Unlock the full potential of your projects.
Show full map
Copy and edit map Copy

Junos

Louis van Ekert
Get Started. It's Free
or sign up with your email address
Similar Mind Maps Mind Map Outline
Junos by Mind Map: Junos

1. VR

1.1. (KB 16453) In Junos Software, a virtual router is a type of routing instance, which is a collection of routing tables, interfaces, and routing option settings. To establish a virtual router, you do the following: Create a virtual router Assign an interface to a virtual router (if not inet.0). Assign an interface to a zone. Note: Binding interfaces to zones is configured separately from binding interfaces to a virtual router (routing instance). The tasks to create a virtual router in Junos OS Software are slightly different from those in ScreenOS, where you would assign a zone to a virtual router and assign an interface to a zone.

2. Zone

2.1. Assigning interfaces to zones is defined independently from the virtual router, but all interfaces in the same zone must be bound to the same virtual router.

3. Security Policy

3.1. In a Junos OS stateful firewall, the security policies enforce rules for transit traffic, in terms of what traffic can pass through the firewall, and the actions that need to take place on traffic as it passes through the firewall. From the perspective of security policies, the traffic enters one security zone and exits another security zone. This combination of a from-zone and to-zone is called a context. Each context contains an ordered list of policies. Each policy is processed in the order that it is defined within a context. A security policy, which can be configured from the user interface, controls the traffic flow from one zone to another zone by defining the kind(s) of traffic permitted from specified IP sources to specified IP destinations at scheduled times.

3.2. policies set in the root system do not affect policies set in virtual systems.

4. VSYS

4.1. Virtual Systems (VSYS): virtual systems are an additional level of partitioning that creates multiple independent virtual environments, each with its own set of users, firewalls, VPNs, security policies, and management interfaces. By providing administrators with the ability to quickly segment networks into multiple secure environments managed through a single device