[j-nsp] Juniper firewall filters/stateful firewalls best practice

Shawn Hargan shawnh at frii.com
Mon Jun 25 10:07:28 EDT 2007


Thanks for the reply. I have gone through that whitepaper, though I've 
not made it entirely through the Security section of the site just yet. 
It did not explain whether it's best to combine firewall filters with 
the stateful firewall (or if it doesn't really matter), though.
-SH

Daniel Lete wrote:
> Hello Shawn,
> You may have seen
> Securing Provider Backbone Networks: Packet Filters, Traffic Shaping 
> and Related Best Practices 
> (http://www.juniper.net/solutions/literature/white_papers/200180.pdf)
>
> in http://www.juniper.net/solutions/literature/white_papers/
>
> there is also a section on Security that may be of use to you.
>
> Daniel
>
>
> Shawn Hargan wrote:
>> Hello,
>>
>> I'm working on a security audit with a Juniper M7i with built in ASP 
>> and an M10i with a discrete AS2PIC. Is there any documentation on 
>> typical best practices for Juniper firewall filters and stateful 
>> firewalls? I'm curious whether it's worth it to define firewall 
>> filters to block out easy traffic before the packets are passed to 
>> the stateful firewall, or if that AS2PIC has enough horsepower to 
>> make the basic filters moot.
>>
>> Thanks for any insight.
>> -SH
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
>>
>


-- 
Shawn Hargan--Network Operations Center
FRII
866-FRII-NOC	noc at frii.com
Monitoring FRII's network 24/7/365.



More information about the juniper-nsp mailing list