Space Network Management Platform

Product Information

Specifications

• Product: Junos Space Network Management Platform

• Publication Date: 2023-10-17

• Release: 23.1

• Manufacturer: Juniper Networks, Inc.

• Address: 1133 Innovation Way Sunnyvale, California 94089
  USA

• Contact: 408-745-2000

• Website: www.juniper.net

Introduction

The Junos Space Network Management Platform is a comprehensive
solution for managing network devices. This user guide provides
detailed instructions on how to use the platform’s workspaces and
features.

Viewing the Junos Space Platform Dashboard

The Junos Space Platform Dashboard provides an overview of the
network infrastructure, including device status, alerts, and
performance metrics. To access the dashboard, follow these
steps:

1. Login to the Junos Space Network Management Platform.
2. Click on the “Dashboard” tab.
3. Explore the various widgets and sections to monitor the network
   health and performance.

Device Management

The Device Management workspace in Junos Space allows you to
manage and monitor network devices efficiently. The following
sections provide detailed instructions on different aspects of
device management:

Device Management Overview

The Device Management Overview provides a high-level summary of
the managed devices in your network. To access the overview, follow
these steps:

1. Login to the Junos Space Network Management Platform.
2. Click on the “Device Management” tab.
3. Explore the summary information, such as the total number of
   devices, device health status, and device groups.

Confirmed-commit from Junos Space Network Management

Platform

The Confirmed-commit feature allows you to make configuration
changes on managed devices and verify the changes before committing
them. To use this feature, follow these steps:

1. Login to the Junos Space Network Management Platform.

2. Click on the “Device Management” tab.

3. Select a managed device from the list.

4. Navigate to the configuration section and make the desired
   changes.

5. Click on the “Preview” button to review the changes.

6. If satisfied, click on the “Commit” button to apply the changes
   to the device.

… continued …

FAQ

Q: Is Junos Space Network Management Platform compatible with

all Juniper Networks devices?

A: Junos Space Network Management Platform supports a wide range
of Juniper Networks devices. For a comprehensive list of supported
devices, refer to the documentation or visit the Juniper Networks
website.

Q: How can I export device discovery details as a CSV

file?

A: To export device discovery details as a CSV file, follow
these steps:

1. Login to the Junos Space Network Management Platform.
2. Click on the “Device Management” tab.
3. Navigate to the device discovery profiles section.
4. Select the desired profile.
5. Click on the “Export” button and choose the CSV format.
6. Save the exported file to your preferred location.

Junos Space Network Management Platform
Workspaces User Guide

Published
2023-10-17

RELEASE
23.1

ii
Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408-745-2000 www.juniper.net
Juniper Networks, the Juniper Networks logo, Juniper, and Junos are registered trademarks of Juniper Networks, Inc. in the United States and other countries. All other trademarks, service marks, registered marks, or registered service marks are the property of their respective owners.
Juniper Networks assumes no responsibility for any inaccuracies in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.
Junos Space Network Management Platform Workspaces User Guide 23.1 Copyright © 2023 Juniper Networks, Inc. All rights reserved.
The information in this document is current as of the date on the title page.
YEAR 2000 NOTICE
Juniper Networks hardware and software products are Year 2000 compliant. Junos OS has no known time-related limitations through the year 2038. However, the NTP application is known to have some difficulty in the year 2036.
END USER LICENSE AGREEMENT
The Juniper Networks product that is the subject of this technical documentation consists of (or is intended for use with) Juniper Networks software. Use of such software is subject to the terms and conditions of the End User License Agreement (“EULA”) posted at https://support.juniper.net/support/eula/. By downloading, installing or using such software, you agree to the terms and conditions of that EULA.

iii

Table of Contents

About This Guide | xxxiii

1

Overview

Introduction | 2

Junos Space Platform Workspaces Overview | 2

Viewing the Junos Space Platform Dashboard | 4

2

Devices

Device Management | 9

Device Management Overview | 9

Confirmed-commit from Junos Space Network Management Platform | 11

Viewing Managed Devices | 14

Juniper Networks Devices Supported by Junos Space Network Management Platform | 20

Uploading Device Tags by Using a CSV File | 38

Filtering Devices by CSV | 39

Systems of Record | 41 Systems of Record in Junos Space Overview | 41

Understanding How Junos Space Automatically Resynchronizes Managed Devices | 43

Device Discovery Profiles | 47 Device Discovery Profiles Overview | 47

Creating a Device Discovery Profile | 53
Specifying Device Targets | 53 Specifying Probes | 56 Selecting the Authentication Method and Specifying Credentials | 57 (Optional) Specifying SSH Fingerprints | 59 Scheduling Device Discovery | 59

Running Device Discovery Profiles | 61

iv
Modifying a Device Discovery Profile | 63 Cloning a Device Discovery Profile | 64 Viewing a Device Discovery Profile | 65 Deleting Device Discovery Profiles | 67 Exporting the Device Discovery Details As a CSV File | 68 Modeling Devices | 69 Rapid Deployment Overview | 69 Zero Touch Deployment Using Autoinstallation and Junos Space Network Management Platform on
ACX Series and SRX Series Firewall | 71 Model Devices Overview | 74 Creating a Connection Profile | 75 Creating a Modeled Instance | 79 Activating a Modeled or Cloned Device in Junos Space Network Management Platform | 84 Downloading a Configlet | 89 Viewing and Copying Configlet Data | 90 Activating Devices by Using Configlets | 92
Activating a Device by Using a Plain-text Single Configlet | 93 Activating a Device by Using an AES-encrypted Single Configlet | 93 Activating a Device by Using a Plain-text Bulk Configlet | 93 Activating a Device by Using an AES- encrypted Bulk Configlet | 94 Viewing a Modeled Instance | 94 Adding More Devices to an Existing Modeled Instance | 96 Viewing the Status of Modeled Devices | 97 Deleting Modeled Instances | 98 Viewing a Connection Profile | 99 Cloning a Connection Profile | 100 Modifying a Connection Profile | 101

v
Deleting Connection Profiles | 101 Device Authentication in Junos Space | 103 Device Authentication in Junos Space Overview | 103 Generating and Uploading Authentication Keys to Devices | 108
Generating Authentication Keys | 108 Uploading Authentication Keys to Multiple Managed Devices for the First Time | 109 Uploading Authentication Keys to Managed Devices With a Key Conflict | 111 Resolving Key Conflicts | 112 Modifying the Authentication Mode on the Devices | 114 Acknowledging SSH Fingerprints from Devices | 115 Viewing Device Inventory | 119 Device Inventory Overview | 119 Viewing the Physical Inventory | 121 Displaying Service Contract and EOL Data in the Physical Inventory Table | 125 Viewing Physical Interfaces of Devices | 126 Viewing Logical Interfaces | 129 Viewing and Acknowledging Inventory Changes on Devices | 130 Exporting Device Inventory | 132 Exporting the License Inventory | 132 Viewing and Exporting the Software Inventory of Managed Devices | 135 Exporting the Physical Inventory of Devices | 138 Configuring Juniper Networks Devices | 140 Modifying the Configuration on the Device | 140 Reviewing and Deploying the Device Configuration | 145 Viewing the Configuration Changes on the Device | 146 Validating the Delta Configuration on the Device | 148 Viewing the Device- Configuration Validation Report | 148 Excluding or Including a Group of Configuration Changes | 149

vi
Deleting a Group of Configuration Changes | 149 Approving the Configuration Changes | 150 Rejecting the Configuration Changes | 150 Deploying the Configuration Changes to a Device | 151 Junos OS Releases Supported in Junos Space Network Management Platform | 152 Configuration Guides Overview | 153 Saving the Configuration Created using the Configuration Guides | 154 Previewing the Configuration Created using the Configuration Guides | 154 Deploying the Configuration Created using the Configuration Guides | 155 Viewing and Assigning Shared Objects | 156 Applying a CLI Configlet to Devices | 158 Applying a CLI Configlet to a Physical Inventory Element | 161 Applying a CLI Configlet to a Physical Interface | 165 Applying a CLI Configlet to a Logical Interface | 168 Executing a Script on the Devices | 171 Executing a Script on a Physical Inventory Component | 175 Executing a Script on a Logical Interface | 177 Executing a Script on the Physical Interfaces | 178 Device Adapter | 182 Worldwide Junos OS Adapter Overview | 182 Installing the Worldwide Junos OS Adapter | 183 Connecting to ww Junos OS Devices | 185 Device Configuration Management | 187 Viewing the Active Configuration | 187 Viewing the Configuration Change Log | 192 Resolving Out of band Changes | 193 Creating a Quick Template from the Device Configuration | 195

vii
Adding and Managing Non Juniper Networks Devices | 196 Adding Unmanaged Devices | 196 Modifying Unmanaged Device Configuration | 200 Accessing Devices | 201 Launching a Device’s Web User Interface | 201 Looking Glass Overview | 202 Executing Commands by Using Looking Glass | 203 Exporting Looking Glass Results in Junos Space Network Management Platform | 205 Secure Console Overview | 206 Connecting to a Device by Using Secure Console | 207
Connecting to a Managed Device from the Device Management Page | 208 Connecting to an Unmanaged Device from the Device Management Page | 210 Connecting to a Managed or Unmanaged Device from the Secure Console Page | 212 Configuring SRX Series Firewall Clusters in Junos Space using Secure Console | 214 Configuring a Standalone Device from a Single-node Cluster | 215 Configuring a Standalone Device from a Two-Node Cluster | 217 Configuring a Primary Peer in a Cluster from a Standalone Device | 220 Configuring a Secondary Peer in a Cluster from a Standalone Device | 223 Configuring a Cluster with Loopback Interface | 226 Logical Systems (LSYS) | 227 Understanding Logical Systems for SRX Series Firewalls | 227 Creating a Logical System (LSYS) | 228 Deleting Logical Systems | 229 Viewing Logical Systems for a Physical Device | 229 Viewing the Physical Device for a Logical System | 230 Tenant System (TSYS) | 232 Understanding Tenant Systems for SRX Series Firewalls | 232 Creating a Tenant System (TSYS) | 233

viii
Deleting Tenant Systems | 234 Viewing Tenant Systems for a Physical Device | 234 Viewing the Physical Device for a Tenant System | 235 Device Partitions | 237 Creating Device Partitions | 237 Modifying Device Partitions | 238 Deleting Device Partitions | 239 Custom Labels | 241 Adding Custom Labels | 241
Adding Custom Labels for a Device | 242 Adding Custom Labels for Physical Inventory | 242 Adding Custom Labels for a Physical Interface | 243 Adding Custom Labels for a Logical Interface | 244 Importing Custom Labels | 244 Modifying Custom Labels | 246 Deleting Custom Labels | 246 Verifying Template, Image Deployment, Script Execution, and Staged Images on Devices | 248 Viewing the Device-Template Association (Devices) | 248 Viewing Associated Scripts | 251 Viewing Script Execution | 251 Viewing Staged Images on a Device | 252 Device Monitoring | 255 Viewing Alarms from a Managed Device | 255 Viewing the Performance Graphs of a Managed Device | 257 Device Maintenance | 260 Viewing Device Statistics | 260 Viewing Devices and Logical Systems with QuickView | 261

ix

Resynchronizing Managed Devices with the Network | 262

Putting a Device in RMA State and Reactivating Its Replacement | 263 Putting a Device in RMA State | 264 Reactivating a Replacement Device | 264

Modifying the Target IP Address of a Device | 267

Modifying the Serial Number of a Device | 268

Rebooting Devices | 269

Deleting Staged Images on a Device | 270

Cloning a Device in Junos Space Network Management Platform | 271

Deleting Devices | 272

3

Device Templates

Overview | 274

Device Templates Overview | 274

Template Definitions | 283 Creating a Template Definition | 283

Finding Configuration Options in a Template Definition | 289

Working with Rules in a Template Definition | 291

Specifying Device-Specific Values in Template Definitions | 293 Creating a CSV file with device-specific values | 293 Using a CSV file to set device-specific values | 294

Managing CSV Files for a Template Definition | 295

Publishing a Template Definition | 296

Viewing a Template Definition | 296

Modifying a Template Definition | 298

Cloning a Template Definition | 298

Importing a Template Definition | 299

Exporting a Template Definition | 300

x
Unpublishing a Template Definition | 301 Deleting a Template Definition | 302 Configuring Devices using Device Templates | 303 Creating a Device Template | 303 Assigning a Device Template to Devices | 305 Deploying a Template to the Devices | 306 Modifying a Device Template | 310 Undeploying a Device Template from the Devices | 311 Unassigning a Device Template from the Devices | 312 Auditing a Device Template Configuration | 313 Configuring Devices using Quick Templates | 316 Quick Templates Overview | 316 Creating a Quick Template | 317 Deploying a Quick Template | 322 Device Template Administration | 326 Viewing Template Details | 326 Viewing the Device-Template Association (Device Templates) | 327 Viewing Template Definition Statistics | 330 Viewing Device Template Statistics | 330 Comparing Templates or Template Versions | 331 Comparing a Device Template Configuration with a Device Configuration | 332 Cloning a Template in Junos Space Network Management Platform | 334 Exporting and Importing a Quick Template in Junos Space Network Management Platform | 335
Exporting a Quick Template | 335 Importing a Quick Template | 336 Deleting Device Templates from Junos Space Network Management Platform | 337

xi

4

CLI Configlets

Overview | 339

CLI Configlets Overview | 339

CLI Configlets Workflow | 342

Configlet Context | 347

Nesting Parameters | 353

CLI Configlets | 355 Creating a CLI Configlet | 355

Modifying a CLI Configlet | 359

Viewing CLI Configlet Statistics | 359

Viewing a CLI Configlet | 360

Exporting CLI Configlets | 363

CLI Configlet Examples | 364

Deleting CLI configlets | 374

Cloning a CLI Configlet | 374

Importing CLI Configlets | 375

Applying a CLI Configlet to Devices | 380

Comparing CLI Configet Versions | 384

Marking and Unmarking CLI Configlets as Favorite | 385 Marking CLI Configlets as Favorite | 385 Unmarking CLI Configlets Marked as Favorite | 386

Configuration Views | 387 Configuration Views Overview | 387

Configuration View Variables | 388

Configuration View Workflow | 389

XML Extensions | 391

Creating a Configuration View | 392

xii

Viewing a Configuration View | 394

Modifying a Configuration View | 396

Deleting Configuration Views | 396

Exporting and Importing Configuration Views | 397 Exporting Configuration Views | 398 Importing Configuration Views | 399

