Deep Inspection (DI) is a mechanism for filtering traffic permitted by the Juniper Networks firewall. Deep Inspection examines Layer 3 and 4 packet headers and Layer 7 application content and protocol characteristics in an effort to detect and prevent any attacks or anomalous behavior that might be present.
Note: To make DI available, you must first install a license key that enables advanced features.
You can modify certain parameters of a protocol anomaly attack object. Although Juniper Networks defines protocol anomaly attack objects to find deviations from protocol standards defined in RFCs and common RFC extensions, not all implementations adhere to these standards. If you find that the application of a certain protocol anomaly attack object is producing numerous false positives, you can modify its parameters to better match the accepted use of that protocol in your network.
You can modify the parameters for the following protocols (services):
|