Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Juniper Netscreen 1000 Firewall Configuration

Posted on 2011-09-14
14
Medium Priority
?
614 Views
Last Modified: 2012-05-12
set zone "Untrust" screen icmp-flood
set zone "Untrust" screen udp-flood
set zone "Untrust" screen syn-fin
set zone "Untrust" screen fin-no-ack
set zone untrust screen alarm-without-drop
set zone untrust screen ip-spoofing

I have the above security commands in my Juniper Netscreen 1000 Firewall.
I would lik to setup mail alerts in case if any of the above security violation occurs,
Let me know if this is possible. If possible how should i setup the mail alerts if any of the above security violation occurs.
0
Comment
Question by:SrikantRajeev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 9
  • 5
14 Comments
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 36537731
can i have some answers
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 36540880
Have a look at link below:
http://kb.juniper.net/InfoCenter/index?page=content&id=KB4755

See if this helps you achieve what you wish.

Thank you.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 36586286
i have gone through the link.
It has the field to specify the e-mail ID to which the alert mail will be sent.
But what will be the sender e-mail ID for this.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 1

Author Comment

by:SrikantRajeev
ID: 36586428
Also I would like to check should i need to include any ACL or by the configurations mentioned in the link the mail alerts will be sent to the mail servers
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 36594339
By default, all email alerts are sent with source identity of netscreen@[a.b.c.d], where a.b.c.d represents the IP address of the NetScreen.
To force the email alerts to be sent with an email address fqdn, domain name needs to be configured on the NetScreen, please see KB article below:
http://kb.juniper.net/InfoCenter/index?page=content&id=KB6182

There is no need of a policy for sending out email alerts.

Please let know if you need more details.

Thank you.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 36595819
Thanks
How can i define the subject of the e-mail or what is the default subject line
Is there any way we can define the subject line
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 36600249
I do not think the subject of the email can be configured; please use default subject as sent by firewall.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 36600870
ok let me try
but is it sure that i dont need to define any separate ACL to allow the alert mail to generate & hit the exchange server
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 36914724
but is it sure that i dont need to define any separate ACL to allow the alert mail to generate & hit the exchange server
0
 
LVL 32

Expert Comment

by:dpk_wal
ID: 36918105
You do not need any policy; have you configured; is it not working.
If you have another device between your network and juniper firewall then I cannot comment.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 36928995
thanks
i will be trying it by next week.
Will check it out if it is working fine or not.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 37042969
I have configured the alerting mechanism.
Is there any way i can test the mail from these firewalls
0
 
LVL 32

Accepted Solution

by:
dpk_wal earned 2000 total points
ID: 37048882
Send traffic that triggers the alert and you can test.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 37139501
Thanks
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question