Viewing Configuration Views Statistics | 400

Default Configuration Views Examples | 401

XPath and Regular Expressions | 407 XPath and Regex Overview | 407

Creating Xpath or Regex | 407

Modifying Xpath and Regex | 408

Deleting Xpath and Regex | 409

XPath and Regular Expression Examples | 409

Configuration Filters | 412 Creating a Configuration Filter | 412

Modifying a Configuration Filter | 413

Deleting Configuration Filters | 413

5

Images and Scripts

Overview | 416

Device Images and Scripts Overview | 416

Viewing Statistics for Device Images and Scripts | 417

Managing Device Images | 420 Device Images Overview | 420

Importing Device Images to Junos Space | 422

Viewing Device Images | 423

Modifying Device Image Details | 425

xiii
Staging Device Images | 427 Staging Satellite Software Packages on Aggregation Devices | 431 Verifying the Checksum | 436 Viewing and Deleting MD5 Validation Results | 440
Viewing the MD5 Validation Results | 441 Deleting the MD5 Validation Results | 442 Deploying Device Images | 443 Deploying Satellite Software Packages on Aggregation and Satellite Devices | 458 Viewing Device Image Deployment Results | 464 Viewing Device Association of Images | 465 Undeploying JAM Packages from Devices | 467 Removing Device Images from Devices | 473 Deleting Device Images | 477 Managing Scripts | 479 Scripts Overview | 480 Promoting Scripts Overview | 482 Importing Scripts to Junos Space | 483 Importing Scripts from Files | 484 Importing Scripts from a Git Repository | 485 Viewing Script Details | 488 Modifying Scripts | 492 Modifying Script Types | 495 Comparing Script Versions | 495 Staging Scripts on Devices | 496 Verifying the Checksum of Scripts on Devices | 500 Viewing Verification Results | 503 Enabling Scripts on Devices | 504

xiv
Executing Scripts on Devices | 508 Executing Scripts on Devices Locally with JUISE | 512 Viewing Execution Results | 516 Exporting Scripts in .tar Format | 517 Viewing Device Association of Scripts | 518 Marking and Unmarking Scripts as Favorite | 519
Marking Scripts as Favorite | 519 Unmarking Scripts Marked as Favorite | 520 Disabling Scripts on Devices | 521 Removing Scripts from Devices | 523 Deleting Scripts | 527 Script Annotations | 528 Script Example | 537 Managing Operations | 540 Operations Overview | 540 Creating an Operation | 541 Importing an Operation | 546 Viewing an Operation | 548 Modifying an Operation | 550 Running an Operation | 550 Viewing Operation Results | 554 Copying an Operation | 555 Exporting an Operation in .tar Format | 556 Deleting an Operation | 557 Managing Script Bundles | 559 Script Bundles Overview | 559 Creating a Script Bundle | 560

xv

Viewing Script Bundles | 563

Modifying a Script Bundle | 565

Staging Script Bundles on Devices | 565

Enabling Scripts in Script Bundles on Devices | 568

Executing Script Bundles on Devices | 570

Disabling Scripts in Script Bundles on Devices | 573

Viewing Device Associations of Scripts in Script Bundles | 574

Deleting Script Bundles | 575

6

Reports

Reports Overview | 578

Reports Overview | 578

Report Definitions | 592 Creating Report Definitions | 592

Viewing Report Definitions | 594

Modifying Report Definitions | 595

Cloning Report Definitions | 596

Deleting Report Definitions | 597

Viewing Report Definition Statistics | 598

Reports | 599 Generating Reports | 599

Viewing a Report | 602

Viewing and Downloading Generated Reports | 604

Deleting Generated Reports | 604

Viewing Report Statistics | 605

7

Network Monitoring

Overview | 608

Network Monitoring Workspace Overview | 608

xvi
Working with the Network Monitoring Home Page | 611 Viewing Nodes with Pending Problems | 612 Viewing Nodes with Outages | 613 Availability Over the Past 24 Hours | 613 Viewing Outstanding Notifications | 614 Viewing Resource Graphs | 614 Viewing KSC Reports | 615 Searching for Nodes by Using Quick Search | 615
Managing Nodes | 618 Viewing the Node List | 618
Managing Surveillance Categories | 620 Modifying Surveillance Categories | 620 Deleting Surveillance Categories | 620 Adding Surveillance Categories | 620
Resynchronizing Nodes in Network Monitoring | 621
Turning SNMP Data Collection Off and On | 622
Searching for Nodes and Assets | 624 Searching for Nodes or Nodes with Asset Information | 624
Searching for Nodes | 625 Searching for Nodes with Asset Information | 627
Working with Node Assets | 628 Searching for and Viewing Nodes with Asset Information | 629 Viewing and Modifying Node Asset Information | 629
Managing Outages | 631 Viewing and Tracking Outages | 631
Viewing Details about an Outage | 632 Viewing the List of Outages | 633
Configuring Scheduled Outages | 635
Using the Network Monitoring Dashboard | 636 Viewing the Network Monitoring Dashboard | 636
Using the Dashboard Surveillance View | 637

xvii
Managing and Configuring Events | 641 Viewing and Managing Events | 641
Viewing the Details of an Event | 642 Searching for Events (Advanced Event Search) | 644 Viewing, Searching for, Sorting, and Filtering Events | 645
Selecting and Sending an Event to the Network Management System | 648
Managing Events Configuration Files | 649 Adding New Events Configuration Files | 649 Deleting Events Configuration Files | 649 Modifying Events Configuration Files | 650
Managing and Configuring Alarms | 652 Viewing and Managing Alarms | 652
Viewing Details of an Alarm and Acting on an Alarm | 654 Viewing Alarms in Summary and Detailed Views | 658 Viewing NCS Alarms | 664 Searching for Alarms (Advanced Alarms Search) | 665
Alarm Notification Configuration Overview | 666
Configuring Alarm Notification | 670 Configuring a Basic Filter for Alarm Notification | 671 Activating Alarm Notification Configuration Files for Basic Filtering | 672 Reloading a Filter Configuration to Apply Filter Configuration Changes | 673
Managing and Configuring Notifications | 674 Viewing, Configuring, and Searching for Notifications | 674
Notification Escalation | 675
Configuring Event Notifications, Path Outages, and Destination Paths | 675 Configuring Event Notifications | 676 Configure Destination Paths | 678 Configure Path Outages | 679
Managing Reports and Charts | 681 Network Monitoring Reports Overview | 681
Creating Reports | 683

xviii
Creating Key SNMP Customized Performance Reports, Node Reports, and Domain Reports | 683 Creating a New KSC Report from an Existing Report | 683
Viewing Reports | 684 Viewing Resource Graphs | 685 Viewing Key SNMP Customized (KSC) Performance Reports, Node Reports, and Domain Reports | 685 Viewing Database Reports | 686 Sending Database Reports | 686 Viewing Pre-run Database Reports | 687 Viewing Statistics Reports | 688 Generating a Statistics Report for Export | 688
Deleting Reports | 689 Deleting Key SNMP Customized Reports | 689 Deleting Pre-Run Database Reports | 689
Viewing Charts | 690
Network Monitoring Topology | 691 Network Monitoring Topology Overview | 691
Working with Topology | 693 Using the Search Option to View Nodes | 694 Working with Topology Views | 695 Viewing the Events and Alarms Associated with a Node | 697 Viewing Alarms and Node Details | 697 Viewing Nodes with Active Alarms | 699 Managing Alarms Associated with Nodes | 699 Viewing the Topology with Different Layouts | 700 Automatic Refresh of the Topology | 700 Viewing the Status of Node Links | 700 Viewing the Alarm State of Services Links | 701 Pinging a Node | 701 Viewing the Resource Graphs Associated with the Node | 702 Connecting to a Device by Using SSH | 702
Network Monitoring Topology Discovery Methods Supported by Junos Space Network Management Platform | 704

xix
Network Monitoring Administration | 706 Configuring Network Monitoring System Settings | 706
Network Monitoring System Information | 707 Generating a Log File for Troubleshooting | 707 Changing the Notification Status | 708
Updating Network Monitoring After Upgrading the Junos Space Network Management Platform | 709 Overview | 709 Step 1: Monitoring the Software Install Status Window for File Conflicts | 709 Step 2: Identifying Files with Conflicts | 710 Step 3: Merging Files with Conflicts | 712 Step 4: Verifying the Manual Merge Status of Configuration Files | 713 Step 5: Final Steps After Upgrading Network Monitoring | 713
Configuring SNMP Community Names by IP | 715
Configuring SNMP Data Collection per Interface | 716
Managing Thresholds | 716 Creating Thresholds | 717 Modifying Thresholds | 719 Deleting Thresholds | 720
Compiling SNMP MIBs | 720 Uploading MIBs | 721 Compiling MIBs | 721 Viewing MIBs | 722 Deleting MIBs | 722 Clearing MIB Console Logs | 722 Generating Event Configuration | 722 Generating a Data Collection Configuration | 724
Managing SNMP Collections | 726 Adding a New SNMP Collection | 726 Modifying an SNMP Collection | 727
Managing SNMPv3 Trap Configuration | 727
Managing Data Collection Groups | 731

xx

Adding New Data Collection Files | 731 Deleting Data Collection Files | 731 Modifying Data Collection Files | 732

Managing and Unmanaging Interfaces and Services | 734

Starting, Stopping, and Restarting Services | 734

8

Configuration Files

Overview | 739

Managing Configuration Files Overview | 739

Viewing Configuration File Statistics | 741

Managing Configuration Files | 743 Backing Up Configuration Files | 743

Viewing Configuration Files | 750

Comparing Configuration Files | 754

Modifying Configuration Files | 756

Restoring Configuration Files | 758

Exporting Configuration Files | 760

Deleting Configuration Files | 762

9

Jobs

Overview | 765

Jobs Overview | 765

Managing Jobs | 769 Viewing Statistics for Jobs | 769
Viewing the Types of Jobs That Are Run | 770 Viewing the State of Jobs That Have Run | 770 Viewing Average Execution Times for Jobs | 770

Viewing Your Jobs | 771

Viewing Jobs | 772

Viewing Objects on Which a Job is Executed | 776

xxi

Viewing Job Recurrence | 779

Rescheduling and Modifying the Recurrence Settings of Jobs | 780

Retrying a Job on Failed Devices | 781

Reassigning Jobs | 783

Canceling Jobs | 785

Clearing Your Jobs | 786

Archiving and Purging Jobs | 787 Purging Jobs Without Archiving | 788 Archiving Jobs to a Local Server and Purging the Jobs from the Database | 789 Archiving Jobs to a Remote Server and Purging the Jobs from the Database | 790

Common Error Messages in Device-Related Operations | 792

10

Role-Based Access Control

Overview | 796

Role-Based Access Control Overview | 796

Roles | 799 Roles Overview | 799

Predefined Roles Overview | 800

Creating a User-Defined Role | 831

Managing Roles | 832 Viewing User Role Details | 833 Managing Predefined and User-Defined Roles | 833

Modifying User-Defined Roles | 834

Deleting User-Defined Roles | 835

Cloning Predefined and User-Defined Roles | 836

Exporting User-Defined Roles from Junos Space Network Management Platform | 837

Importing Roles to Junos Space Network Management Platform | 838

User Accounts | 840 Configuring Users to Manage Objects in Junos Space Overview | 840

xxii
Creating Users in Junos Space Network Management Platform | 842 Creating a User | 844
Modifying a User | 851 Deleting Users | 856 Disabling and Enabling Users | 857 Unlocking Users | 859 Viewing Users | 860
Sorting Columns | 861 Displaying or Hiding Columns | 861 Filtering Users | 862 Viewing User Details | 862 Performing Actions on Users | 866 Exporting User Accounts from Junos Space Network Management Platform | 867 Creating a User Accounts Report Definition | 867 Generating and Downloading a Report | 868 Changing Your Password on Junos Space | 870 Clearing User Local Passwords | 871 Viewing User Statistics | 872 Viewing the Number of Users Assigned by Role | 872 User Groups | 874 User Groups Overview | 874 Managing User Groups | 875 Creating a User Group | 875 Modifying a User Group | 877 Deleting a User Group | 878 Job Management Using User Groups | 879 Domains | 882 Domains Overview | 882 Working with Domains | 890

xxiii

Adding a Domain | 890 Modifying a Domain | 893 Deleting Domains | 894 Switching from One Domain to Another | 897

Assigning Objects to an Existing Domain | 897 Assigning Users to an Existing Domain from the Domains Page | 898 Assigning Devices to an Existing Domain from the Domains Page | 898 Assigning Remote Profiles to an Existing Domain from the Domains Page | 899 Assigning Objects to an Existing Domain from the Inventory Landing Pages | 900

Exporting Domains from Junos Space Network Management Platform | 901

Remote Profiles | 902 Creating a Remote Profile | 902

Modifying a Remote Profile | 904

Deleting Remote Profiles | 904

API Access Profiles | 906 Creating an API Access Profile | 906

Modifying an API Access Profile | 908

Deleting API Access Profiles | 908

User Sessions | 910 User Sessions Overview | 910

Limiting User Sessions in Junos Space | 911

Terminating User Sessions | 913

Using the Junos Space CLI to View Users Logged In to the Junos Space GUI | 915

11

Audit Logs

Overview | 918

Junos Space Audit Logs Overview | 918

Managing Audit Logs | 920 Viewing Audit Logs | 920

xxiv

Viewing Audit Log Statistics | 924 Viewing the Dynamic Audit Log Statistical Graph | 925 Viewing the Top 10 Active Users In 24 Hours Statistics | 926

Exporting Audit Logs | 927

Converting the Junos Space Audit Log File Timestamp from UTC to Local Time Using Microsoft Excel | 928

Archiving and Purging or Only Purging Audit Logs | 929 Purging Audit Logs Without Archiving | 929 Purging Audit Logs After Archiving | 932

12

Administration

Overview | 937

Junos Space Administrators Overview | 937

Viewing the Administration Statistics | 940 Viewing System Health Information | 940 Viewing the System Health Report | 940 Viewing System Alert Messages in the Last 30 Days | 953

Junos Space IPv6 Support Overview | 954

Maintenance Mode Overview | 956

Managing Nodes in the Junos Space Fabric | 959 Fabric Management Overview | 960

Overall System Condition and Fabric Load History Overview | 962

Junos Space Nodes and FMPM Nodes in the Junos Space Fabric Overview | 965

Dedicated Database Nodes in the Junos Space Fabric Overview | 972

Adding a Node to an Existing Junos Space Fabric | 975 Adding a Junos Space Node to the Junos Space Fabric | 977 Adding an FMPM Node to the Junos Space Fabric | 981 Obtaining Fingerprint of a Junos Space Node | 982

