SRX Series product line. Readers should consult Juniper Networks product-specific literature for
more details.)
Software Requirements
JUNOS Release 9.5 or later for all branch SRX Series Services Gateways
Description and Deployment Scenario
The included examples are not intended to be Juniper recommended configurations as they only meet the security
requirements of the simplest deployments such as a small home office. However, with some modification, they can
be used to connect and secure larger remote and branch offices to a larger central site.
The approach of this document is to begin with an SRX Series as it ships from the factory and progressively work
through the steps necessary to build a usable base configuration.
Default Firewall Configuration
The first configuration is often associated with default firewall behavior. All outbound traffic from a private network is
allowed and uses source NAT, while inbound traffic from the Internet not matching an established session is blocked.
The first time that branch SRX Series Services Gateways are powered on, they will boot using the factory default
configuration as follows:
A trust and untrust zone will be created. •
Interface ge-0/0/0 will be assigned the IP address 192.168.1.1 and will be bound to the trust zone.•
A DHCP server instance will be enabled on interface ge-0/0/0.•
Three security policies, one inter-zone and two intra-zone, will be created: •
trust zone to trust zone (intra-zone)—default permit policy -
trust zone to untrust zone (inter-zone)—default permit policy -
untrust zone to trust zone (inter-zone)—default deny policy -
To illustrate a common default firewall configuration, a Juniper Networks SRX210 Services Gateway will be used and
the following design assumptions will be made:
The protected network is connected to interface ge-0/0/0 in the trust zone.•
Connectivity to the Internet is through interface fe-0/0/7 in the untrust zone.•
The IP address of interface fe-0/0/7 is either statically configured or assigned via DHCP.•


Produktspezifikationen

Marke: Juniper
Kategorie: Nicht kategorisiert
Modell: SRX100
Gewicht: 1100 g
Befestigungstyp: Rackeinbau
Betriebstemperatur: 0 - 40 °C
Unterstützte Sicherheitsalgorithmen: 3DES, DES
Unterstützte Netzwerkprotokolle: IPv4, IPv6, CLNS
Zertifizierung: FCC Class B \n ICES class B \n AS / NZS CISPR22 Class B \n AS / NZS CISPR22 Class B \n VCCI Class B \n EN 55022 Class B, EN 300386\n
Stromverbrauch (Standardbetrieb): 30 W
Power over Ethernet (PoE): Nein
LED-Anzeigen: Ja
Temperaturbereich bei Lagerung: -20 - 70 °C
Energiebedarf: 100-240, 50/60
Abmessungen (BxTxH): 216 x 147 x 36 mm
Speicherkapazität: 1024 MB
Eingangsspannung: 100 - 240 V
VPN Unterstützung: IPsec VPN
Firewall: Ja
MAC Adressen Filtern: Ja
Eingangsfrequenz: 50/60 Hz
Flash-Speicher: 1024 MB
Sicherheit: UL 60950-1, CSA 60950-1, AS / NZS 60950-1, AS / NZS 60950-1, CB Scheme, EN 60950-1
Wärmeableitung: 35 BTU/h
Router Protokoll: BGP, IS-IS, MPLS, OSPF
Relative Luftfeuchtigkeit: 10 - 90 %
Datenübertragungsrate: 0.1 Gbit/s
Authentisierung Methode: RADIUS, RSA SecureID, LDAP
Switch Protokoll: VLAN 802.1Q, 802.3ad/LACP, STP
Software-Version: Junos OS 10.0

Brauchst du Hilfe?

Wenn Sie Hilfe mit Juniper SRX100 benötigen, stellen Sie unten eine Frage und andere Benutzer werden Ihnen antworten




Bedienungsanleitung Nicht kategorisiert Juniper

Bedienungsanleitung Nicht kategorisiert

Neueste Bedienungsanleitung für -Kategorien-