Juniper Networks 5XT User Manual
Juniper Networks
NetScreen Release Notes
ScreenOS 5.0.0r9-FIPS
P/N 093-1638-000, Rev. A
Page 4 of 42
According to Trend Micro, the categories of viruses bypassed include HTML and
Javascript. However, the subset of the bypassed viruses can be described as the
following:
Javascript. However, the subset of the bypassed viruses can be described as the
following:
Javascript/Jscript/HTML embedded in HTML code (having HTTP content
type of text/HTML) AND is accessed through a script-enabled browser from a
remote web server (via HTTP).
type of text/HTML) AND is accessed through a script-enabled browser from a
remote web server (via HTTP).
For example, anti-virus scanning would NOT be bypassed for the following
scenarios:
scenarios:
1. Javascript/HTML malware which is stand-alone in a *.js file
2. Javascript/HTML malware propagating via email attachments
2. Javascript/HTML malware propagating via email attachments
So the viruses bypassed would be all Javascript and HTML based viruses, but
accessed or contained with the above characteristics in HTTP traffic only.
accessed or contained with the above characteristics in HTTP traffic only.
2.3 New Features and Enhancements from ScreenOS 5.0.0r6
New Hidden Command - In response to the NISCC VULN 236929, a new
hidden command is implemented in this release. The command is set/unset flow
check tcp-rst-sequence. By default, the command is not set. This command
alters the device’s response to potentially spoofed TCP RST packets.
hidden command is implemented in this release. The command is set/unset flow
check tcp-rst-sequence. By default, the command is not set. This command
alters the device’s response to potentially spoofed TCP RST packets.
2.4 New Features and Enhancements from ScreenOS 5.0.0r1
Juniper NetScreen-5GT - Dial Backup, Dual Untrust, OSPF, and BGP are now
available in the 10-user version. Previously these features were only available in
the Plus version.
available in the 10-user version. Previously these features were only available in
the Plus version.
Juniper NetScreen-5GT - The Extended version provides the same capabilities
as the Plus version with additional features: High Availability (NSRP Lite), the
DMZ security zone, and additional sessions and tunnel capacity. For information
on these features, refer to the Juniper Networks NetScreen ScreenOS Concepts &
Examples Reference Guide for ScreenOS 5.0.0.
as the Plus version with additional features: High Availability (NSRP Lite), the
DMZ security zone, and additional sessions and tunnel capacity. For information
on these features, refer to the Juniper Networks NetScreen ScreenOS Concepts &
Examples Reference Guide for ScreenOS 5.0.0.
Note: You must register your product at
www.juniper.net/support
so that certain
ScreenOS features, such as antivirus or deep inspection, can be activated on the
device. If you already have an account, enter your user ID and password; if you are a
new Juniper customer, create your account first. To register your product, you need
the model and serial number of the device. After registering your product, confirm that
your device has internet connectivity. Issue the CLI command exec license-key
update to make the device connect to the Juniper server to activate the feature.
device. If you already have an account, enter your user ID and password; if you are a
new Juniper customer, create your account first. To register your product, you need
the model and serial number of the device. After registering your product, confirm that
your device has internet connectivity. Issue the CLI command exec license-key
update to make the device connect to the Juniper server to activate the feature.