Viewing Nodes in the Fabric | 983 Changing Views | 984 Viewing Fabric Node Details | 984

xxv
Monitoring Nodes in the Fabric | 993 Viewing and Modifying the SNMP Configuration for a Fabric Node | 994 Starting SNMP Monitoring on Fabric Nodes | 1036 Stopping SNMP Monitoring on Fabric Nodes | 1037 Restarting SNMP Monitoring on Fabric Nodes | 1037 Adding a Third-Party SNMP V1 or V2c Manager on a Fabric Node | 1038 Adding a Third-Party SNMP V3 Manager on a Fabric Node | 1038 Deleting a Third-Party SNMP Manager from a Fabric Node | 1040 Installing StorMan RPM for Monitor RAID Functionality | 1041
Viewing Alarms from a Fabric Node | 1041 Shutting Down or Rebooting Nodes in the Junos Space Fabric | 1043 Deleting a Node from the Junos Space Fabric | 1045 Resetting MySQL Replication | 1047 Modifying the Network Settings of a Node in the Junos Space Fabric | 1049
Modifying the Fabric Virtual IP Address | 1050 Modifying the Network Settings of a Node | 1051 Load-Balancing Devices Across Junos Space Nodes | 1054 Replacing a Failed Junos Space Node | 1055 Generating and Uploading Authentication Keys to Devices | 1056 Generating Authentication Keys | 1057 Uploading Authentication Keys to Multiple Managed Devices for the First Time | 1058 Uploading Authentication Keys to Managed Devices With a Key Conflict | 1060 Configuring the ESX or ESXi Server Parameters on a Node in the Junos Space Fabric | 1061 Creating a System Snapshot | 1062 Deleting a System Snapshot | 1064 Restoring the System to a Snapshot | 1065 NAT Configuration for Junos Space Network Management Platform Overview | 1066 Configuring the NAT IP Addresses and Ports on Junos Space Platform | 1079 Modifying the NAT IP Addresses and Ports on Junos Space Platform | 1081

Disabling the NAT Configuration on Junos Space Platform | 1082
Backing up and Restoring the Junos Space Platform Database | 1083 Backing Up and Restoring the Database Overview | 1083
Backing Up the Junos Space Network Management Platform Database | 1086
Restoring the Junos Space Network Management Platform Database | 1092 Restoring the Junos Space Platform Database from a Local Backup File | 1093 Restoring the Junos Space Platform Database from a Remote Backup File | 1094
Deleting Junos Space Network Management Platform Database Backup Files | 1096
Viewing Database Backup Files | 1098 Changing Views | 1098 Viewing Database Details | 1099 Managing Database Commands | 1099
Managing Licenses | 1101 Generating and Uploading the Junos Space License Key File | 1101
Generating the Junos Space License Key File | 1102 Uploading the Junos Space License Key File Contents | 1102
Viewing Junos Space Licenses | 1104
Managing Junos Space Platform and Applications | 1106 Managing Junos Space Applications Overview | 1106
Upgrading Junos Space Network Management Platform Overview | 1108
Junos Space Store Overview | 1111 About the Junos Space Store | 1111 Benefits of Junos Space Store | 1111
Configuring and Managing Junos Space Store | 1112 Configuring Junos Space Store in Junos Space Network Management Platform | 1112 Modifying Junos Space Store Settings | 1114 Installing and Upgrading Junos Space Applications from Junos Space Store | 1115
Running Applications in Separate Server Instances | 1116 Adding a Server Group | 1117 Adding a Server to a Server Group | 1118

xxvi

xxvii
Starting Servers in a Server Group | 1119 Stopping Servers in a Server Group | 1119 Removing a Server Group | 1120 Moving an Application to a Different Server Group | 1120
Managing Junos Space Applications | 1121 Viewing Detailed Information About Junos Space Platform and Applications | 1121 Performing Actions on Junos Space Platform and Applications | 1122
Modifying Settings of Junos Space Applications | 1123
Modifying Junos Space Network Management Platform Settings | 1124
Managing File Integrity Check | 1146 Configuring File Integrity Check | 1147 Manually Checking File Integrity | 1147
Starting, Stopping, and Restarting Services | 1148
Adding a Junos Space Application | 1151 Uploading the Junos Space Application | 1152 Installing the Uploaded Junos Space Application | 1153
Upgrading a Junos Space Application | 1155
Upgrading Junos Space Network Management Platform | 1156
Synchronizing Time Across Junos Space Nodes | 1162
Upgrading to Junos Space Network Management Platform Release 21.1R1 | 1165 Before You Begin | 1166 Disabling Device Communication | 1167 Downloading and Installing the Junos Space Platform 20.3R1 Patch | 1168 Executing the Data Back Up Procedure | 1169 Validating the Backup File | 1173 Installing Junos Space Platform Release 21.1R1 as a Standalone Node or the First Node of the Fabric and Restoring the Backed-Up Data | 1175 Rolling Back to Junos Space Platform Release 20.3R1 if Upgrade Fails | 1176 Installing Junos Space Platform Release 21.1R1 on the Remaining Nodes of the Fabric | 1180 Enabling Device Communication | 1181 Managing Disaster Recovery Configuration after Upgrade to 21.1 | 1181

xxviii
Uninstalling a Junos Space Application | 1181
Managing Troubleshooting Log Files | 1183 System Status Log File Overview | 1183
Customizing Node System Status Log Checking | 1185
Customizing Node Log Files to Download | 1186
Configuring JBoss and OpenNMS Logs in Junos Space | 1187
Generating JBoss Thread Dump for Junos Space Nodes | 1189
Downloading the Troubleshooting Log File in Server Mode | 1191
Downloading the Troubleshooting Log File in Maintenance Mode | 1194
Downloading Troubleshooting System Log Files Through the Junos Space CLI | 1195 Downloading a System Log File by Using a USB Device | 1196 Downloading System Log File by Using SCP | 1197
Managing Certificates | 1200 Certificate Management Overview | 1200
Changing User Authentication Modes | 1208 Changing the User Authentication Mode from Password-Based to Complete Certificate-Based from the User Interface | 1209 Changing the User Authentication Mode from Complete Certificate-Based to Certificate Parameter­Based from the User Interface | 1210 Changing the User Authentication Mode from Certificate Parameter­Based to Complete Certificate-Based from the User Interface | 1212 Changing the User Authentication Mode to Password-Based from the User Interface | 1212 Changing the User Authentication Mode to Password-Based from the CLI | 1213
Installing a Custom SSL Certificate on the Junos Space Server | 1214 Installing an X.509 Junos Space Server Certificate | 1214 Installing a Junos Space Server Certificate in the PKCS #12 Format | 1215 Reverting to the Default Junos Space Server SSL Certificate | 1216
Uploading a User Certificate | 1217 Uploading a User Certificate for a New User | 1217 Uploading a User Certificate for an Existing User | 1218 Uploading Your User Certificate | 1218

Uploading a CA Certificate and Certificate Revocation List | 1219 Uploading a CA Certificate | 1219 Uploading a Certification Revocation List | 1220 Deleting CA Certificates or Certificate Revocation Lists | 1220
Deleting a CA Certificate or Certificate Revocation List | 1221 Adding and Activating X.509 Certificate Parameters for X.509 Certificate Parameter
Authentication | 1221 Adding X.509 Certificate Parameters for X.509 Certificate Parameter Authentication | 1222 Activating an X.509 Certificate Parameter | 1223 Modifying an X.509 Certificate Parameter | 1224 Deleting X.509 Certificate Parameters | 1225 Configuring Authentication Servers | 1227 Remote Authentication Overview | 1227 Junos Space Authentication Modes Overview | 1228 Junos Space Login Behavior with Remote Authentication Enabled | 1231 Managing Remote Authentication Servers | 1236 Creating a Remote Authentication Server | 1238 Modifying Authentication Settings | 1241 Configuring a RADIUS Server for Authentication and Authorization | 1242 Configuring a TACACS+ Server for Authentication and Authorization | 1244 Managing SMTP Servers | 1247 Managing SMTP Servers | 1247 Adding an SMTP Server | 1248 Email Listeners | 1250 Email Listeners Overview | 1250 Adding Users to the Email Listeners List | 1251 Modifying Users in the Email Listeners List | 1252 Deleting Users from the Email Listeners List | 1252

xxix

xxx
Managing Git Repositories | 1254 Git Repositories in Junos Space Overview | 1254 Managing Git Repositories in Junos Space | 1255
Adding Git Repositories to Junos Space | 1256 Modifying Git Repositories in Junos Space | 1256 Deleting Git Repositories from Junos Space | 1257 Setting the Active Git Repository | 1257 Testing the Connection to the Git Repository | 1258 Viewing Git Repositories in Junos Space | 1259 Audit Log Forwarding | 1260 Audit Log Forwarding in Junos Space Overview | 1260 Viewing Audit Log Forwarding Criterion | 1262 Adding Audit Log Forwarding Criterion | 1264 Modifying Audit Log Forwarding Criterion | 1266 Deleting Audit Log Forwarding Criterion | 1267 Enabling Audit Log Forwarding Criterion | 1267 Testing the System Log Server Connection for Audit Log Forwarding | 1268 Configuring a Proxy Server | 1270 Configuring Proxy Server Settings | 1270 Managing Tags | 1273 Tags Overview | 1273 Creating a Tag | 1275 Managing Tags | 1279 Managing Hierarchical Tags | 1281 Using the Tag Hierarchy Pane | 1282
Using the Tag Action Bar | 1283 Using the Shortcut Menu | 1284 Using Drag-and- Drop | 1286 Using the Quick Info Tool Tip | 1286

xxxi
Browsing Tagged Objects | 1287 Viewing All Tags | 1287 Adding a Child Tag | 1287 Deleting a Tag | 1287 Using Notification | 1287 Using the Tabular View Pane | 1288 Sharing a Tag | 1288 Renaming Tags | 1289 Deleting Tags | 1290 Tagging an Object | 1292 Untagging Objects | 1294 Filtering the Inventory by Using Tags | 1295 Viewing Tagged Objects | 1295 Viewing Tags for a Managed Object | 1300 Exporting Tags from Junos Space Network Management Platform | 1300 Managing DMI Schemas | 1302 DMI Schema Management Overview | 1302 Viewing and Managing DMI Schemas | 1304 Viewing Missing DMI Schemas | 1307 Setting a Default DMI Schema | 1308 Configuring Access to Juniper Networks DMI Schema Repository by Using the Configure Juniper Repository Action | 1309 Adding Missing DMI Schemas or Updating Outdated DMI Schemas in Junos Space Network Management Platform | 1311 Adding Missing DMI Schemas by Using the View/Install Missing Schema Action | 1311 Adding Missing DMI Schemas or Updating Outdated DMI Schemas by Using the Get Latest Action | 1312 Adding Missing DMI Schemas or Updating Outdated DMI Schemas by Using REST APIs | 1312 Adding Missing DMI Schemas or Updating Outdated DMI Schemas by Using the Update Schema Menu | 1315

xxxii

Creating a Compressed TAR File for Updating DMI Schema | 1320 Creating a Compressed Tar File on Linux | 1321 Creating a Compressed Tar File on Microsoft Windows | 1322 Schemas Available in Junos Space Platform | 1323

Viewing and Deleting Unused DMI Schemas | 1324

Managing Hardware Catalog | 1326 Hardware Catalog Overview | 1326

Viewing Information About Hardware Catalog | 1328

Configuring Access to Juniper Networks Subversion Repository for Downloading Hardware Catalog | 1329

Uploading Hardware Catalog to Junos Space Network Management Platform | 1330 Updating Hardware Catalog in Junos Space Platform by Using the Get Latest Action | 1330 Uploading Hardware Catalog to Junos Space Platform by Using the Import Option | 1330

Managing the Purging Policy | 1333 Junos Space Purging Policy and Purging Categories Overview | 1333

Viewing the Junos Space Purging Policy and Purging Criteria | 1335

Modifying the Purging Policy and Purging Criteria and Setting the Policy Status | 1337 Modifying the Purging Trigger Conditions | 1337 Modifying the Purging Criteria and Enabling or Disabling a Policy | 1339

Disaster Recovery | 1341 Disaster Recovery Overview | 1341

Validate Peer Site | 1343

Manage Disaster Recovery | 1345 Configuring Disaster Recovery at the Active Site | 1347 Configuring Disaster Recovery at the Standby Site | 1349 Actions common for both Active and Standby Site | 1351 Disaster Recovery Health | 1351

13

Troubleshooting

Knowledge Base | 1354

xxxiii
About This Guide
Use this guide to understand the features, such as device templates, CLI Configlets, configuration files, and so on, offered by Junos Space Network Management Platform for managing devices running Junos OS and the procedures to use the features. This guide also includes information about procedures, such as viewing Junos Space licenses, managing certificates, creating roles, configuring proxy servers, managing DMI schemas for devices running Junos OS and so on, for administering Junos Space Platform.

1 PART
Overview
Introduction | 2

2
CHAPTER 1
Introduction
IN THIS CHAPTER Junos Space Platform Workspaces Overview | 2 Viewing the Junos Space Platform Dashboard | 4
Junos Space Platform Workspaces Overview
In Junos Space Network Management Platform, the different tasks that you can perform are categorized into workspaces. The task tree on the left side of a Junos Space Platform page is expanded by default and displays the different Junos Space Platform workspaces and the tasks that you can perform in each workspace.
NOTE: When you log in to Junos Space, the Applications list displays Network Management Platform by default. You can expand this list to see the installed Junos Space applications.
You can collapse the task tree to the left by clicking the double left arrow (<<) button and expand the task tree by clicking the double right arrow (>>) button. The first item in the task tree is Dashboard, which provides you access to the Junos Space Platform Dashboard page. After this, the list of the workspaces available in Junos Space Platform are displayed; these workspaces are described at a high level in Table 1 on page 3.
NOTE: If you select a Junos Space application from the Applications list, the task tree for that application is displayed. This topic describes the workspaces for Junos Space Platform; for the tasks in Junos Space applications, refer to the documentation for Junos Space applications.
You can expand any workspace by clicking the expansion symbol (+) to the left of its name. When you do so, the next level of the tasks for that workspace is displayed; some items at the second level might contain further sub-tasks.

3

You can expand as many workspaces or tasks as you like; previously-expanded ones remain open until you collapse them. The design of the task tree enables you to easily navigate across the different Junos Space Platform workspaces and tasks.
Table 1: Junos Space Platform Workspaces

Workspace Name

Description

Devices

Manage devices, including adding, discovering, importing, and updating them. For more information, see “Device Management Overview” on page 9.

