Introduction

In the Juniper firewall, a policy is the core component of access control. In this section, we will explore the basic principles of a policy and how to create them. All firewall devices use some sort of statement that provides access control between two segments of a network. Each product implements access control differently. If you have experience with any firewall product, then Juniper policies should come easy for you. If you have never had the opportunity to create a network access control policy before, this section will help you understand the principles of access control as well as the methodology of creating a policy.

First, we will look at the definition of a policy and what creating one really means. We will also look into the theory of access control and specific methodologies behind allowing or denying access to network resources. In the second part of this section, we will review what makes up a policy on a Juniper firewall. Every policy must have several basic components defined before it can be created. We will look at each component and how to create them on your firewall.

Much like building a house, Juniper firewalls use different components to build policies. Several components are required for a policy. In this chapter, we will look at these components and how to create them for use in a policy. Components can be created via the Web user interface (WebUI) or the command-line interface (CLI). Each method generates the same result, but...