Juniper NETWORKS Security Director Cloud User Guide

Juniper NETWORKS Security Director Cloud

Product Information

The Juniper Security Director Cloud is a cloud-based platform that allows users to manage their devices and subscriptions. It supports vSRX Virtual Firewall and SRX Series Firewalls. Please refer to the Juniper Security Director Cloud Release Notes for more information on supported platforms.

Product Usage Instructions

1. Step 1: Begin
   

2.  Meet Juniper Security Director Cloud:
   Currently, Juniper Security Director Cloud supports vSRX Virtual Firewall and SRX Series Firewalls. Refer to the Juniper Security Director Cloud Release Notes for more information on supported platforms.
   Let’s Get Started:
   Here’s an overview of the process to get Juniper Security Director Cloud up and running and begin using it to manage your devices.

3. Create Your Juniper Security Director Cloud Account:
   Open the URL to the Juniper Security Director Cloud portal.
   In the portal, click Create an Organization Account.
   The Login Credentials page opens. Use this page to set the login credentials for your account.
   Enter your full name, company name, country, phone number for your organization, and click Next. The Organization Account Details page opens.
   Read the terms and conditions of use, and if you agree, click Create Organization Account.
   You’ll receive an email to verify your email address and send a request to activate your organization account.
   Log in to your email account, open the email, and click Activate Organization Account to send a request to activate your organization account.
   If your account activation request is approved, you’ll receive an email with the login page information.
   Click Go to Login Page and enter your email address and password to log in and start using the Juniper Security Director Cloud portal.

4. Add Your Subscription to Juniper Security Director Cloud:
   After you set up your Juniper Security Director Cloud account and log in for the first time, go to the Subscriptions page.
   If you’ve already purchased a Juniper Security Director Cloud subscription, you need to add it to the Security Director Cloud portal.
   Log in to the Juniper Security Director Cloud portal.
   Go to the Administration > Subscriptions page.
   Click Add Subscriptions to open the Add New Subscriptions page.
   Enter the required information.

5. Step 2: Up and Running
   You can now add devices to the Juniper Security Director Cloud  portal. Choose SRX > Device Management > Devices and clickAdd SRX Devices on the Add Devices page. Refer to Step 2: Up and Running for information about the various ways you can add devices to the portal and subscribe them to your subscriptions.

6. Step 3: Keep Going
   Continue using the Juniper Security Director Cloud portal to manage your devices and subscriptions.

Juniper Security Director Cloud

IN THIS GUIDE

• Step 1 : Begin | 1
• Step 2: Up and Running | 7
• Step 3: Keep Going | 11

Step 1: Begin

IN THIS SECTION

• Meet Juniper Security Director Cloud | 2
• Let’s Get Started | 2
• Create Your Juniper Security Director Cloud Account | 3
• Add Your Subscription to Juniper Security Director Cloud | 5

In this guide, we provide a simple, three-step path, to quickly get you up and running with Juniper Security Director Cloud. You’ll learn how to create a Juniper Security Director Cloud account, add devices and subscriptions to Juniper Security Director Cloud, and associate your devices with the subscriptions.

Meet Juniper Security Director Cloud

• Juniper Security Director Cloud is a cloud-based software as a solution (SaaS) portal that manages on-premises security, cloud-based security, and cloud-delivered security—all within one user interface.
• Juniper Security Director Cloud transforms your network to a Secure Access Service Edge (SASE) architecture. It protects from attacks, regardless of the location. This reduces latency and ensures consistent security enforcement without having to back-haul traffic to a corporate location.
• Juniper Security Director Cloud is easy to deploy and configure. It features zero-touch provisioning, intuitive configuration wizards, and a customizable dashboard for 360° visibility into threat behaviors across the entire network. Unified policy management provides easy-to-use, consistent security policies that follow the user, device, and application. You no longer need to recreate policies from one platform to another.

NOTE : Currently, Juniper Security Director Cloud supports vSRX Virtual Firewall and SRX Series Firewalls. See Juniper Security Director Cloud Release Notes for more information on supported platforms.

Let’s Get Started
Here’s an overview of the process to get Juniper Security Director Cloud up and running and begin using it to manage your devices.