Device Templates

Create configuration definitions and templates used to deploy configuration changes on multiple Juniper Networks devices. For more information, see “Device Templates Overview” on page 274.

CLI Configlets

CLI Configlets are configuration tools provided by Junos OS that allow you to apply a configuration to a device easily. For more information, see “CLI Configlets Overview” on page 339.

Images and Scripts

Deploy, verify, enable, disable, remove, and execute scripts deployed to devices. For more information, see “Scripts Overview” on page 480.
Download a device image from the Juniper Networks Software download site to your local file system, upload it into Junos Space, and deploy it on one or more devices simultaneously. For more information, see “Device Images Overview” on page 420.

Reports

Generate customized reports for managing network resources. For more information, see “Reports Overview” on page 578.

Network Monitoring

Perform fault monitoring and performance monitoring of managed devices and fabric nodes. For more information, see “Network Monitoring Workspace Overview” on page 608.

4

Table 1: Junos Space Platform Workspaces (Continued)

Workspace Name

Description

Configuration Files

Maintain backups of device configuration in the Junos Space Platform database. For more information, see “Managing Configuration Files Overview” on page 739.

Jobs

Monitor the progress of ongoing jobs. For more

information, see “Jobs Overview” on page 765.

Role Based Access Control

Add, manage, and delete users, custom roles, domains, and remote profiles, and manage user sessions. For more information, see “Configuring Users to Manage Objects in Junos Space Overview” on page 840.

Audit Logs

View and filter system audit logs, including those for user login and logout, tracking device-management tasks, and displaying services that were provisioned on devices. For more information, see “Junos Space Audit Logs Overview” on page 918.

Administration

Add network nodes, back up your database, manage licenses and applications, or troubleshoot. For more information, see “Junos Space Administrators Overview” on page 937, “Maintenance Mode Overview” on page 956, and other topics related to the Administration workspace.

RELATED DOCUMENTATION Viewing the Junos Space Platform Dashboard
Viewing the Junos Space Platform Dashboard
When you log in to Junos Space Network Management Platform, the home page is displayed. By default, the home page for Junos Space Platform is the Dashboard page. However, if you previously configured a different page as the home page, then the configured home page is displayed when you log in.

5
The Junos Space Platform dashboard, as shown in Figure 1 on page 5, displays graphs that provide information about the overall system condition, the fabric load history, the active users history, and the percentage of jobs in different states. The charts are visible to all users and are updated in real time.
NOTE: If you do not have user privileges to view detailed data, you might not be able to view detailed information if you select a gadget.
Figure 1: Junos Space Platform Dashboard Page
To access the Junos Space Dashboard page: 1. On the Junos Space Platform UI, select Dashboard.
The Dashboard page is displayed. 2. (Optional) To view more information related to the overall system condition, click Overall System
Condition or the indicator needle. You are taken to the Fabric page, where you can view detailed information about the nodes in the fabric. For more information, see Viewing Nodes in the Fabric. 3. (Optional) To view information related to the fabric load, on the Fabric Load History graph: · Mouse over a graph data point to view the average CPU usage percentage. · Click the blue line depicting the CPU usage to view detailed information.
You are taken to the Fabric page, where you can view detailed information about the CPU, memory, and disk usage for the nodes in the fabric. 4. (Optional) To view information related to the active users, on the Active Users History graph: · Mouse over a graph data point to view the total number of active users at that point. · Click a data point on the graph to view more information about the active users at that point.

6
You are taken to the User Accounts page, where the active users are displayed. For more information, see “Viewing User Statistics” on page 872. 5. (Optional) To view information related to the jobs, on the Job Information graph: · Mouse over a segment in the pie chart to view the percentage of jobs with a particular status; for example, cancelled jobs, successful jobs, or failed jobs.
· Click a segment of the pie chart to view details of jobs with status corresponding to the segment.
You are taken to the Job Management page, where the jobs filtered by the status are displayed. For more information, see “Viewing Jobs” on page 772. 6. (Optional) You can view records about the health and performance of the Junos Space nodes in your Junos Space setup and the processes on these nodes in a system health report. The health and performance data collected from the nodes is displayed in the System Health Report table. For more information, see “Viewing the Administration Statistics” on page 940. 7. (Optional) You can move any chart displayed on the Dashboard page by clicking inside the title bar and dragging the chart. 8. (Optional) You can resize any chart displayed on the Dashboard page by hovering over an edge and clicking and dragging the edge.
RELATED DOCUMENTATION Junos Space Platform Workspaces Overview | 2 Overall System Condition and Fabric Load History Overview

2 PART
Devices
Device Management | 9 Systems of Record | 41 Device Discovery Profiles | 47 Modeling Devices | 69 Device Authentication in Junos Space | 103 Viewing Device Inventory | 119 Exporting Device Inventory | 132 Configuring Juniper Networks Devices | 140 Device Adapter | 182 Device Configuration Management | 187 Adding and Managing Non Juniper Networks Devices | 196 Accessing Devices | 201 Logical Systems (LSYS) | 227 Tenant System (TSYS) | 232 Device Partitions | 237 Custom Labels | 241 Verifying Template, Image Deployment, Script Execution, and Staged Images on Devices | 248 Device Monitoring | 255 Device Maintenance | 260

9
CHAPTER 2
Device Management
IN THIS CHAPTER Device Management Overview | 9 Confirmed-commit from Junos Space Network Management Platform | 11 Viewing Managed Devices | 14 Juniper Networks Devices Supported by Junos Space Network Management Platform | 20 Uploading Device Tags by Using a CSV File | 38 Filtering Devices by CSV | 39
Device Management Overview
IN THIS SECTION Managed and Unmanaged Devices | 10 IPv4 and IPv6 Address Support | 11
The Devices workspace in Junos Space Network Management Platform simplifies the management of devices in your network. You use the device discovery profile or model device workflows to add multiple devices to the Junos Space Platform database. Then you can perform the following tasks to manage, configure, and monitor the devices from the Devices workspace: · View the connection status and managed status of the managed devices. · View the operational and administrative status of the physical interfaces of the devices. · View the hardware inventory of a selected device, such as information about power supplies, chassis
cards, fans, Flexible PIC Concentrators (FPCs), and available PIC slots. · Change the mode to authenticate the devices.

10
· View, modify, and deploy the configuration to the devices. For example, deploy a service order to activate a service on your managed devices.
· Execute scripts on and apply CLI Configlets to the devices.
· View information about the scripts associated with or executed on the devices and the device images staged on the devices.
· Access the devices from the Junos Space user interface and execute commands on the devices.
· If the network is the system of record, resynchronize a managed device with the Junos Space Network Management Platform database so that both the device and the database contain the same device configuration. (If Junos Space Network Management Platform is the system of record, this capability is not available.)
· View statistics about the managed devices in your network, including the number of devices by platform and the number of devices by Junos OS release.
· Clone the devices.
· Reboot the devices.
· Monitor and troubleshoot problems on the devices.
This topic describes the following:
Managed and Unmanaged Devices
With Junos Space Platform, you can add the following types of devices to the Junos Space Platform database:
· Managed devices­Managed devices are Juniper Networks devices running Junos OS. For more information about Juniper Networks devices supported on Junos Space Platform, refer to “Juniper Networks Devices Supported by Junos Space Network Management Platform” on page 20.
Juniper Networks devices, such as MX480 and MX960 routers running as aggregation devices, display the number of satellite devices to which the aggregation device is connected and the mode of the aggregation device (that is, single-home or multihome). For more information about inventory and interfaces, see “Device Inventory Overview” on page 119. For more information about aggregation devices, satellite devices, and Junos Fusion technology, refer to the Junos Fusion documentation.
· Unmanaged devices­Unmanaged devices are non-Juniper Networks devices. Junos Space Platform displays the IP addresses and hostnames of unmanaged devices. The managed status of unmanaged devices is Unmanaged. The device status in several columns is displayed as NA. For more information, refer to “Viewing Managed Devices” on page 14. For information about adding

11
unmanaged devices to Junos Space Network Management Platform, see “Adding Unmanaged Devices” on page 196.
IPv4 and IPv6 Address Support
Junos Space Platform supports both IPv4 and IPv6 addresses for the following device management tasks: · Discovering devices · Adding unmanaged devices · Creating connection profiles and modeling devices · Connecting to devices through Secure Console · Uploading RSA keys to devices
NOTE: The IP addresses that you input for these tasks either manually or by using a CSV file are validated on the basis of the format of the IP address.
NOTE: Arbiter devices in disaster recovery must use password-based authentication.
RELATED DOCUMENTATION Device Discovery Profiles Overview | 47 Device Inventory Overview | 119 Systems of Record in Junos Space Overview | 41 DMI Schema Management Overview | 1302 Understanding How Junos Space Automatically Resynchronizes Managed Devices | 43 Junos Space IPv6 Support Overview | 954
Confirmed-commit from Junos Space Network Management Platform
Junos Space Network Management Platform supports the Junos OS confirmed-commit functionality. By default, Junos Space Platform uses confirmed-commit for all commit operations on all devices that are

12

discovered on Junos Space Platform and that support the confirmed-commit NETCONF capability. The default timeout value for the confirmed-commit operations issued by Junos Space Platform is 10 minutes. Junos Space Platform sends a remote procedure call (RPC) for confirmed-commit immediately after sending the RPC for a commit. The devices stay connected even if the commit operation contains an incorrect configuration edit that may disconnect the device from Junos Space Platform. An EJB callback method is used to verify the change in configuration on the device.
A candidate configuration created using the Schema-based Configuration Editor and Configuration Guides support the confirmed-commit functionality. If you are deploying the configuration by using a template, you need to publish these templates to the candidate configuration of the device. When you push the configuration to the devices by using the Schema-based Configuration Editor, templates, or the Configuration Guide, the job triggered for these tasks display the timeout value of confirmed-commit. Job details include the time taken for the EJB callback method to return a value and the time taken to confirm the commit operation or perform a rollback operation.
Table 2 on page 12 lists the managed status of the device in NSOR and SSOR modes when a candidate configuration is deployed to a device that supports the confirmed-commit NETCONF capability. It also lists the status of the job details when the confirmed-commit operation is a success or failure in these modes.
Table 2: Managed Status in NSOR and SSOR Modes for confirmed-commit

Confirmed-commit and EJB Callback Method Success and Failure Conditions

NSOR Mode

SSOR Mode

Job Result and Details

Junos Space Platform issues a confirmed-commit operation with a timeout value.

In Sync

Space Changed

NA

An EJB callback is sent to the device NA to verify the change in configuration on the device.

NA

NA

The EJB callback method does not return any value within the confirmed-commit timeout interval.

In Sync

Space Changed

Failed

The EJB callback method returns True and the commit is confirmed.

Out Of Sync followed by resynchronization by Junos Space Platform

In Sync or Space Changed (if new changes are added to the candidate configuration)

Success

13

Table 2: Managed Status in NSOR and SSOR Modes for confirmed-commit (Continued)

Confirmed-commit and EJB Callback Method Success and Failure Conditions

NSOR Mode

SSOR Mode

Job Result and Details

The EJB callback method returns False and the configuration is rolled back.

Out Of Sync followed by resynchronization by Junos Space Platform

Space Changed

Failure with
the failed callback error

The EJB callback method returns False and the device is automatically rolled back to the currently active configuration.

Out Of Sync followed by resynchronization by Junos Space Platform

Space Changed, Device Changed (after Junos Space Platform receives the system log about the auto-rollback operation on the device)

Failure with auto-rollback details

NOTE: In SSOR mode, if a confirmed-commit is not successful and if the device is automatically rolled back, you need to manually accept the change by using the Resolve Out-of-band Changes workflow to change the managed status of the device to In Sync.
NOTE: If a device is disconnected from Junos Space Platform (that is, Connection Status is down) after Junos Space Platform issues a confirmed- commit and is automatically rolled back before connecting back to Junos Space Platform, you need to manually check the device configuration from the CLI to confirm that the commit operation was successful.

RELATED DOCUMENTATION
Viewing the Configuration Change Log | 192 Viewing Managed Devices | 14 Reviewing and Deploying the Device Configuration | 145

14
Viewing Managed Devices
You can view details of all managed devices in your network, such as the operating system, platform, IP address, license, and connection status. Device information is displayed in a table. Unmanaged devices are also shown, but without status and some other information. You can also view devices that are in the managed status from the Network Monitoring workspace, through the Node List (see “Viewing the Node List” on page 618). If the network is the system of record, you can resynchronize your managed devices with the Junos Space Platform database (see “Resynchronizing Managed Devices with the Network” on page 262). Neither manual nor automatic resynchronization occurs when Junos Space Network Management Platform is the system of record. See “Systems of Record in Junos Space Overview” on page 41. To view configuration and runtime information of managed devices: 1. On the Network Management Platform UI, select Devices > Device Management.
The Device Management page is displayed. Figure 2 on page 14 shows the Device Management page. Figure 2: Device Management Page
Table 3 on page 15 describes the fields displayed on the inventory page. In the table, an asterisk against a field name indicates that the field is not shown by default.

15

Table 3: Fields in the Device Management Table

Field

Description

Name

Name of the device as stored in the Junos Space Platform database

Device Alias

Value of the Device Alias custom label for the device. By default, this field is not displayed on the page. (This field is empty if the Device Alias custom label is not added or no value is assigned to the Device Alias custom label for the device.)

IP Address

IPv4 or IPv6 address of the device

Serial Number

Serial number of the device chassis (This field displays Unknown for an unmanaged device.)

Connection Status

Connection status of the device in Junos Space Platform. Different values are displayed in network as system of record (NSOR) and Junos Space as system of record (SSOR) modes.
· Up–The device is connected to Junos Space Platform.
When the connection status is up, in NSOR mode, the managed status is Out Of Sync, Synchronizing, In Sync, or Sync Failed.
In SSOR mode, the status is In Sync, Device Changed, Space Changed, Both Changed, or Unknown (which usually means connecting).
· Down–The device is not connected to Junos Space Platform.
When the Connection status is down, the managed status is None or Connecting.
NOTE: View Action provides hyperlink to a set of remedies or quick help options to recover the connection.
· NA–The device is unmanaged.

