OneConfig Buffalo Project
- Jean-luc KRIKER
http://oneconfig.com/solutions/by-use-case/srx-evaluations/
1- delete all config
2- add mgt address
3- Download & install IDP database
4- copy and paste the OneConfigÂ
1- delete all config
delete
!! request system zeroize  !!! becareful
2- add mgt address
1.1 functional zone ( management zone)
3- Download & install IDP database
request security idp security-package download
request security idp security-package install
set security forwarding-process enhanced-services-modecommit and-quit>>> request system reboot
4- copy and paste the OneConfigÂ
load set terminal          >>>>>> CTRL + d ( at the end ) +then commit
set system host-name SRXbuffaloset system name-server 8.8.8.8set system name-server 8.8.4.4set system services sshset system services web-management https interface ge-0/0/0.0set system services web-management https system-generated-certificateset system syslog archive size 100kset system login announcement "BUFFALO GOLDEN CONFIG V2.6"set system syslog archive files 3set system syslog user * any emergencyset system syslog file messages any criticalset system syslog file messages authorization infoset system max-configurations-on-flash 5set system max-configuration-rollbacks 5set system license autoupdate url https://ae1.juniper.net/junos/key_retrievalset system name-resolution no-resolve-on-inputset system ntp server 0.pool.ntp.orgset system ntp server 1.pool.ntp.orgset services ssl initiation profile ssli protocol-version allset services ssl initiation profile ssli actions ignore-server-auth-failure set services ssl initiation profile ssli trusted-ca allset services ssl initiation profile ssli actions crl disableset security log mode streamset security log format sd-syslogset security log source-interface ge-0/0/0.0 set security log transport protocol tlsset security log transport tls-profile ssliset security log stream oneconfig severity debugset security log stream oneconfig category allset security log transport protocol tls tcp-connections 1set security log stream oneconfig rate-limit 300#set interfaces ge-0/0/0 unit 0 family inet dhcpset interfaces ge-0/0/0 description " Outbound interface to the Internet "#set security zones security-zone LAN-ACCESS host-inbound-traffic protocols all #set security zones security-zone LAN-ACCESS interfaces ge-0/0/0.0#set security zones security-zone LAN-ACCESS host-inbound-traffic system-services alldelete system autoinstallationset chassis alarm management-ethernet link-down ignore set interfaces ge-0/0/1 promiscuous-modeset interfaces ge-0/0/1 unit 0 family inet address 192.168.1.1/24set interfaces ge-0/0/1 description " Tap Mode "set interfaces ge-0/0/1 unit 0 family inet address 192.168.255.1/24 arp 192.168.255.254 mac 00:00:01:01:01:01set routing-instances Sniffer instance-type virtual-routerset routing-instances Sniffer routing-options static route 0.0.0.0/0 next-hop 192.168.255.254set routing-instances Sniffer interface ge-0/0/1.0set vlans eval vlan-id 10set interfaces ge-0/0/2 unit 0 family ethernet-switching vlan members evalset interfaces ge-0/0/3 unit 0 family ethernet-switching vlan members evalset interfaces ge-0/0/4 unit 0 family ethernet-switching vlan members evalset interfaces ge-0/0/5 unit 0 family ethernet-switching vlan members evalset interfaces ge-0/0/2 unit 0 family ethernet-switching interface-mode access set interfaces ge-0/0/3 unit 0 family ethernet-switching interface-mode accessset interfaces ge-0/0/4 unit 0 family ethernet-switching interface-mode access set interfaces ge-0/0/5 unit 0 family ethernet-switching interface-mode accessset services application-identificationset security application-trackingset security application-tracking session-update-interval 180set security flow tcp-session no-syn-checkset security flow tcp-session no-sequence-checkset security forwarding-process enhanced-services-modeset security zones security-zone Sniffer host-inbound-traffic protocols all set security zones security-zone Sniffer host-inbound-traffic system-services all set security zones security-zone Sniffer interfaces ge-0/0/1.0set security zones security-zone Sniffer application-trackingset security policies from-zone Sniffer to-zone Sniffer policy Sniffer1 match source-address anyset security policies from-zone Sniffer to-zone Sniffer policy Sniffer1 match destination-address anyset security policies from-zone Sniffer to-zone Sniffer policy Sniffer1 match application anyset security policies from-zone Sniffer to-zone Sniffer policy Sniffer1 then permit application-services idpset security policies from-zone Sniffer to-zone Sniffer policy Sniffer1 then permit application-services utm-policy UTM-POCset security policies from-zone Sniffer to-zone Sniffer policy Sniffer1 then log session-closeset security zones security-zone Inline host-inbound-traffic protocols all set security zones security-zone Inline host-inbound-traffic system-services all set security zones security-zone Inline interfaces ge-0/0/2.0set security zones security-zone Inline interfaces ge-0/0/3.0set security zones security-zone Inline application-trackingset security policies from-zone Inline to-zone Inline policy Inline1 match source-address anyset security policies from-zone Inline to-zone Inline policy Inline1 match destination-address anyset security policies from-zone Inline to-zone Inline policy Inline1 match application anyset security policies from-zone Inline to-zone Inline policy Inline1 then permit application-services idpset security policies from-zone Inline to-zone Inline policy Inline1 then permit application-services utm-policy UTM-POCset security policies from-zone Inline to-zone Inline policy Inline1 then log session-close
