Figure 2: user traffic allowed, Figure 3: user traffic blocked – Juniper Networks V10000 User Manual

4

Copyright © 2010, Juniper Networks, Inc.

IMPLEMENTATION GUIDE -Juniper Networks SRX Series Services Gateways/Websense V10000

Figure 2 illustrates the ladder diagram for user traffic allowed by the Websense V10000. The V10000 proxies the traffic
between the user and the Internet via the V10000 P1 port. The proxied traffic is indicated by the separate dark gray and
light gray traffic flows.

Figure 2: User traffic allowed

Figure 3 illustrates the ladder diagram for user traffic that is blocked and redirected by the V10000.

Figure 3: User traffic blocked

SRX Series

Websense V10000

P1

User attempts to

access a URL

SRX Series redirects

traffic to V10000

SRX Series routes

traffic to the

URL and performs

NAT if necessary

V10000 policy allows
traffic, establishes new
traffic flow (proxy) to
the URL

V10000 proxies
the end-to-end
traffic flow to
the target URL

INTERNET

SRX Series

Websense V10000

P1

C

User attempts to

access a URL

User sees

“blocked page”

on browser

SRX Series redirects

traffic to V10000

User browser

redirected to

V10000 C port

On a policy violation, the
V10000 blocks traffic and
redirects the user's Web browser