16

Table 3: Fields in the Device Management Table (Continued)

Field

Description

Managed Status

Current status of the managed device in Junos Space Platform:
· Connecting–Junos Space Platform has sent a connection remote procedure call (RPC) and is waiting for the first connection from the device.
NOTE: View Action provides a hyperlink to a set of remedies or quick help options to recover the status of the device when it takes longer time than usual to connect.
· In Sync–The synchronization operation has completed successfully; Junos Space Platform and the device are synchronized with each other.
· None–The device is discovered, but Junos Space Platform has not yet sent a connection RPC.
NOTE: View Action provides a hyperlink to a set of remedies or quick help options to recover the status of the device when the connection status of the device is Down.
· Out Of Sync–In NSOR mode, the device has connected to Junos Space Platform, but the synchronization operation has not been initiated, or an outof-band configuration change on the device was detected and autoresynchronization is disabled or has not yet started.
· Device Changed–In SSOR mode, there are changes made to the device configuration from the device CLI.
· Space Changed–In SSOR mode, there are changes made to the device configuration from Junos Space Platform.
· Space & Device Changed–In SSOR mode, there are changes made to the device configuration from the device CLI and Junos Space Platform. Neither automatic nor manual resynchronization is available.
· Synchronizing–The synchronization operation has started as a result of device discovery, a manual resynchronization operation, or an automatic resynchronization operation.
· Sync Failed–The synchronization operation failed.
NOTE: View Action provides a hyperlink to a set of remedies or quick help options to recover the status of the device when the connection status is Up or Down.

17

Table 3: Fields in the Device Management Table (Continued)

Field

Description

· Reactivate Failed– The reactivation operation of the device failed. NOTE: View Action provides a hyperlink to a set of remedies or quick help options to recover the status of the device when the reactivation has failed.
· Unmanaged–The device is unmanaged.
· Modeled–The device is modeled.
· Waiting for deployment–The modeled device is unreachable and needs to be activated.

Platform

Model number of the device (For an unmanaged device, the platform details are discovered through SNMP. If the platform details cannot be discovered, the field displays Unknown.)

OS Version

Operating system firmware version running on the device (This field displays Unknown for an unmanaged device.)

Schema Version

DMI schema version that Junos Space Platform uses for this device (This field displays Unknown for an unmanaged device.) See “DMI Schema Management Overview” on page 1302.

Physical Interfaces

Link to the view of physical interfaces for the device (The field displays NA for an unmanaged device.)

Logical Interfaces

Link to the view of logical interfaces for the device (The field displays NA for an unmanaged device.)

Device Family

Device family of the selected device (For an unmanaged device, this is the same as the vendor name you provided. The field displays Unknown if no vendor name was provided and if SNMP is not used or has failed.)

18

Table 3: Fields in the Device Management Table (Continued)

Field

Description

Configuration State

Current state of the device configuration: · NA ­ No change is made to the configuration. This is the default state. · Created ­ A change is made to the device configuration from Junos Space
Platform. · Approved ­ The device configuration is approved. · Rejected ­ The device configuration is rejected.

Last Rebooted Time

Date and time when the device was last rebooted manually (that is, the device status changes from Down to Up) or from Junos Space Platform

Vendor

Name of the device vendor (For an unmanaged device, the field displays Unknown if the vendor name was not provided and cannot be discovered through SNMP.)

Authentication Status

· Key Based–The authentication key was successfully uploaded.
· Credential Based–A key upload was not attempted; log in to this device with your credentials.
· Key Based – Unverified–The new fingerprint on the device is not updated in the Junos Space Platform database.
· Key Conflict – Unverified–The key upload was unsuccessful; the new fingerprint on the device is not updated in the Junos Space Platform database.
· Credentials Based – Unverified–The new fingerprint on the device is not updated in the Junos Space Platform database.
· Key Conflict–The device was not available; the key upload was unsuccessful.
· Fingerprint Conflict–The fingerprint stored in the Junos Space Platform database differs from the fingerprint on the device.
· NA–The device is unmanaged.

Aggregation Device

Mode of the aggregation device: single-home or multihome

19

Table 3: Fields in the Device Management Table (Continued)

Field

Description

Satellite Devices(Number)

Number of satellite devices connected to the aggregation device

Connection Type

· Reachable Device initiated–This is a device-initiated connection from an internal device (without a NAT server to route the connection) and the device is reachable.
· Reachable Device initiated­External–This is a device-initiated connection from an external device (NAT server routes the connection) and the device is reachable.
· Junos Space initiated–This is a connection initiated by Junos Space to an internal device (without a NAT server to route the connection).
· Junos Space initiated­External–This is a connection initiated by Junos Space to an external device (NAT server routes the connection) and the device is reachable.
· Modeled–This is a device-initiated connection and the device is unreachable.

Device Network

Whether the device is connected to Junos Space Platform through a NAT server
· Internal–The device is connected to Junos Space Platform directly–that is, without a NAT server
· External–The NAT server routes the connection to Junos Space Platfom

2. (Optional) Sort the table by mousing over the column head for the data that you want to sort and clicking the down arrow. Select Sort Ascending or Sort Descending.
3. (Optional) Show columns not in the default tabular view, or hide columns, as follows: a. Mouse over any column head and click the down arrow.
b. Select Columns from the menu.
c. Select the check boxes against the columns that you want to view. Clear the check boxes against the columns that you want to hide.
4. (Optional) View information about devices as follows: · To restrict the display of devices, enter search criteria of one or more characters in the Search field and press Enter.

20

All devices that match the search criteria are shown in the main display area.
· To view hardware inventory for a device, select the row against the device and select Device Inventory > View Physical Inventory from the Actions menu. Alternatively, right-click the device name and select Device Inventory > View Physical Inventory.
· To view the physical or logical interfaces of a device, click the View link in the appropriate column and row for the device.
To view the physical or logical interfaces of more than one device, select the required devices, right-click and select Device Inventory > View Logical Interfaces.
The View Logical Interfaces page displays the list of logical interfaces of the selected devices.
Release History Table Release Description

16.1R1

Reachable Device initiated­External–This is a device-initiated connection from an external device (NAT server routes the connection) and the device is reachable.

16.1R1

Junos Space initiated­External–This is a connection initiated by Junos Space to an external device (NAT server routes the connection) and the device is reachable.

RELATED DOCUMENTATION Viewing the Physical Inventory | 121 Exporting the License Inventory Viewing Physical Interfaces of Devices | 126 Device Discovery Profiles Overview | 47 Viewing the Node List | 618 Resynchronizing Nodes in Network Monitoring | 621 Systems of Record in Junos Space Overview | 41
Juniper Networks Devices Supported by Junos Space Network Management Platform
Table 4 on page 21 lists all the Juniper Networks product series and devices supported by Junos Space Network Management Platform. The Junos Space Platform release notes lists only the new devices that are supported with that release.

21

NOTE: Ensure that you install the exact matching or closest matching of Junos OS schema on the Junos Space Platform. For more information, see Table 5 on page 30.

Table 4: Devices Supported by Junos Space Platform

Product Series

Model

ACX Series

ACX500

ACX710

BX Series EX Series

ACX1000 ACX1100 ACX2000 ACX2100 ACX2200 ACX4000 ACX5048
ACX5096 ACX5448 BX7000 EX2200

Junos Space Release Junos Space Platform 14.1R2 or later Junos Space 20.1R1 hot patch v1or later Junos Space Platform 12.2 or later Junos Space Platform 12.3 or later Junos Space Platform 12.2 or later Junos Space Platform 12.3 or later Junos Space Platform 12.3 or later Junos Space Platform 13.1 or later
Junos Space Platform 15.1 or later Junos Space Platform 15.1 or later Junos Space Platform 18.4 or later Junos Space Platform 11.3 or later Junos Space Platform 16.1 or later

22

Table 4: Devices Supported by Junos Space Platform (Continued)

Product Series

Model

Junos Space Release

EX2300

Junos Space Platform 15.2R2 or later

EX2300-24MP

Junos Space Platform 18.1 or later

EX2300-48MP

Junos Space Platform 17.2 or later

EX3300

Junos Space Platform 11.4 or later

EX3400

Junos Space Platform 15.2R2 or later

EX4100-12T

Junos Space Platform 22.3R1 or later

EX4100-24P

Junos Space Platform 23.1R1 or later

EX4100-24T

Junos Space Platform 23.1R1 or later

EX4100-48P

Junos Space Platform 23.1R1 or later

EX4100-24MP

Junos Space Platform 23.1R1 or later

EX4100-48T

Junos Space platform 22.3R1 or later

EX4100-48MP

Junos Space platform 22.3R1 or later

EX4100-F-12P

Junos Space Platform 22.3R1 or later

EX4100-F-12T

Junos Space platform 22.3R1 or later

EX4100-F-24T

Junos Space Platform 22.3R1 or later

23

Table 4: Devices Supported by Junos Space Platform (Continued)

Product Series

Model

Junos Space Release

EX4100-F-24P

Junos Space Platform 23.1R1 or later

EX4100-F-48P

Junos Space platform 22.3R1 or later

EX4100-F-48T

Junos Space Platform 22.3R1 or later

EX4300

Junos Space Platform 13.1 or later

EX4300-48MP

Junos Space Platform 18.3R1 or later

EX4400-24T

Junos Space Platform 21.1R1 or later

EX4400-48F

Junos Space Platform 21.1R1 or later

EX4400-48P

Junos Space Platform 21.1R1 or later

EX4400-48T

Junos Space Platform 21.1R1 or later

EX4400-24X

Junos Space platform 23.1R1 or later

EX4500

Junos Space Platform 12.2 or later

EX4550

Junos Space Platform 12.2 or later

EX4550-40G

Junos Space Platform 12.2 or later

EX4600

Junos Space Platform 13.3 or later

EX4650

Junos Space Platform 18.4 or later

24

Table 4: Devices Supported by Junos Space Platform (Continued)

Product Series

Model

Junos Space Release

EX6200

Junos Space Platform 13.2 or later

EX6210

Junos Space Platform 11.4 or later

EX9200

Junos Space Platform 13.1 or later

EX9204

Junos Space Platform 13.1 or later

EX9208

Junos Space Platform 13.1 or later

EX9214

Junos Space Platform 13.1 or later

EX9251

Junos Space Platform 18.1 or later

EX9253

Junos Space Platform 18.2 or later

EX Virtual Chassis

EX4400-24P EX4400-24MP EX4400-48MP EX3300-VC

Junos Space Platform 21.1R1 or later Junos Space Platform 21.2 or later Junos Space Platform 21.2 or later Junos Space Platform 15.2 or later

EX4100-48T-VC

Junos Space Platform 22.3R1

EX4100-48MP-VC

Junos Space Platform 22.3R1

EX4100-F-48P-VC

Junos Space Platform 22.3R1

EX4200-VC

Junos Space Platform 11.4 or later

25

Table 4: Devices Supported by Junos Space Platform (Continued)

Product Series

Model

Junos Space Release

EX4300-VC

Junos Space Platform 13.1 or later

EX4550-VC

Junos Space Platform 13.1 or later

EX4600-VC

Junos Space Platform 16.1 or later

EX-XRE

Junos Space Platform 14.1R2 or later

Firefly

vSRX Virtual Firewall Firefly

Junos Space Platform 15.1 or later

Junos Fusion

Junos Fusion Edge

Junos Space Platform 17.1 or later

LN Series

LN1000

Junos Space Platform 12.3 or later

LN2600

Junos Space Platform 12.3 or later

M Series

M7i M10i M40e M120 M320

Junos Space Platform 16.1 or later

MCG Series

MCG5000

Junos Space Platform 11.3 or later

MX Series

MX5

Junos Space Platform 12.1 or later

MX10

Junos Space Platform 11.4 or later

MX80

Junos Space Platform 14.1 or later

26

Table 4: Devices Supported by Junos Space Platform (Continued)

Product Series

Model

Junos Space Release

MX104

Junos Space Platform 13.2 or later

MX204

Junos Space Platform 18.2 or later

MX240

Junos Space Platform 13.1 or later

MX480

Junos Space Platform 13.1 or later

MX960

Junos Space Platform 13.1 or later

MX10003

Junos Space Platform 18.4 or later

MX10008

Junos Space Platform 18.4 or later

MX10016

Junos Space Platform 18.4 or later

MX2008

Junos Space Platform 17.1 or later

MX2010

Junos Space Platform 12.3 or later

MX2020

Junos Space Platform 12.3 or later

MX Series Virtual Chassis

MX-VC

Junos Space Platform 14.1 or later

PTX Series

PTX1000

Junos Space Platform 17.1 or later

PTX3000

Junos Space Platform 13.2 or later

PTX5000

Junos Space Platform 12.3 or later

27

Table 4: Devices Supported by Junos Space Platform (Continued)

Product Series

Model

Junos Space Release

PTX10008

Junos Space Platform 17.2 or later

PTX10016

Junos Space Platform 17.2 or later

PTX10001-20C

Junos Space Platform 18.3R1 or later

QFX Series

QFX3000

Junos Space Platform 12.2 or later

QFX3000-G

Junos Space Platform 12.2 or later

QFX3000-M

Junos Space Platform 12.2 or later

QFX3500

Junos Space Platform 12.3 or later

QFX3600

Junos Space Platform 13.1 or later

QFX5100

Junos Space Platform 13.2 or later

QFX5110-32Q

Junos Space Platform 17.1 or later

QFX5110-48S

Junos Space Platform 17.1 or later

QFX5120-32C

Junos Space Platform 19.4 or later

QFX5120

Junos Space Platform 18.4 or later

QFX5210

Junos Space Platform 18.4 or later

QFX5200

Junos Space Platform 15.1R2 or later

28

Table 4: Devices Supported by Junos Space Platform (Continued)

Product Series

Model

Junos Space Release

QFX5200-48Y

Junos Space Platform 18.1 or later

QFX5210-64C

Junos Space Platform 18.1 or later

QFX10002-36Q

Junos Space Platform 15.1 or later

QFX10002-36Q-DC

Junos Space Platform 15.1 or later

QFX10002-60C

Junos Space Platform 18.1 or later

QFX10002-72Q

Junos Space Platform 15.1 or later

QFX10002-72Q-DC

Junos Space Platform 15.1 or later

QFX10008

Junos Space Platform 15.1R2 or later

QFX10016

Junos Space Platform 15.1R2 or later

QFX5120-48YM-8C

Junos Space Platform 21.1R1 or later

QFX Series Virtual Chassis

QFX-VC

Junos Space Platform 14.1 or later

SRX Series

SRX100

Junos Space Platform 11.4 or later

SRX110H-VB

Junos Space Platform 13.1 or later

SRX210

Junos Space Platform 13.1 or later

SRX220

Junos Space Platform 13.1 or later

29

Table 4: Devices Supported by Junos Space Platform (Continued)