Create Your Juniper Security Director Cloud Account
Here’s how to create your Juniper Security Director Cloud account and log in to the Juniper Security Director Cloud portal:

1. Open the URL to the Juniper Security Director Cloud portal.

2. In the portal, click Create an Organization Account.

   • The Login Credentials page opens. Use this page to set the login credentials for your account.

3. Enter the following details and click Next.

   • E-mail address—your preferred e-mail address.
   • Password—a password of your choice.
   • The Contact Details page opens.

4. Enter your full name, company name, country, the phone number for your organization and click Next.

   • The Organization Account Details page opens.

5. Enter the following details of your organization:

   • Type the name of your organization or the organization that will be using Juniper Security Director Cloud to manage devices.
   • Select your home region.

6. Read the terms and conditions of use, and if you agree, click Create Organization Account.

   • You’ll receive an e-mail to verify your e-mail address and to send a request to the Juniper Security Director Cloud team to activate your organization account.

7. Log in to your e-mail account, open the e-mail, and click Activate Organization Account to send a request to activate your organization account.
   NOTE:
   

   • You must verify your e-mail address and click the Activate Organization Account button within 24 hours after receiving the e-mail. Otherwise, your account details will be deleted from Juniper Security Director Cloud, and you’ll have to re-create your account and send the activation request.
   • After verifying your e-mail and sending the account activation request, you’ll receive an e-mail about your organization account activation status within 7 working days.
   • If your account activation request is approved, you’ll receive an e-mail with login page information.

8. Click Go to Login Page and enter your e-mail address and password to log in and start using the Juniper Security Director Cloud portal.

Add Your Subscription to Juniper Security Director Cloud

After you set up your Juniper Security Director Cloud account and log in for the first time, go to the Subscriptions page. Since you haven’t added any subscriptions to the Juniper Security Director Cloud portal, you’ll see the following screen:

If you’ve already purchased a Juniper Security Director Cloud subscription, you need to add it to the Security Director Cloud portal. You can also use the portal with a 30-day trial subscription which is available in the portal by default. During the trial period, you can access the portal and manage up to five devices with standard security features. When the trial subscription ends, you’ll still be able to access the portal for the next 30 days (grace period). After the grace period is over, your account will be inaccessible, and you must create a new account before adding a purchased subscription. To purchase a subscription, reach out to your Juniper Networks sales representative, or account manager, or visit the Juniper Networks Sales site.

NOTE:

• You cannot purchase your subscription through the Juniper Security Director Cloud portal.
• You can purchase your subscription(s) while still in the trial period.

After you purchase a subscription, you’ll receive an e-mail with the following information:

• URL to Juniper Security Director Cloud portal
• Software Support Reference Number (SSRN) to activate your subscription in the portal

Here’s how to add your purchased subscription(s) to the Juniper Security Director Cloud portal:

NOTE : The trial license is available by default with the portal. You don’t have to add it.

1. Log in to the Juniper Security Director Cloud portal.
2. Go to the Administration > Subscriptions page.
   • The Subscriptions page opens.
3. Click Add Subscriptions to open the Add New Subscriptions page.
4. Enter the following information:
   • Name—A descriptive name for the subscription.
   • SSRN—The software support reference number of the subscription that you received in your e-mail.
   • If you’ve purchased multiple subscriptions, click + and enter the subscription details.
5. Click OK.
   • Juniper Security Director Cloud verifies the SSRN and activates the subscription(s). The Subscription page opens displaying the newly added subscriptions.
6. Review your subscription details to be sure everything is correct (activation state, expiration date, number of devices that you can subscribe to a subscription, and so on).

Some Important Information About Subscriptions

• You’ll receive a subscription renewal e-mail notification 90 days before a subscription expires. After that, you’ll receive a renewal e-mail notification once every week until 30 days before the subscription expires.
• You’ll receive a subscription renewal e-mail notification every day starting 30 days before the subscription expires.

You can now add devices to the Juniper Security Director Cloud portal. Choose SRX >Device Management > Devices and click Add SRX Devices on the Add Devices page. See Step 2: Up and Running for information about the various ways you can add devices to the portal and subscribe to your subscriptions.

