Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[SRX] Invalid notification options are displayed in the anti-virus fallback block notification

0

0

Article ID: KB26697 KB Last Updated: 28 Jan 2013Version: 2.0
Summary:
This article describes the issue of invalid notification options being displayed in anti-virus fallback block notification. The following options are available and configurable from Junos 11.1 or later:

  • allow-email

  • administrator-email

  • display-host
Symptoms:

The fallback-block (allow-email and administrator-email) and host name display features are displayed as follows:

[edit security utm feature-profile anti-virus kaspersky-lab-engine profile test1]
root@srx# set notification-options fallback-block ?
Possible completions:
  <[Enter]>                 Execute this command
  administrator-email       Administrator e-mail address
  allow-email               Administrator e-mail address
+ apply-groups              Groups from which to inherit configuration data
+ apply-groups-except       Don't inherit configuration data from these groups
  custom-message            Custom message for notification
  custom-message-subject    Custom message subject for notification
  display-host              Display hostname
  no-notify-mail-sender     Don't notify mail sender
  notify-mail-sender        Notify mail sender
  type                      Fallback block notification type
  |                         Pipe through a command
[edit security utm feature-profile anti-virus kaspersky-lab-engine profile test1]
root@srx#

Also, these options are configurable:

[edit security utm feature-profile anti-virus kaspersky-lab-engine profile test1]
root@srx# show notification-options
virus-detection {
  type message;
  notify-mail-sender;
  custom-message "Virus detected on your mail and dropped";
  custom-message-subject "Virus detection notification";
}
fallback-block {
  type message;
  display-host;
  allow-email;

  administrator-email "adminemail@test.com";
  custom-message "This mail is not scanned due to some problem on scan engine";
}
fallback-non-block {
  notify-mail-recipient;
  custom-message "this mail is not scanned by AV feature";
}

The above configuration will pass the configuration check:

root@srx# commit
commit complete <====Passed configuration check with NO ERROR

However, these options never work.

Cause:
  • The features have not yet been implemented. However, only the configuration options were added.

  • These features are not supported on any type of anti-virus engine.

  • This is a cosmetic issue and has no impact on other UTM features.
Solution:
Do not use these options; even though they can be found in the CLI.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search