Product Series

Model

Junos Space Release

SRX240

Junos Space Platform 13.1 or later

SRX240H

Junos Space Platform 14.1R1 or later

SRX300

Junos Space Platform 15.1R2 or later

SRX320

Junos Space Platform 15.1R2 or later

SRX320-PoE

Junos Space Platform 15.1R2 or later

SRX340

Junos Space Platform 15.1R2 or later

SRX345

Junos Space Platform 15.1R2 or later

SRX380

Junos Space 20.1R1 hot patch v1or later

SRX550

Junos Space Platform 15.1R2 or later

SRX550-M

Junos Space Platform 15.1R2 or later

SRX650

Junos Space Platform 13.1 or later

SRX1400

Junos Space Platform 16.1 or later

SRX1500

Junos Space Platform 15.1R2 or later

SRX3400

Junos Space Platform 14.1R1 or later

SRX4100

Junos Space Platform 16.1 or later

30

Table 4: Devices Supported by Junos Space Platform (Continued)

Product Series

Model

Junos Space Release

SRX4200

Junos Space Platform 16.1 or later

SRX4600

Junos Space Platform 17.2 or later

SRX5400

Junos Space Platform 13.2 or later

SRX5600

Junos Space Platform 18.2 or later

SRX5800

Junos Space Platform 13.3 or later

SRX3600

Junos Space Platform 13.3 or later

Virtual SRX Series

vSRX Virtual Firewall 3.0

Junos Space Platform 18.2 or later

T Series

T4000

Junos Space Platform 12.2 or later

Virtual MX Series

vMX

Junos Space Platform 15.1 or later

Virtual route reflector (VRR)

VRR

Junos Space Platform 14.1R2 or later

WLC Series

WLC device

Junos Space Platform 14.1 or later

Table 5: Devices Supported by Junos Space Platform with Compatible Junos OS Releases

Product Series

Model

Supported Junos Operating System (Junos OS) Releases

Qualified Schema Version

ACX Series

ACX710

20.2R1

20.2R1

31

Table 5: Devices Supported by Junos Space Platform with Compatible Junos OS Releases (Continued)

Product Series

Model

Supported Junos Operating System (Junos OS) Releases

Qualified Schema Version

ACX5448

18.3R1 18.4R1.8 or later

18.4R1.8 18.4R1.8

EX Series

EX2200

12.3R12-S10 14.1X53-D44.3 or later

12.3R12-S10 14.1X53-D44.3

EX2300

18.1R3.3 18.4R1.8 or later 20.4R3-Sx

18.1R3.3 18.4R1.8 20.2R3

EX2300-24T

21.4R3-S1

21.4R3-S1.5

EX3300

12.3R12-S10 15.1R7.9 or later

12.3R12-S10 15.1R7.9

EX3400

18.1R3.3 18.4R1.8 or later

18.1R3.3 18.4R1.8

EX4100-12T

22.3R1.12

22.3R1.12

EX4100-24P

23.1R1.2

23.1R1.2

EX4100-24T

23.1R1.2

23.1R1.2

EX4100-24MP

23.1R1.2

23.1R1.2

EX4100-48P

23.1R1.2

23.1R1.2

32

Table 5: Devices Supported by Junos Space Platform with Compatible Junos OS Releases (Continued)

Product Series

Model

Supported Junos Operating System (Junos OS) Releases

Qualified Schema Version

EX4100-48T

22.3R1.12

22.3R1.12

EX4100-48MP

22.3R1.12

22.3R1.12

EX4100-F-12P

22.3R1.12

22.3R1.12

EX4100-F-12T

22.3R1.12

22.3R1.12

EX4100-F-24P

23.1R1.2

23.1R1.2

EX4100-F-24T

22.3R1.12

22.3R1.12

EX4100-F-48P

22.3R1.12

22.3R1.12

EX4100-F-48T

22.3R1.12

22.3R1.12

EX4300-MP

21.2R3.8

21.2R3.8

EX4650

21.2R3.8

21.2R3.8

EX4400

21.3R2

21.1/R1

EX4300

17.3R3-S1.5 18.4R1.8 or later

17.3R3-S1.5 18.4R1.8

EX4300-48MP

17.3R3-S1.5 18.4R1.8 or later

18.4R1.8

EX4400-24P

21.1R1.11 or later

21.1R1.11

33

Table 5: Devices Supported by Junos Space Platform with Compatible Junos OS Releases (Continued)

Product Series

Model

Supported Junos Operating System (Junos OS) Releases

Qualified Schema Version

EX4400-24MP

21.2R1.10 or later

21.2R1.10

EX4400-48MP

21.2R1.10 or later

21.2R1.10

EX4400-24T

21.1R1.11 or later

21.1R1.11 or later

EX4400-48F

21.1R1.11 or later

21.1R1.11 or later

EX4400-48P

21.1R1.11 or later 21.4R3-S1

21.1R1.11 or later 21.4R3-S1.5

EX4400-48T

21.1R1.11 or later

21.1R1.11 or later

EX4400-24X

22.3R1.2

22.3R1.2

EX4500

15.1R7.9 or later

15.1R7.9

EX4550

15.1R7.9 or later

15.1R7.9

EX4600

17.3R3-S1.5 18.4R1.8 or later

17.3R3-S1.5 18.4R1.8

EX4650

18.4R1.8 or later 20.4/R3

18.4R1.8 20.2R3-S1

EX4650-48Y-8C

21.4R3-S1

21.4R3-S1.5

34

Table 5: Devices Supported by Junos Space Platform with Compatible Junos OS Releases (Continued)

Product Series

Model

Supported Junos Operating System (Junos OS) Releases

Qualified Schema Version

EX9200

17.3R3-S1.5 18.3R1.9 or later

17.3R3-S1.5 18.3R1.9

EX9204

20.3R1.3 or later

20.3R1.3

EX9208

20.3R1.3 or later

20.3R1.3

EX9208-BASE3A

20.4R3

17.3R3-S4

EX9214

20.3R1.3 or later

20.3R1.3

EX Virtual Chassis

EX4200-VC

12.2R1 or later

15.1R7.9

EX3400-VC

20.2R2.8 or later

20.2R2.8

EX4100-48T-VC

22.3R1.12

22.3R1.12

EX4100-48MP-VC

22.3R1.12

22.3R1.12

EX4100-F-48P-VC

22.3R1.12

22.3R1.12

MX Series

MX204

18.4R1 or later

18.4R1.8

MX240

13.2R2.4 or later

17.3R3.9 18.4R1.8

35

Table 5: Devices Supported by Junos Space Platform with Compatible Junos OS Releases (Continued)

Product Series

Model

Supported Junos Operating System (Junos OS) Releases

Qualified Schema Version

MX480

13.2R2.4 or later

17.3R3-S2.2 17.3R3.9 19.1R1.6

MX10003

18.4R1.8 or later

18.4R1.8

MX10008

18.4R1.8 or later

18.4R1.8

MX10016

18.4R1.8 or later

18.4R1.8

MX960

21.2R1.6 or later 21.2R1.8 or later

21.2R1.6 21.2R1.8

SRX Series

SRX380

20.2R1

20.2R1

SRX300

20.2R3-S2

20.2R3-S2.5

SRX320

20.2R3-S2 21.2R3-S2.9

20.2R3-S2.5 21.2R3.8

SRX340

21.2R3-S2.9

21.2R3.8

SRX345

21.2R3-S2.9

21.2R3.8

SRX550M

21.2R3-S2.9

21.2R3.8

SRX4100

20.4R3-S1

20.2R3-S2.5

36

Table 5: Devices Supported by Junos Space Platform with Compatible Junos OS Releases (Continued)

Product Series

Model

Supported Junos Operating System (Junos OS) Releases

Qualified Schema Version

SRX4200

20.4R3-S1

20.2R3-S2.5

SRX5600

20.4R3-S1 21.2R3-S2.9

20.4R3-S1 21.2R3.8

SRX5800

20.4R3-S1 21.2R3-S2.9

20.4R3-S1 21.2R3.8

SRX550

20.2R3-S2

20.4R3-S1

SRX550-645AP-M

20.2R3-S2.5

20.2R3-S2.5

QFX Series

QFX5100

17.3R3 or later

17.3R3-S1.5 18.4R1.8

QFX5110-32Q

17.3R3 or later

17.3R3-S1.5 19.1R1.6

QFX5110-48S

17.3R3-S1.5 19.1R1.6 or later

17.3R3-S1.5 19.1R1.6

QFX5120

18.4R1.8 or later

18.4R1.8

QFX5210

19.1R1.6 or later

19.1R1.6

QFX5200

17.3R3 or later

17.3R3.9 18.4R1.8

37

Table 5: Devices Supported by Junos Space Platform with Compatible Junos OS Releases (Continued)

Product Series

Model

Supported Junos Operating System (Junos OS) Releases

Qualified Schema Version

QFX5200-32C-32Q

21.2R3.8

21.2R3.8

QFX10002-36Q

17.3R3 or later

17.3R3-S1.5 19.1R1.6

QFX10002-36Q-DC

17.3R3 or later

17.3R3-S1.5 19.1R1.6

QFX10002-60C

17.3R3 or later

17.3R3-S1.5 19.1R1.6

QFX10002-72Q

17.3R3 or later 21.2R3.8

17.3R3-S1.5 19.1R1.6 21.2R3.8

QFX10002-72Q-DC

17.3R3-S1.5 or later

17.3R3-S1.5

QFX10008

17.3R3 or later

17.3R3.9 18.4R1.8

QFX5120-48T-6C

20.2R1.10 or later

20.2R1.10

QFX5120-48YM-8C

20.4R1.12

20.4R1.12

RELATED DOCUMENTATION Device Management Overview | 9

38
Viewing Managed Devices | 14 Device Discovery Profiles Overview | 47 Junos OS Releases Supported in Junos Space Network Management Platform | 152
Uploading Device Tags by Using a CSV File
Device tags help you easily identify managed devices when deploying a device template, upgrading a device image, staging scripts, or applying CLI Configlets to devices. Device tags associate the IP address or hostname of a managed device with a tag. Starting with Junos Space Network Management Platform Release 15.2R1, you can upload device tags from the local computer to Junos Space Network Management Platform. You use the Devices workspace to upload device tags by using a CSV file. You can assign the tags created using this task to other Junos Space objects. For more information, refer to “Tagging an Object” on page 1292.
NOTE: You must create a CSV file with the correct IP address or hostname of a device, tag name, and tag type, which could be private or public. If you do not specify whether the tag is private or public, by default a public tag is created. Tag names must not exceed 255 characters. Tag names must not start with a space, and cannot contain a comma, double quotation marks, and parentheses. Also, you cannot name a tag “Untagged” because it is a reserved term. Entries pertaining to incorrect IP addresses or hostnames are not uploaded to Junos Space Platform. You can view incorrect entries in the job results.
To upload device tags by using a CSV file: 1. On the Junos Space Network Management Platform user interface, select Devices > Device
Management. The Device Management page that appears displays all devices managed by Junos Space Platform. 2. Click the Tag Devices by CSV icon. The Upload Tags CSV File pop-up window is displayed. 3. (Optional) To view a sample CSV file, click the Sample CSV hyperlink. 4. Click Browse to select the CSV file from the local computer. 5. Click Import. The details of the devices and tags are uploaded to Junos Space Platform. A Job Information dialog box is displayed. a. Click OK.

39

You are redirected to the Device Management page.
To view job details: a. Click the job ID in the Job Information dialog box.
You are redirected to the Job Management page with the filtered view of the job. When the job is complete, all devices with correct details are assigned the tags you uploaded through the CSV file. To view the tags, go to Administration > Tags. Release History Table Release Description

15.2R1

Starting with Junos Space Network Management Platform Release 15.2R1, you can upload device tags from the local computer to Junos Space Network Management Platform.

RELATED DOCUMENTATION Tags Overview | 1273 Deleting Tags | 1290 Exporting Tags from Junos Space Network Management Platform | 1300
Filtering Devices by CSV
You can filter the devices on the Device Management page using a CSV file. To filter devices using a CSV file: 1. On the Junos Space Network Management Platform user interface, select Devices >Device
Management. The Device Management page is displayed. 2. Select Filter by CSV from the Actions menu. The Select CSV File pop-up window is displayed. 3. (Optional) To view a sample CSV file, click the Sample CSV hyperlink. 4. Click Browse and select the CSV file from the local computer. 5. Click Import. A progress bar is displayed. Junos Space Network Management Platform validates the values you provided in the CSV file. If the validation fails, a pop-window is displayed. This pop-up window displays the list of devices that were not validated.

40
If the CSV file is imported successfully, the Device Management page is filtered and lists only those devices whose host names were listed in the CSV file.
RELATED DOCUMENTATION Device Management Overview | 9 Uploading Device Tags by Using a CSV File | 38

41
CHAPTER 3
Systems of Record
IN THIS CHAPTER Systems of Record in Junos Space Overview | 41 Understanding How Junos Space Automatically Resynchronizes Managed Devices | 43
Systems of Record in Junos Space Overview
IN THIS SECTION Systems of Record | 41 Implications on device management | 42
Although by default the Junos Space network you are administering is the system of record (SOR)–each device defines its own official state–you may prefer to have the Junos Space Network Management Platform database contain the official state of the network, enabling you to restore that official state if unwanted out-of-band changes are made to a device. This feature enables you to designate Junos Space Network Management Platform as the SOR if you prefer.
Systems of Record
A network managed by Junos Space Network Management Platform contains two repositories of information about the devices in the network: the devices themselves (each device defines and reports its official state) and the Junos Space Network Management Platform database (which contains information that is reported by the device during device discovery). One of these repositories must have precedence over the other as the accepted desirable state. By default, the network itself is the system of record (NSOR). In NSOR, when a local user commits a change in the configuration of a network device, the commit operation triggers a report via system log to Junos Space Network Management Platform. The values in

42
the Junos Space Network Management Platform database are automatically changed to match the new device values, and the timestamps are synchronized. Thus the devices control the contents of the database.
As of version 12.2, you can designate the Junos Space Network Management Platform database values as having precedence over any values configured locally at a device. In this scenario, Junos Space Network Management Platform (database) is the system of record (SSOR). It contains the configurations that the Junos Space administrator considers best for the network devices. If an out-of-band commit operation is executed on a network device, Junos Space Network Management Platform receives a system log message, but the values in the Junos Space Network Management Platform database are not automatically changed or synchronized. Instead, the administrator can choose whether or not to overwrite the device’s local changes by pushing the accepted configuration to the device from the Junos Space Network Management Platform database.
The choice of pushing the Junos Space Network Management Platform configuration is left to the administrator because the local device changes may, for example, be part of a temporary test that the administrator would not want to interrupt. However, if the tester forgets to reset the configuration at the end of the test, the administrator might then push the SSOR configuration to the device.
Implications on device management
The basic difference between NSOR and SSOR lies in whether or not the Junos Space Network Management Platform database is automatically synchronized when changes are made to a network device, and which set of values has precedence.
Setting the Junos Space Network Management Platform database as the system of record does not protect your network from local changes. The device notifies Junos Space Network Management Platform via system log when the changes occur, and it does not resynchronize, so you still have the previous configuration and you can reset the remote device quickly if you need to do so. In an NSOR scenario, Junos Space Network Management Platform is also notified via system log. You can still push a more desirable configuration to the device, but this process is less efficient.
In the NSOR scenario, you can disable automatic resynchronization. When autoresynchronozation is turned off, the server continues to receive notifications and goes into the out-of-sync state; however, autoresynchronozation does not run on the device. You can manually resynchronize a device in such a case.
NSOR with automatic resynchronization disabled is not equivalent to SSOR: manually resynchronizing under NSOR updates the values in the Junos Space Network Management Platform database to reflect those on the device. This never happens under SSOR, where the Junos Space Network Management Platform database values have precedence over the device values, and synchronizing them involves pushing the database values to the device, effectively resetting the device’s out-of-band changes.