Step 2: Up and Running

IN THIS SECTION

• Adding Devices | 7
• Add Devices Using Commands | 8
• Associate Devices with Your Juniper Security Director Cloud Subscription | 10

In this section, you’ll learn how to add devices to the Juniper Security Director Cloud portal and subscribe to your subscriptions.

Adding Devices

NOTE: Configure your device with the fully qualified domain name (FQDN) for your home region. See the following table for mapping details

Table 1: Home Region to FQDN Mapping

• Enable port TCP/53 (DNS) – (IP: 8.8.8.8) to allow google DNS server.
• Enable port UDP/53 (DNS) – (IP: 8.8.4.4) to allow google DNS server.

There are multiple ways to add devices to the Security Director cloud portal. Choose the method that’s right for you:

• Add Devices Using Commands. Juniper Security Director Cloud generates commands for adding a device or device cluster. You can copy the commands and paste them into the device console. When you commit the commands to the device, Juniper Security Director Cloud discovers and adds the device or device cluster to the cloud. See “Add Devices Using Commands” on page 8 for details.
• Add Devices With Zero Touch Provisioning. With zero-touch provisioning (ZTP) you can configure and provision devices automatically. You can use ZTP to add devices for Junos OS Release 18.4R1 on SRX300, SRX320, SRX340, SRX345, SRX550 HM, SRX1500 SRX Series Firewalls and for Junos OS Release 20.1R1 on SRX380 Firewalls. See Add Devices Using Zero Touch Provisioning in the Juniper Security Director Cloud User Guide for details.
• Add Devices Using J-Web. This feature is supported from J-Web Release 21.3R1 and later. See Add an SRX Series Firewall to Juniper Security Director Cloud in the J-Web User Guide for SRX Series Firewalls for details.
• Add Devices from the Security Director. This feature is supported by Security Director Release 21.3R1 and later. See Add Devices to Security Director Cloud in the Security Director User Guide for details.

Add Devices Using Commands
Juniper Security Director Cloud generates commands for adding a device or device cluster. You can copy the commands and paste them into the device console. When you commit the commands to the device, Juniper Security Director Cloud discovers and adds the device or device cluster to the cloud.

1. In the Security Cloud Director portal, select SRX > Device Management > Devices to open the Devices page.

2. Click Add Devices to open the Add Devices page.

3. Click Adopt SRX Devices.

4. Juniper Security Director Cloud allows you to add individual devices or device clusters.

   • Select SRX Devices if you want to add individual devices.
   • Select SRX Clusters if you want to add device clusters.

5. Enter the number of devices or device clusters that you want to add to Juniper Security Director Cloud in the Number of SRX devices to be adopted field and click OK. You can add a maximum of 50 devices or device clusters at one time.

   • A message displays confirming that the new device or device cluster has been added. The Devices page opens showing the device or device cluster you just added.
     NOTE : At this point, Juniper Security Director Cloud has not yet completely added the device or device cluster. Therefore, the Connection Status displays as Discovery Not Initiated.

6. On the Devices page, in the Connection Status column for the new device, click the Adopt Device link. If you are adding a device cluster, click the Adopt Cluster link.

   • The Adopt Devices page opens with the commands you need to commit to the device.

7. Copy the commands and paste them to your device console edit prompt and press Enter to run the commands. If you want to add a device cluster, paste these commands to the CLI of the primary device of the cluster.

8. Type Commit and press Enter to commit the changes to the device.

   • When you commit the commands to the device, Juniper Security Director Cloud begins to discover the devices. Refresh the Devices page to view the device discovery progress in the Connection Status column.
   • You can view the status of this process, by going to the Administration > Jobs page.

Once Juniper Security Director Cloud discovers and adds a device or device cluster, the Connection Status changes to Up. If the process fails, the Connection Status changes to Discovery failed. Hover your mouse over the Discovery failed message to see the reason for failure. Now that you’ve added your device(s) to Juniper Security Director Cloud, you’re ready to subscribe your device(s) to your Security Director Cloud subscription (or multiple subscriptions). Associate Devices with Your Juniper Security Director Cloud Subscription

You’ll need to associate each device with your Juniper Security Director Cloud subscription (or multiple subscriptions). Here’s how:

1. Log in to Juniper Security Director Cloud.

2. Select SRX >Device Management >Devices to open the Devices page.

   • For devices that don’t have subscriptions, the Subscriptions column displays No subscription.

