[j-nsp] Securing management access to Juniper gear
Mark Kamichoff
prox at prolixium.com
Fri Sep 2 14:37:11 EDT 2011
Hi Matthew -
On Fri, Sep 02, 2011 at 02:28:03PM -0400, Matthew S. Crocker wrote:
> What is the recommend/preferred way to secure the SSH & Web access to
> a piece of JunOS gear? I have a couple routers (MX80) and switches
> (EX4200) that are remote. Can I attach packet filters to the system
> services (HTTP,SSH)? Do I attach the packet filter to the lo0
> interface?
You typically attach a firewall filter to the lo0 interface to secure
the routing engine.
For more information I highly recommend the following day one book,
which goes over this in detail:
http://www.juniper.net/us/en/community/junos/training-certification/day-one/fundamentals-series/securing-routing-engine/
I'm not an EX guru, but I believe the same concepts can be applied.
- Mark
--
Mark Kamichoff
prox at prolixium.com
http://www.prolixium.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <https://puck.nether.net/pipermail/juniper-nsp/attachments/20110902/d84e561d/attachment.pgp>
More information about the juniper-nsp
mailing list