Configuring a NetScreen Firewall: Best practice guideline for the basic setup of a NetScreen firewal

Firewalls are generally accepted as the best defense for network security. This paper will detail how to setup a NetScreen firewall using the command line configuration options. It will demonstrate how to setup the trusted and untrusted ports, management IP address, SNMP, DNS and some critical security policies. The report will also show how to configure the syslog reporting, administrator email alerts, and the DHCP server. NetScreen firewalls use an operating system called ScreenOS, an original OS created for firewalls and virtual private networks that runs on a custom designed ASIC. Although there is a web GUI interface available to configure most options, this paper will detail the basic command line configuration as well as suggestions to improve firewall security by limiting logins, configuring a firewall management station and improving egress filtering and logging. In the final section of the paper, the report details how to configure a LAN-to-LAN IKE VPN tunnel using 3DES encryption and SHA-1 authentication.