#UTMÂ set security utm feature-profile web-filtering type juniper-enhancedset security utm utm-policy UTM-POC web-filtering http-profile EVAL-EWFset security utm utm-policy UTM-POC traffic-options sessions-per-client over-limit log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Bot_Networks action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Weapons action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Adult_Content action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Malicious_Web_Sites action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Adult_Material action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Sex action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Non_Traditional_Religions action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Advanced_Malware_Command_and_Control action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Advanced_Malware_Payloads action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Violence action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Drugs action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Alcohol_and_Tobacco action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Gambling action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Keyloggers action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Malicious_Embedded_Link action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Malicious_Embedded_iFrame action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Spyware action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Mobile_Malware action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Abused_Drugs action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Application_and_Software_Download action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Compromised_Websites action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Custom_Encrypted_Payloads action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Dynamic_Content action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Dynamic_DNS action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Elevated_Exposure action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Emerging_Exploits action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Entertainment_Video action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Extended_Protection action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_File_Download_Servers action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Files_Containing_Passwords action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Freeware_and_Software_Download action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Games action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Hacking action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Illegal_or_Questionable action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Image_Servers action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Instant_Messaging action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Internet_Radio_and_TV action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Intolerance action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Lingerie_and_Swimsuit action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_MP3_and_Audio_Download_Services action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Marijuana action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Militancy_and_Extremist action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Military action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Network_Errors action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Newly_Registered_Websites action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_News_and_Media action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Non_Traditional_Religions_and_Occult_and_Folklore action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Nudity action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Online_Brokerage_and_Trading action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Organizational_Email action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Pay_to_Surf action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Peer_to_Peer_File_Sharing action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Personal_Network_Storage_and_Backup action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Personals_and_Dating action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Phishing_and_Other_Frauds action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Political_Organizations action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Potentially_Damaging_Content action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Potentially_Exploited_Documents action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Potentially_Unwanted_Software action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Private_IP_Addresses action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Proxy_Avoidance action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Racism_and_Hate action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Security action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Sex_Education action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Social_Networking_and_Personal_Sites action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Social_and_Affiliation_Organizations