43
RELATED DOCUMENTATION Understanding How Junos Space Automatically Resynchronizes Managed Devices | 43
Understanding How Junos Space Automatically Resynchronizes Managed Devices
IN THIS SECTION Network as System of Record | 43 Junos Space as System of Record | 45
When configuration changes are made on a physical device that Junos Space Network Management Platform manages, Junos Space Platform reacts differently depending on whether the network itself is the system of record (NSOR) or Junos Space Platform is the system of record (SSOR). In the NSOR case, Junos Space Platform receives a system log message from the modified device and automatically resynchronizes the configuration values in its database with those of the device. This ensures that the device inventory information in the Junos Space Platform database matches the current configuration information on the device. In the SSOR case, the Junos Space Platform receives a system log message from the modified device. The Managed Status of that device changes from In Sync to Device Changed (if the changes are made from the device CLI), Space Changed (if the changes are made from Junos Space Platform), or Space & Device Changed (if the changes are made both from the device CLI and Junos Space Platform), but no resynchronization occurs. The Junos Space Platform administrator can choose whether or not to reset the device’s configuration to match the configuration values in the Junos Space Platform database. This topic covers:
Network as System of Record
After Junos Space Platform discovers and imports a device, if the network is the system of record, Junos Space Platform enables the auto-resynchronization feature on the device by initiating a commit operation. After auto- resynchronization is enabled, any configuration changes made on the device, including outof-band CLI commits and change-request updates, automatically trigger resynchronization on the

44 device. Figure 3 on page 44 shows how a commit operation resynchronizes the configuration information in the Junos Space Platform database with that on the device. Figure 3: Resynchronization Process
When a commit operation is performed on a managed device in NSOR mode, Junos Space Platform, by default, schedules a resynchronization job to run 20 seconds after the commit operation is received. However, if Junos Space Platform receives another commit notification within 20 seconds of the previous commit notification, no additional resynchronization jobs are scheduled because Junos Space Platform resynchronizes both commit operations in one job. This damping feature of automatic resynchronization provides a window of time during which multiple commit operations can be executed on the device, but only one or a few resynchronization jobs are required to resynchronize the Junos Space Platform database with the multiple configuration changes executed on the device. You can change the default value of 20 seconds to any other duration by specifying the value in seconds in the Administration > Applications > Network Management Platform > Modify Application Settings > Device > Max auto resync waiting time secs field. For example, if you set the value of this field to 120 seconds, then Junos Space Platform automatically schedules a resynchronization job to run 120 seconds after the first commit operation is received. If Junos Space Platform receives any other commit notification within these 120 seconds, it resynchronizes both commit operations in one job.

45
For information about setting the damper interval to change the resynchronization time delay and information about disabling the auto- resynchronization feature, see “Modifying Settings of Junos Space Applications” on page 1123.
When Junos Space Platform receives the device commit notification, the Managed Status is Out of Sync. When the resynchronization job begins on the device, the Managed Status of the device changes to Synchronizing and then In Sync after the resynchronization job has completed, unless a pending device commit operation causes the device to display Out of Sync while it was synchronizing.
When a resynchronization job is scheduled to run but another resynchronization job on the same device is in progress, Junos Space Platform delays the scheduled resynchronization job. The time delay is determined by the damper interval that you can set from the Application workspace. By default, the time delay is 20 seconds. The scheduled job is delayed as long as the other resynchronization job to the same device is in progress. When the currently running job finishes, the scheduled resynchronization job starts.
You can disable the auto-resynchronization feature in the Administration workspace. When autoresynchronization is turned off, the server continues to receive notifications and goes into the Out of Sync state; however, the auto- resynchronization feature does not run on the device. To resynchronize a device when the auto-resynchronization feature is disabled, use the Resynchronize with Network workflow. The auto-resynchronization jobs are not displayed on the Job Management page. These jobs run in the background and cannot be canceled from the Junos Space user interface. You can view the status of the auto-resynchronization job in the Managed Status column on the Device Management page or from the Device Count by Synchronization State widget on the Devices page. You can collect more information about these jobs from the server.log and autoresync.log files in the /var/log/jboss/ servers/server1 directory.
NOTE: You can view the auto-resynchronization jobs that were scheduled to execute before upgrading to Junos Space Platform Release 15.1R1, from the Job Management page.
Junos Space as System of Record
If Junos Space Platform is the system of record, automatic resynchronization of the configuration information between the Junos Space Platform database and the managed device does not occur. When Junos Space Platform receives a system log message from the modified device, the Managed Status of the device goes from In Sync to Device Changed (if the changes are made from the device CLI), Space Changed (if the changes are made from Junos Space Platform), or Space & Device Changed (if the changes are made both from the device CLI and Junos Space Platform) and remains so unless you manually push the system of record configuration from the Junos Space Platform database to the device.

46
RELATED DOCUMENTATION Systems of Record in Junos Space Overview | 41 Device Discovery Profiles Overview | 47 Device Inventory Overview | 119 Resynchronizing Managed Devices with the Network | 262

47
CHAPTER 4
Device Discovery Profiles
IN THIS CHAPTER Device Discovery Profiles Overview | 47 Creating a Device Discovery Profile | 53 Running Device Discovery Profiles | 61 Modifying a Device Discovery Profile | 63 Cloning a Device Discovery Profile | 64 Viewing a Device Discovery Profile | 65 Deleting Device Discovery Profiles | 67 Exporting the Device Discovery Details As a CSV File | 68
Device Discovery Profiles Overview
IN THIS SECTION Connections Initiated by Junos Space or the Device | 48 Device Information Fetched During Device Discovery | 51
You use the device discovery profile to add devices to Junos Space Network Management Platform from the Devices workspace. Discovery is the process of finding a device and then synchronizing the device inventory and configuration with the Junos Space Network Management Platform database. To use device discovery, you must be able to connect Junos Space Network Management Platform to the device. A device discovery profile contains preferences used to discover devices, such as discovery targets, probes used to discover devices, mode and details for authentication, SSH fingerprints of devices, and the schedule to use this discovery profile. You can start the discovery process using a discovery profile in

48
the following ways: scheduling a discovery after creating a discovery profile, or selecting a discovery profile and clicking Run Now.
Executing or running a discovery profile discovers, authenticates, and manages the device on Junos Space Network Management Platform. With appropriate privileges for discovering devices, you can create multiple discovery profiles with different combinations of targets, probes, and authentication modes on your Junos Space setup. You can clone, modify, and delete the device discovery profiles from Junos Space Network Management Platform. You can also choose whether to share device discovery profiles with other users with device discovery permissions.
To discover network devices using a device discovery profile, Junos Space Network Management Platform uses the SSH, ICMP Ping, and SNMP protocols. When the device is discovered, device authentication is handled through the administrator login SSH v2 credentials and SNMP v1, SNMP v2c, or SNMP v3 settings, keys generated from Junos Space Network Management Platform (RSA, DSS, or ECDSA keys), or custom keys. You can optionally enter the SSH fingerprint for each device and let Junos Space Network Management Platform save the fingerprint in the database during the discovery process and validate the fingerprint when the device connects to Junos Space Network Management Platform. Fingerprint validation is available only for SSH-enabled Juniper Networks devices and not for ww Junos OS devices and modeled devices. For more information about device authentication in Junos Space, see “Device Authentication in Junos Space Overview” on page 103.
For device targets, you can specify a single IP address, a DNS hostname, an IP range, or an IP subnet to discover devices on a network. When a device discovery profile is executed or run (either instantly or based on a schedule), Junos Space Network Management Platform connects to the physical device and retrieves the running configuration and the status information of the device. To connect with and configure devices, Junos Space Network Management Platform uses the Device Management Interface (DMI) of Juniper Networks devices, which is an extension of the NETCONF network configuration protocol.
Connections Initiated by Junos Space or the Device
When a device is discovered , Junos Space Network Management Platform creates an object in the Junos Space Network Management Platform database to represent the physical device and maintains a connection between the object and the physical device so that their information is linked.
Junos Space can manage devices in either of the following ways:
· Junos Space initiates and maintains a connection to the device.
· The device initiates and maintains a connection to Junos Space.
By default, Junos Space manages devices by initiating and maintaining a connection to the device. When Junos Space initiates the connection to the device, you can discover and manage devices irrespective of whether the management system is behind a Network Address Translation (NAT) server. For ww Junos OS devices, Junos Space uses SSH with an adapter to manage the devices.

49
For Junos Space-initiated connection, it configures the following Junos OS CLI commands on the device during device discovery:
Standalone SRX Series Firewall
set system services ssh max-sessions-per-connection 32 set system syslog file default-log-messages any info set system syslog file default-log-messages match “(requested ‘commit’ operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)| (package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)|GRES| (AIS_DATA_AVAILABLE)” set system syslog file default-log-messages structured-data set snmp trap-group space targets
Cluster SRX
set groups node0 system services ssh max-sessions-per-connection 32 set groups node0 system syslog file default-log-messages any info set groups node0 system syslog file default-log-messages match “(requested ‘commit’ operation)| (copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred |transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)| (unplugged)|GRES|(AIS_DATA_AVAILABLE)” set groups node0 system syslog file default-log-messages structured-data set groups node1 system services ssh max- sessions-per-connection 32 set groups node1 system syslog file default-log- messages any info set groups node1 system syslog file default-log-messages match “(requested ‘commit’ operation)| (copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)|(package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)| (unplugged)|GRES|(AIS_DATA_AVAILABLE)” set groups node1 system syslog file default-log-messages structured-data set snmp trap-group space targets
EX Series
set system services ssh max-sessions-per-connection 32 set system syslog file default-log-messages any any set system syslog file default-log-messages match “(requested ‘commit’ operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU

50
insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)| (package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)| cm_device|(Primary Unchanged, Members Changed)|(Primary Changed, Members Changed)|(Primary Detected, Members Changed)|(vc add)|(vc delete)|(Primary detected)|(Primary changed)|(Backup detected)|(Backup changed)|(interface vcp-)|(AIS_DATA_AVAILABLE)” set system syslog file default-log-messages structured-data set snmp trap-group space targets
QFX Series
set system services ssh max-sessions-per-connection 32 set system syslog file default-log-messages any any set system syslog file default-log-messages match “(requested ‘commit’ operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)| (package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)| QF_NODE|QF_SERVER_NODE_GROUP|QF_INTERCONNECT|QF_DIRECTOR|QF_NETWORK_NODE_GROUP|(Primary Unchanged, Members Changed)|(Primary Changed, Members Changed)|(Primary Detected, Members Changed)|(vc add)|(vc delete)|(Primary detected)|(Primary changed)|(Backup detected)|(Backup changed)|(interface vcp-)|(AIS_DATA_AVAILABLE)” set system syslog file default-log-messages structured-data set snmp trap-group space targets
MX Series
set system services ssh max-sessions-per-connection 32 set system syslog file default-log-messages any info set system syslog file default-log-messages match “(requested ‘commit’ operation)|(copying configuration to juniper.save)|(commit complete)|ifAdminStatus|(FRU power)|(FRU removal)|(FRU insertion)|(link UP)|transitioned|Transferred|transfer-file|(license add)|(license delete)| (package -X update)|(package -X delete)|(FRU Online)|(FRU Offline)|(plugged in)|(unplugged)| CFMD_CCM_DEFECT| LFMD_3AH | RPD_MPLS_PATH_BFD|(Primary Unchanged, Members Changed)|(Primary Changed, Members Changed)|(Primary Detected, Members Changed)|(vc add)|(vc delete)|(Primary detected)|(Primary changed)|(Backup detected)|(Backup changed)|(interface vcp-)| (AIS_DATA_AVAILABLE)” set system syslog file default-log-messages structured-data set snmp trap-group space targets <space- ip-address>

51
If a device-initiated connection to Junos Space is enabled, the DMI channel and port 7804 are used and the following (sample) configuration is added on the device to establish the connection to Junos Space:
set system services outbound-ssh client 00111DOCEFAC device-id 7CE5FE set system services outbound-ssh client 00111DOCEFAC secret “$ABC123” set system services outbound-ssh client 00111DOCEFAC services netconf set system services outbound-ssh client 00111DOCEFAC 172.22.199.10 port 7804
To discover and manage devices through a device-initiated connection, clear the Junos Space initiated connection to device check box on the Modify Application Settings page in the Administration workspace. For information about configuring connections initiated by Junos Space by a device, see “Modifying Junos Space Network Management Platform Settings” on page 1124.
You can configure a NAT server to route connections between the Junos Space setup and managed devices. Both device-initiated connections to a Junos Space setup and connections initiated by Junos Space to managed devices, when the Junos Space setup is behind the NAT server, are supported on Junos Space Network Management Platform. If a NAT server is used, the managed devices connect to Junos Space Network Management Platform through the IP address of Junos Space Network Management Platform translated by NAT. For more information about using a NAT server on a Junos Space setup, see “NAT Configuration for Junos Space Network Management Platform Overview” on page 1066.
When configuration changes are made in Junos Space Network Management Platform–for example, when you deploy service orders to activate a service on your network devices–the configuration is pushed to the physical device.
If the network is the system of record (NSOR), when configuration changes are made on the physical device (out-of-band CLI commits and change-request updates), Junos Space Network Management Platform automatically resynchronizes with the device so that the device inventory information in the Junos Space Network Management Platform database matches the current device inventory and configuration information. If Junos Space Network Management Platform is the system of record (SSOR), this resynchronization does not occur and the database is unchanged.
Device Information Fetched During Device Discovery
The following device inventory and configuration data are captured and stored in relational tables in the Junos Space Network Management Platform database:
· Devices–Hostname, IP address, credentials
· Physical Inventory–Chassis, FPM board, power entry module (PEM), Routing Engine, Control Board (CB), Flexible PIC Concentrator (FPC), CPU, PIC, transceiver, fan tray

52

Junos Space Network Management Platform displays the model number, part number, serial number, and description for each inventory component, when applicable.
· Logical Inventory–Subinterfaces, encapsulation (link-level), type, speed, maximum transmission unit (MTU), VLAN ID
· License information: · License usage summary–License feature name, feature description, licensed count, used count, given count, needed count
· Licensed feature information–Original time allowed, time remaining
· License SKU information–Start date, end date, and time remaining
· Loopback interface
Other device configuration data is stored in the Junos Space Network Management Platform database as binary large objects and is available only to northbound interface (NBI) users. Release History Table Release Description

16.1R1

You use the device discovery profile to add devices to Junos Space Network Management Platform from the Devices workspace.

