Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

UTM (Unified Threat Management) Basic Troubleshooting Checklist for SRX

0

0

Article ID: KB25680 KB Last Updated: 03 Aug 2020Version: 4.0
Summary:

This article lists the common mistakes while using the UTM (Unified Threat Management) feature on the Branch SRX series platforms.

Symptoms:

Symptoms:

  • Warning messages are reported when trying to configure UTM
  • Warning messages about an expired trial license are reported
  • Cannot download database updates
  • Traffic is not hitting the expected UTM policy


For UTM configuration help, refer to the following articles:

Also, for additional configuration help and examples, refer to the Technical Documentation: UTM (Unified Threat Management)

After configuration, if it is not working, refer to the checklist of configuration issues below.
 
Solution:

Common UTM issues 

The common UTM configuration errors found in JTAC are as follows. Step thru this checklist to confirm your setup and configuration:

  1. Confirm feature is supported on your SRX device.

    Refer to the table of UTM features supported on SRX Series for your version of Junos:  
    Feature Explorer (UTM)

    Note:  UTM features will only run on high memory (highmem) devices. It will not run on lowmem devices.  Refer to KB15413 on how to tell if your device is highmem.

  2. Confirm licenses.

    These UTM features require a subscription license: Antispam, Antivirus, and Web filtering. You may have forgotten to load the license or the trial license may have expired. Run the following command to verify the licenses are installed:

     user@SRX> show system license 

    For information on how to activate, install, and verify the subscription license, refer to KB16675 - SRX Getting Started - Install license for Antivirus, Web Filter, IDP, or Antispam.

  3. Confirm DNS configuration.

    Run the following command to confirm that DNS is configured:

    user@SRX> show configuration system name-server

    If DNS is not configured, there may be issues with downloading pattern updates.

    For information on how to configure DNS, refer to KB15656 SRX Getting Started - SRX Getting Started - Configure DNS.

  4. Confirm NTP configuration.

    Run the following command to confirm NTP is configured:

    user@SRX> show configuration system ntp

    If NTP is not configured, this may affect the UTM features that have a subscription; there may be issues with downloading pattern updates. Also, if NTP is not configured, there may be an issue with scheduling Web Filtering based on time or day of week; see KB19467.

    For information on how to configure and verify NTP, refer to KB15756 SRX Getting Started - Configure Time and NTP Client.
  5. Confirm the UTM policy is applied to the appropriate Security Policy.

    Note: It is mandatory to apply a UTM policy to Security Polices in order to use the UTM features. Otherwise, traffic will not hit the expected UTM policy.

    The UTM policy is always applied to transit traffic (in the Security Policy hierarchy) as follows:

     user@SRX# set security policy from-zone untrust to-zone trust policy test then permit application-services utm-policy <policy name>

    The above command illustrates applying a specific utm-policy for a security policy from the untrust to the trust zone. As a consequence of this command, all the traffic directed from the untrust to the trust zone would also be examined against the utm-policy.

Other UTM issues

Modification History:
2019-12-26: Removed Kaspersky references.
2020-08-03: Modified "show system name-server" to "show configuration system name-server"
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search