action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Sport_Hunting_and_Gun_Clubs action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Streaming_Media action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Supplements_and_Unregulated_Compounds action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Surveillance action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Suspicious_Content action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Suspicious_Embedded_Link action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Tasteless action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Text_and_Media_Messaging action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Unauthorized_Mobile_Marketplaces action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Web_Chat action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Web_Collaboration action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Web_Hosting action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF category Enhanced_Web_and_Email_Spam action log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF default log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF fallback-settings default log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF fallback-settings server-connectivity log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF fallback-settings timeout log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF fallback-settings too-many-requests log-and-permitset security utm feature-profile web-filtering juniper-enhanced profile EVAL-EWF timeout 3
#IDPset security idp idp-policy Recommended rulebase-ips rule 1 match from-zone anyset security idp idp-policy Recommended rulebase-ips rule 1 match source-address anyset security idp idp-policy Recommended rulebase-ips rule 1 match to-zone anyset security idp idp-policy Recommended rulebase-ips rule 1 match destination-address anyset security idp idp-policy Recommended rulebase-ips rule 1 match application defaultset security idp idp-policy Recommended rulebase-ips rule 1 match attacks predefined-attack-groups "[Recommended]IP - Critical"set security idp idp-policy Recommended rulebase-ips rule 1 match attacks predefined-attack-groups "[Recommended]IP - Minor"set security idp idp-policy Recommended rulebase-ips rule 1 match attacks predefined-attack-groups "[Recommended]IP - Major"set security idp idp-policy Recommended rulebase-ips rule 1 match attacks predefined-attack-groups "[Recommended]TCP - Critical"set security idp idp-policy Recommended rulebase-ips rule 1 match attacks predefined-attack-groups "[Recommended]TCP - Minor"set security idp idp-policy Recommended rulebase-ips rule 1 match attacks predefined-attack-groups "[Recommended]TCP - Major"set security idp idp-policy Recommended rulebase-ips rule 1 then action no-actionset security idp idp-policy Recommended rulebase-ips rule 1 then notification log-attacksset security idp idp-policy Recommended rulebase-ips rule 2 match from-zone anyset security idp idp-policy Recommended rulebase-ips rule 2 match source-address anyset security idp idp-policy Recommended rulebase-ips rule 2 match to-zone anyset security idp idp-policy Recommended rulebase-ips rule 2 match destination-address anyset security idp idp-policy Recommended rulebase-ips rule 2 match application defaultset security idp idp-policy Recommended rulebase-ips rule 2 match attacks predefined-attack-groups "[Recommended]ICMP - Major"set security idp idp-policy Recommended rulebase-ips rule 2 match attacks predefined-attack-groups "[Recommended]ICMP - Minor"set security idp idp-policy Recommended rulebase-ips rule 2 then action no-actionset security idp idp-policy Recommended rulebase-ips rule 2 then notification log-attacksset security idp idp-policy Recommended rulebase-ips rule 3 match from-zone anyset security idp idp-policy Recommended rulebase-ips rule 3 match source-address anyset security idp idp-policy Recommended rulebase-ips rule 3 match to-zone anyset security idp idp-policy Recommended rulebase-ips rule 3 match destination-address anyset security idp idp-policy Recommended rulebase-ips rule 3 match application defaultset security idp idp-policy Recommended rulebase-ips rule 3 match attacks predefined-attack-groups "[Recommended]HTTP - Critical"set security idp idp-policy Recommended rulebase-ips rule 3 match attacks predefined-attack-groups "[Recommended]HTTP - Major"set security idp idp-policy Recommended rulebase-ips rule 3 match attacks predefined-attack-groups "[Recommended]HTTP - Minor"set security idp idp-policy Recommended rulebase-ips rule 3 then action no-actionset security idp idp-policy Recommended rulebase-ips rule 3 then notification log-attacksset security idp idp-policy Recommended rulebase-ips rule 4 match from-zone anyset security idp idp-policy Recommended rulebase-ips rule 4 match source-address anyset security idp idp-policy Recommended rulebase-ips rule 4 match to-zone anyset security idp idp-policy Recommended rulebase-ips rule 4 match destination-address anyset security idp idp-policy Recommended rulebase-ips rule 4 match application defaultset security idp idp-policy Recommended rulebase-ips rule 4 match attacks predefined-attack-groups "[Recommended]SMTP - Critical"set security idp idp-policy Recommended rulebase-ips rule 4 match attacks predefined-attack-groups "[Recommended]SMTP - Major"set security idp idp-policy Recommended rulebase-ips rule 4 match attacks predefined-attack-groups "[Recommended]SMTP - Minor"set security idp idp-policy Recommended rulebase-ips rule 4 then action no-actionset security idp