Monday, October 24, 2011

What do the policy attributes "ASTLCB" mean in Juniper NetScreen

When viewing the policy list in the command line interface using a 'get policy' command, certain attributes of policies are abbreviated and displayed under the heading "ASTLCB".

What do each of these abbreviations mean?

Here is sample output from a 'get policy' command:> get policy
Total regular policies 1, Default deny, Software based policy search, new policy enabled.
   ID From      To       Src-address   Dst-address  Service               Action   State     ASTLCB
    1 Trust     Untrust  Any-IPv4       Any-IPv4      FTP                   Permit   hidden   ---X-X

What do each of the abbreviations mean in the ASTLCB heading?

A- Deep Inspection attack objects.
S- Policy scheduling.
T- Traffic shaping.
L- Logging.
C- Counting.
B- HA session backup.

If, under the column, "-" is displayed, this means this feature is disabled for this policy.  If an "X" is displayed, it means this feature is enabled for this policy.  In the example here, logging and HA session backup are enabled for this policy.

Leave your comment below

No comments:

Post a Comment