Feature Explorer AI AI

×

Subscribe now to get the Latest Updates

Watch a 2-minute overview video

Pre-ID default policy enhancements

More Information:

Pre-ID default policy enhancements

The Pre-ID default policy (pre-id-default-policy) denies the flow before performing application identification (AppID) when there are no potential policies to permit the flow. When the device receives the first packet of a traffic flow, it performs a basic 5-tuple matching and checks the defined potential policies to determine how to treat the packet. If all potential policies have action as "deny", and the default policy action is also set to "deny", then the device denies the traffic and does not perform application identification. If any policy has action other than "deny", then the device performs deep packet inspection (DPI) to identify the application.The device checks for potential policies on both zone context and global context.
Product / Application Software Introduced Release
SRX4200 Junos OS 23.4R1
SRX5600 Junos OS 23.4R1