idp-policy Recommended rulebase-ips rule 4 then notification log-attacksset security idp idp-policy Recommended rulebase-ips rule 5 match from-zone anyset security idp idp-policy Recommended rulebase-ips rule 5 match source-address anyset security idp idp-policy Recommended rulebase-ips rule 5 match to-zone anyset security idp idp-policy Recommended rulebase-ips rule 5 match destination-address anyset security idp idp-policy Recommended rulebase-ips rule 5 match application defaultset security idp idp-policy Recommended rulebase-ips rule 5 match attacks predefined-attack-groups "[Recommended]DNS - Critical"set security idp idp-policy Recommended rulebase-ips rule 5 match attacks predefined-attack-groups "[Recommended]DNS - Minor"set security idp idp-policy Recommended rulebase-ips rule 5 match attacks predefined-attack-groups "[Recommended]DNS - Major"set security idp idp-policy Recommended rulebase-ips rule 5 then action no-actionset security idp idp-policy Recommended rulebase-ips rule 5 then notification log-attacksset security idp idp-policy Recommended rulebase-ips rule 6 match from-zone anyset security idp idp-policy Recommended rulebase-ips rule 6 match source-address anyset security idp idp-policy Recommended rulebase-ips rule 6 match to-zone anyset security idp idp-policy Recommended rulebase-ips rule 6 match destination-address anyset security idp idp-policy Recommended rulebase-ips rule 6 match application defaultset security idp idp-policy Recommended rulebase-ips rule 6 match attacks predefined-attack-groups "[Recommended]FTP - Critical"set security idp idp-policy Recommended rulebase-ips rule 6 match attacks predefined-attack-groups "[Recommended]FTP - Minor"set security idp idp-policy Recommended rulebase-ips rule 6 match attacks predefined-attack-groups "[Recommended]FTP - Major"set security idp idp-policy Recommended rulebase-ips rule 6 then action no-actionset security idp idp-policy Recommended rulebase-ips rule 6 then notification log-attacksset security idp idp-policy Recommended rulebase-ips rule 7 match from-zone anyset security idp idp-policy Recommended rulebase-ips rule 7 match source-address anyset security idp idp-policy Recommended rulebase-ips rule 7 match to-zone anyset security idp idp-policy Recommended rulebase-ips rule 7 match destination-address anyset security idp idp-policy Recommended rulebase-ips rule 7 match application defaultset security idp idp-policy Recommended rulebase-ips rule 7 match attacks predefined-attack-groups "[Recommended]POP3 - Critical"set security idp idp-policy Recommended rulebase-ips rule 7 match attacks predefined-attack-groups "[Recommended]POP3 - Minor"set security idp idp-policy Recommended rulebase-ips rule 7 match attacks predefined-attack-groups "[Recommended]POP3 - Major"set security idp idp-policy Recommended rulebase-ips rule 7 then action no-actionset security idp idp-policy Recommended rulebase-ips rule 7 then notification log-attacksset security idp idp-policy Recommended rulebase-ips rule 8 match from-zone anyset security idp idp-policy Recommended rulebase-ips rule 8 match source-address anyset security idp idp-policy Recommended rulebase-ips rule 8 match to-zone anyset security idp idp-policy Recommended rulebase-ips rule 8 match destination-address anyset security idp idp-policy Recommended rulebase-ips rule 8 match application defaultset security idp idp-policy Recommended rulebase-ips rule 8 match attacks predefined-attack-groups "[Recommended]IMAP - Critical"set security idp idp-policy Recommended rulebase-ips rule 8 match attacks predefined-attack-groups "[Recommended]IMAP - Major"set security idp idp-policy Recommended rulebase-ips rule 8 then action no-actionset security idp idp-policy Recommended rulebase-ips rule 8 then notification log-attacksset security idp idp-policy Recommended rulebase-ips rule 9 match from-zone anyset security idp idp-policy Recommended rulebase-ips rule 9 match source-address anyset security idp idp-policy Recommended rulebase-ips rule 9 match to-zone anyset security idp idp-policy Recommended rulebase-ips rule 9 match destination-address anyset security idp idp-policy Recommended rulebase-ips rule 9 match application defaultset security idp idp-policy Recommended rulebase-ips rule 9 match attacks predefined-attack-groups "[Recommended]TROJAN - Critical"set security idp idp-policy Recommended rulebase-ips rule 9 match attacks predefined-attack-groups "[Recommended]TROJAN - Major"set security idp idp-policy Recommended rulebase-ips rule 9 match attacks predefined-attack-groups "[Recommended]TROJAN - Minor"set security idp idp-policy Recommended rulebase-ips rule 9 match attacks predefined-attack-groups "[Recommended]VIRUS - Critical"set security idp idp-policy Recommended rulebase-ips rule 9 match attacks predefined-attack-groups "[Recommended]VIRUS - Major"set security idp idp-policy Recommended rulebase-ips rule 9 match attacks predefined-attack-groups "[Recommended]VIRUS - Minor"set security idp idp-policy Recommended rulebase-ips rule 9 match attacks predefined-attack-groups "[Recommended]WORM - Critical"set security idp idp-policy Recommended rulebase-ips rule 9 match attacks predefined-attack-groups "[Recommended]WORM - Major"set security idp idp-policy Recommended rulebase-ips rule 9 match attacks predefined-attack-groups "[Recommended]WORM - Minor"set security idp idp-policy Recommended rulebase-ips rule 9 then action no-actionset security idp idp-policy Recommended rulebase-ips rule 9 then notification log-attacksset security idp active-policy Recommendedset security idp