3. Select the device(s) and click Manage Subscriptions. The Manage Subscriptions page opens.

4. Choose the subscription for the devices.
   NOTE:
   

   • If you’re using a trial subscription, then select Trial from the list.
   • After associating a device subscription with a device, you can’t remove or transfer the device subscription to another device.

5. Click OK.
   The device is associated with the subscription. You can see the details of the subscription on the Devices page.

Step 3: Keep Going

IN THIS SECTION

• What’s Next? | 11
• General Information | 12
• Learn With Videos | 13

Congratulations! You’ve added your devices to Juniper Security Director Cloud and associated them with your subscriptions. Let’s start using Juniper Security Director Cloud to manage your devices!

What’s Next?
Now that your devices are up and running in Juniper Security Director Cloud, here are some things you can do next.

Dashboard ](https://www.juniper.net/documentation/us/en/software/sd-cloud/sd- cloud/topics/topic-map/sd-cloud-dashboard.html)in the Juniper Security Director Cloud user guide.
Set up a security policy| See About the Security Policy List Page in the Juniper Security Director Cloud user guide.
Set up an IPS profile| See About the IPS Profiles Page in the Juniper Security Director Cloud user guide.
Set up a content security profile| See About the Content Security Profiles Page in the Juniper Security Director Cloud user guide.
Set up a NAT policy| See About the NAT Policy Page in the Juniper Security Director Cloud user guide.
Set up IPsec VPN| See IPsec VPN Main Page Fields and VPN Profiles Main Page Fields in the Juniper Security Director Cloud user guide.

General Information

Here’s some general information about Juniper Security Director Cloud that you may find useful:

Director Cloud Documentation](https://www.juniper.net/documentation/product/us/en/juniper- security-director-cloud)
See all documentation available for the Security Director| Visit Security Director Documentation
See all documentation available for Junos OS| Visit Junos OS Documentation
Configure advanced Security Director features| See the Security Director User Guide
See, automate, and protect your network with Juniper Security| Visit the Security Design Center
Stay up to date on new and changed features, known resolved, and resolved issues| See Juniper Security Director Cloud Release Notes

Learn With Videos

Our video library continues to grow! Here are some great video and training resources that will help you expand your knowledge of Juniper Network Products.

Get short tips and instructions that provide quick answers, clarity, and insight into specific features and functions of Juniper technologies.| See Learning with Juniper on Juniper Networks’ main YouTube page.
View a list of the many free technical trainings we offer at Juniper.| Visit the Getting Started page on the Juniper Learning Portal.

Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners. Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice. Copyright © 2023 Juniper Networks, Inc. All rights reserved.

References

• uds.net
• Documentation Archives (Portable Libraries) | Juniper Networks
• Add Devices to Juniper Security Director Cloud - TechLibrary - Juniper Networks
• Security Director Documentation | Juniper Networks
• Juniper Security Director Cloud Documentation | Juniper Networks
• Juniper Security Director Cloud Documentation | Juniper Networks
• Junos OS Documentation | Juniper Networks
• Security Design Center | Juniper Networks
• Add an SRX Series Firewall to Juniper Security Director Cloud | J-Web for SRX Series 21.3 | Juniper Networks
• About the SRX Policy Page | SD Cloud | Juniper Networks
• About the IPS Profiles Page | SD Cloud | Juniper Networks
• About the NAT Policies Page | SD Cloud | Juniper Networks
• About the Content Security Profiles Page | SD Cloud | Juniper Networks
• IPsec VPN Main Page Fields | SD Cloud | Juniper Networks
• VPN Profiles Main Page Fields | SD Cloud | Juniper Networks
• About the Dashboard | SD Cloud | Juniper Networks

Read User Manual Online (PDF format)

Download This Manual (PDF format)

Download this manual  >>