So far we have covered the main features of the UTM in the SRX. We looked at each feature, discussed its application, and analyzed configuration examples for you to follow and adapt to your needs and networks.
Now it’s time explore how to troubleshoot the operation of the different UTM features.
The first thing to check is that each feature used is enabled with
an updated database. The command to do this is
show security utm <feature name>
Let’s go back to the scenario depicted in Figure 9-5 where a host in the Trust
network is going through an SRX with antivirus enabled. The
show security utm anti-virus status command
displays information about the status of the antivirus engine:
show security utm anti-virus statusUTM anti-virus status: Anti-virus key expire date: 2011-03-04 00:00:00 Update server: http://update.juniper-updates.net/AV/SRX650/ Interval: 60 minutes Pattern update status: next update in 3 minutes Last result: already have latest database Anti-virus signature version: 02/08/2010 02:28 GMT, virus records: 531278 Anti-virus signature compiler version: N/A Scan engine type: kaspersky-lab-engine Scan engine information: last action result: No error(0x00000000)
You can see from the output if a valid antivirus license is
installed (and its expiration date), the database version, and the number
of records in it. The last line, showing
action result, is useful for checking the status of the engine or an ongoing pattern update (as we discussed ...