Feature Explorer AI AI

Home
Explore
Compare
×

Subscribe now to get the Latest Updates

Watch a 2-minute overview video

Configuration file integrity

More Information:

    Configuration file integrity

    The Junos OS configuration integrity feature enhances the current functionality where certain sensitive data is encrypted and protected by the Trusted Platform Module (TPM) using a master encryption password. This enhancement generates a SHA256 hash of the configuration file that is protected by the master encryption password, meaning that if someone tampers with the configuration, the system will not be able to boot up. If the system is compromised, the administrator can recover the system by clearing the TPM ownership in u-boot and then installing the image in the boot loader using TFTP or USB (if USB port is not restricted).
    Product / Application Software Introduced Release
    SRX300 Junos OS 15.1X49-D110
    SRX320 Junos OS 15.1X49-D110
    SRX340 Junos OS 15.1X49-D110
    SRX345 Junos OS 15.1X49-D110
    SRX380 Junos OS 20.1R1
    SRX5400 Junos OS 20.1R1
    SRX5600 Junos OS 20.1R1
    SRX5800 Junos OS 20.1R1