sensor-configuration flow idp-bypass-cpu-usg-overloadset services advanced-anti-malware policy skypolicy1 match application HTTPset services advanced-anti-malware policy skypolicy1 match verdict-threshold 6set services advanced-anti-malware policy skypolicy1 then action blockset services advanced-anti-malware policy skypolicy1 then notification logset services advanced-anti-malware policy skypolicy1 inspection-profile atp_all_profileset services advanced-anti-malware policy skypolicy1 fallback-options action permitset services advanced-anti-malware policy skypolicy1 fallback-options notification logset services advanced-anti-malware policy skypolicy1 whitelist-notification logset services advanced-anti-malware policy skypolicy1 blacklist-notification logset security policies from-zone Sniffer to-zone Sniffer policy Sniffer1 then permit application-services advanced-anti-malware-policy skypolicy1set security policies from-zone Inline to-zone Inline policy Inline1 then permit application-services advanced-anti-malware-policy skypolicy1set services security-intelligence profile feeds-cc-p1 category CCset services security-intelligence profile feeds-cc-p1 rule 1 match threat-level 6set services security-intelligence profile feeds-cc-p1 rule 1 match threat-level 7set services security-intelligence profile feeds-cc-p1 rule 1 match threat-level 8set services security-intelligence profile feeds-cc-p1 rule 1 match threat-level 9set services security-intelligence profile feeds-cc-p1 rule 1 match threat-level 10set services security-intelligence profile feeds-cc-p1 rule 1 then action recommendedset services security-intelligence profile feeds-cc-p1 rule 1 then logset services security-intelligence profile feeds-cc-p1 default-rule then action permitset services security-intelligence profile feeds-cc-p1 default-rule then logset services security-intelligence profile Inf-Hosts category Infected-Hostsset services security-intelligence profile Inf-Hosts rule 1 match threat-level 9set services security-intelligence profile Inf-Hosts rule 1 match threat-level 10set services security-intelligence profile Inf-Hosts rule 1 then action permitset services security-intelligence profile Inf-Hosts rule 1 then logset services security-intelligence profile Inf-Hosts default-rule then action permitset services security-intelligence profile Inf-Hosts default-rule then logset services security-intelligence policy pol-cc CC feeds-cc-p1set services security-intelligence policy pol-cc Infected-Hosts Inf-Hostsset security policies from-zone Sniffer to-zone Sniffer policy Sniffer1 then permit application-services security-intelligence-policy pol-ccset security policies from-zone Inline to-zone Inline policy Inline1 then permit application-services security-intelligence-policy pol-ccset security utm feature-profile anti-virus type sophos-engineset security utm feature-profile anti-virus sophos-engine profile EVAL-AV fallback-options default log-and-permitset security utm feature-profile anti-virus sophos-engine profile EVAL-AV fallback-options engine-not-ready log-and-permitset security utm feature-profile anti-virus sophos-engine profile EVAL-AV fallback-options content-size log-and-permitset security utm feature-profile anti-virus sophos-engine profile EVAL-AV fallback-options engine-not-ready log-and-permitset security utm feature-profile anti-virus sophos-engine profile EVAL-AV fallback-options out-of-resources log-and-permitset security utm feature-profile anti-virus sophos-engine profile EVAL-AV fallback-options timeout log-and-permitset security utm feature-profile anti-virus sophos-engine profile EVAL-AV fallback-options too-many-requests log-and-permitset security utm utm-policy UTM-POC anti-virus http-profile EVAL-AVset security log stream oneconfig host 138.68.58.31set security log stream oneconfig host port 5261
set system services ssh protocol-version v2set system login user oneconfig class super-userset system login user oneconfig authentication encrypted-password $1$oneconfi$JnzIHO9k1Ku3lrc7NGqKt0set system services outbound-ssh client oneconfig-ncd01 device-id srx320-jnprjkrikerset system services outbound-ssh client oneconfig-ncd01 secret c178338103a4de0bb32b4b919a94268eset system services outbound-ssh client oneconfig-ncd01 services netconf keep-alive retry 3 timeout 5set system services outbound-ssh client oneconfig-ncd01 ncd01.oneconfig.com port 4087 timeout 60 retry 1000set system services outbound-ssh client oneconfig-ncd02 device-id srx320-jnprjkrikerset system services outbound-ssh client oneconfig-ncd02 secret c178338103a4de0bb32b4b919a94268eset system services outbound-ssh client oneconfig-ncd02 services netconf keep-alive retry 3 timeout 5set system services outbound-ssh client oneconfig-ncd02 ncd02.oneconfig.com port 4087 timeout 60 retry 1000set security log mode streamset security log transport protocol tls tls-profile oneconfig tcp-connections 1set security log stream oneconfig severity debug category allset security log stream oneconfig rate-limit 300set services ssl initiation profile oneconfig protocol-version allset services ssl initiation profile oneconfig actions ignore-server-auth-failure crl disableset security log stream oneconfig host 138.68.58.31 port 5261### Customize your source-interface for on device setup (uncomment next line)# set security log source-interface ge-0/0/0.0
#JLK add on:
set vlans eval vlan-id 10set vlans eval l3-interface irb.0set interfaces irb unit 0 family inet address 192.168.10.1/24set vlans eval l3-interface irb.0set security zones security-zone Inline interfaces irb.0