RELATED DOCUMENTATION
Creating a Device Discovery Profile | 53 Running Device Discovery Profiles | 61 Cloning a Device Discovery Profile | 64 Viewing a Device Discovery Profile | 65 Viewing Managed Devices | 14 Systems of Record in Junos Space Overview | 41 Understanding How Junos Space Automatically Resynchronizes Managed Devices | 43 Resynchronizing Managed Devices with the Network | 262 Device Management Overview | 9 Device Inventory Overview | 119 DMI Schema Management Overview | 1302

53
Creating a Device Discovery Profile
IN THIS SECTION Specifying Device Targets | 53 Specifying Probes | 56 Selecting the Authentication Method and Specifying Credentials | 57 (Optional) Specifying SSH Fingerprints | 59 Scheduling Device Discovery | 59
You create a device discovery profile to create a set of preferences for device targets, probes, authentication mode and credentials, SSH fingerprints, and the schedule to discover devices to Junos Space Network Management Platform. In addition to scheduling the discovery, you can manually start the discovery process by running the device discovery profile. For more information, see “Running Device Discovery Profiles” on page 61.
NOTE: To discover a device with dual Routing Engines, always specify the IP address of the current primary Routing Engine. When the current primary IP address is specified, Junos Space Network Management Platform manages the device and the redundancy. If the primary Routing Engine fails, the backup Routing Engine takes over and Junos Space Network Management Platform manages the transition automatically without bringing down the device.
NOTE: When you initiate discovery on a device running Junos OS, Junos Space Network Management Platform automatically enables the NETCONF protocol over SSH by pushing the following command to the device: set system services netconf ssh
To create a device discovery profile, complete the following tasks:
Specifying Device Targets
Device targets are IP addresses or hostnames of devices that you want Junos Space Network Management Platform to discover.

54
To specify the device targets that you want Junos Space Network Management Platform to discover: 1. On the Junos Space Network Management Platform user interface, select Devices > Device
Discovery > Device Discovery Profiles. The Discover Discovery Profiles page is displayed. 2. Click the Create Device Discovery Profile icon on the toolbar. The Device Discovery Target page is displayed on the left. The list of different tasks that should be completed to create a profile is displayed on the right: Device Discovery Target, Specify Probes, Specify Credentials, Specify Device FingerPrint, and Schedule/Recurrence.
NOTE: At any point in time, you can click the links to the different tasks (on the right of the page) and navigate to those pages.
3. In the Discovery Profile Name field, enter the name of the device discovery profile. The device discovery profile name cannot exceed 255 characters and can contain letters, numbers, spaces, and special characters. The special characters allowed are period (.), hyphen (-), and underscore (_). The device discovery profile name cannot start with letters or numbers and cannot contain leading or trailing spaces.
NOTE: The Make Public check box is selected by default so that the device discovery profile is visible to all users.
4. In the Discovery Parameters field, you can add devices manually by specifying the details on the Device Discovery Target page or by uploading the details of the devices through a CSV file. To add devices manually: a. Click the Add Manually option button. b. In the Target Type area, select how you want to specify the targets: IP addresses or hostnames, IP ranges, or a subnet. · To enter the IP address or hostname of the device: i. Select the IP Address/Hostname option button. ii. In the Target Details field, enter the IP address or hostname.
NOTE: You can enter the IP address in either IPv4 or IPv6 format. Refer to http:// www.iana.org/assignments/ipv4-address-space/ipv4-address-space.xhtml for the

55
list of restricted IPv4 addresses and http://www.iana.org/assignments /ipv6address-space/ipv6-address-space.xhtml for the list of restricted IPv6 addresses.
NOTE: You can enter a combination of the following separated by a comma (,): · IP addresses · Hostnames · IP address range expressions · Subnet expressions For example, 192.168.27.1, example.abc.com, 192.168.27.50-192.168.27.60,192.168.26.0/24
· To enter a range of IP addresses for the devices: i. Select the IP Range option button. The maximum number of IP addresses for an IP range target is 1024. ii. In the Start IP Address field, enter the first IP address. iii. In the End IP Address field, enter the last IP address.
· To enter an IP subnet for the devices: i. Select the Subnet option button. ii. In the IP Subnet/CIDR field, enter the subnet details. The subnet prefix for IPv4 addresses is 1­32 and for IPv6 addresses is 1­128.
To add devices by using a CSV file:
NOTE: Device discovery is supported only for existing public tags in Junos Space Platform. Starting from Junos Space Network Management Platform Release 16.1R1, a Private Key column has been added in the CSV file to support the custom key option for device discovery. Ensure that you use the latest sample CSV file. However, backward compatibility is supported. That is, if you use an existing CSV file (from a previous release), the file is uploaded successfully.
a. Click the Upload CSV option button.

56
NOTE: The format of the CSV file that you are uploading should exactly match the format of the sample CSV file. You can add hundreds of devices to Junos Space Network Management Platform by using a CSV file. You can specify the hostnames, IP addresses, device login credentials, tags, and SSH fingerprints in the CSV file.
b. (Optional) To view a sample CSV file, click the Sample CSV link.
c. Click Browse. The CSV File Upload dialog box appears.
d. Navigate to the desired CSV file, select it, and then click Open. The name of the CSV file is displayed in the CSV File: field.
e. Click Upload to upload the selected CSV file. 5. Click Next to proceed and select probes.
The Specify Probes page is displayed.
Specifying Probes
Probes are protocols used to find devices on the network–ping, SNMP, or SSH. To specify probes on the Specify Probes page: 1. To use the NAT configuration to discover devices using this profile, select the the Use NAT check
box. The Use NAT check box is available for selection only if NAT is already configured in Junos Space. 2. To discover devices using ping (if SNMP is not configured on the device), select the Use Ping check box. By default, this check box is selected. 3. To discover devices using SNMP (if SNMP is configured on the device), select the Use SNMP check box. By default, this check box is selected.
NOTE: If you clear both the Use Ping and Use SNMP check boxes, SSH is used to discover devices. When both the Use Ping and Use SNMP check boxes are selected (the default), Junos Space Network Management Platform can discover the target device more quickly, but only if the device is pingable and SNMP is enabled on the device.
4. You can select an appropriate version of SNMP during discovery:

57
a. To use SNMP v1 or v2c: i. Select the SNMP V1/V2C option button. ii. Specify a community string, which can be public, private, or a predefined string. The default community string is public.
b. To use SNMP v3: i. Select the SNMP V3 option button. ii. In the User Name field, enter the username. iii. In the Authentication type field, select the authentication type (MD5, SHA1, or None). iv. In the Authentication password field, enter the authentication password. . This field is available only if you selected MD5 or SHA1 in the Authentication type field. If you selected None as the authentication type, the authentication function is disabled. v. Select the privacy type (AES128, AES192, AES256, DES, or None). vi. Enter the privacy password (if AES128, AES192, AES256, or DES). If you specify None for the privacy type, the privacy function is disabled.
NOTE: The SNMPv3 privacy mode supports Advanced Encryption Standard (AES) algorithms with 192-bit and 256-bit encryption from Junos Space Network Management Platform Release 16.1R1 onward.
5. (Optional) Click Back to navigate to the Device Discovery Target page and change the details of the device targets.
6. Click Next to proceed and select the authentication method. The Specify Credentials page is displayed.
Selecting the Authentication Method and Specifying Credentials
You can choose the mode of authentication for the devices you are about to discover. For credentialsbased authentication, if you already specified the device login credentials in the CSV file, you can skip the Specify Credentials page. With credentials-based authentication, you can specify a common administrator name and password to establish an SSH connection to each target device that you are about to discover. If you are using key-based authentication, you must have generated keys from Junos Space Network Management Platform or must have the private key on your computer. To specify the mode of authentication and credentials on the Specify Credentials page:

58
Select the mode of authentication used to authenticate devices during discovery. To use credentials-based authentication: a. In the Authentication Type area, select the Credentials-Based Authentication option button. b. In the Username field, enter the administrator username. c. In the Password field, enter the administrator password. d. In the Confirm Password field, reenter the administrator password. To use key-based authentication: a. In the Authentication Type area, select the Key-Based Authentication option button. b. In the Username field, enter the administrator username.
You can use a key generated from Junos Space Network Management Platform (known as Space Key) or a custom private key uploaded to Junos Space Network Management Platform: · To use a key generated from Junos Space Network Management Platform:
i. Select the Use Space Key option button. From Junos Space Platform Release 18.2 onward, you can upload Space Key for authentication to Junos Space Platform by using the device discovery workflow. Select the Upload Space Key to Device checkbox to upload the Space Key to the device. To upload Space Key: · Enter the username in the Authorized Username field. · Enter the password in the Authorized Password field.
NOTE: The above credentials, Authorized Username and Authorized Password, are used only to upload the Space Key to the device. If the username you specify in the Username field does not exist on the device, a user with this username is created as a super user and the key is uploaded for this user.
· To use a custom private key: i. Select the Use Custom Key option button. ii. (Optional) In the Passphrase field, enter the passphrase created when you generated the private key.

59
iii. Next to the Private Key field, click the Browse button to upload the private key for the managed devices.
NOTE: If you modify the discovery profile, the Private Key field displays id_rsa (which is the default filename) instead of the name of the uploaded file.
c. (Optional) Click Back to navigate to the preceding pages and change the probes and device targets. d. Click Next to proceed and specify device fingerprints.
The Specify Device FingerPrint page is displayed.
(Optional) Specifying SSH Fingerprints
Optionally, specify or modify (if you specified the fingerprints by using the CSV file) the SSH fingerprints for target devices. If you do not specify the fingerprints, Junos Space Network Management Platform obtains fingerprint details when it connects to the device for the first time. You can specify fingerprints during device discovery only for Juniper Networks devices. If you already specified the SSH fingerprints in the CSV file, you can skip this task. To specify the SSH fingerprints on the Specify Device FingerPrint page:

1. Click the Fingerprint column corresponding to the device and enter the SSH fingerprint of the device.
   NOTE: You can specify fingerprints for a maximum of 1024 devices simultaneously using this workflow.
   2. (Optional) Repeat step 1 for all devices or devices whose fingerprints you know. 3. (Optional) Click Back to navigate to the preceding pages and change the authentication details,
   probes, and device targets. 4. Click Next to proceed and schedule discovery by using this profile.
   The Schedule/Recurrence page is displayed.
   Scheduling Device Discovery
   Schedule the device discovery profile to discover devices to Junos Space Network Management Platform. To schedule the device discovery profile to discover devices: 1. Select the Schedule at a later time check box.
   a. Enter the date in the Date field in the MM/DD/YYYY format.

60

b. Enter the time in the Time field in the hh:mm format. 2. Select the Recurrence check box.
a. (Optional) Select the periodicity of recurrence from the Repeats list. The options are Minutes, Hourly, Daily, Weekly, Monthly, and Yearly. The default is Weekly.
b. (Optional) Select the interval from the Repeat every list. The default is

1. c. (Optional) If you select Weekly from the Repeats list, the Repeat by field appears. Select the check boxes for the days of the week that you want the job to recur.
   d. (Optional) Click the On option button in the Ends field to specify an end date for the job recurrence. If you select the Never option button, the job recurs endlessly until you cancel the job manually.
   e. To specify the date and time when you want to end the job recurrence: i. Enter the date in the Date field in the MM/DD/YYYY format.
   ii. Enter the time in the Time field in the hh:mm format. 3. (Optional) Click Back to navigate to the preceding page and change fingerprints, authentication
   details, probes, and device targets. 4. Click Finish to save the device discovery profile.
   A job is created and the Discover Network Elements Information dialog box displays the link to the job ID. Click OK to close the Information dialog box.
   Release History Table Release Description

18.2

From Junos Space Platform Release 18.2 onward, you can upload Space Key for authentication to Junos

Space Platform by using the device discovery workflow.

16.1R1

Starting from Junos Space Network Management Platform Release 16.1R1, a Private Key column has been added in the CSV file to support the custom key option for device discovery.

16.1R1

The SNMPv3 privacy mode supports Advanced Encryption Standard (AES) algorithms with 192-bit and 256-bit encryption from Junos Space Network Management Platform Release 16.1R1 onward.

RELATED DOCUMENTATION Understanding How Junos Space Automatically Resynchronizes Managed Devices | 43 Device Discovery Profiles Overview | 47

61
Exporting the Device Discovery Details As a CSV File | 68 Viewing Managed Devices | 14 Viewing Jobs | 772 Resynchronizing Managed Devices with the Network | 262 Viewing the Physical Inventory | 121 Viewing Physical Interfaces of Devices | 126 Exporting the License Inventory DMI Schema Management Overview | 1302 Device Authentication in Junos Space Overview | 103
Running Device Discovery Profiles
You run a device discovery profile to automatically discover, synchronize device inventory and interface details, and manage devices running Junos OS to Junos Space Network Management Platform. Device discovery is a four-step process in which you specify target devices, credentials to connect to each device (that is, reuse existing credentials or specify new ones), and, optionally, the probe method (ICMP Ping, SNMP, both ICMP Ping and SNMP, or none), and the SSH fingerprint for each device. You can run multiple device discovery profiles by using this workflow. If you run multiple device discovery profiles, all devices targets specified in the device discovery profiles are discovered. Before you start discovering devices, ensure that the following conditions are met: · The device is configured with a management IP address that is reachable from the Junos Space
server, or the NAT server if you are using a NAT server on your Junos Space setup. · A user with the privileges of a Junos Space administrator is created and enabled on the device. · The device is configured to respond to ping requests if you intend to use ping as the probe method
to discover devices. · SNMP is enabled on the device with appropriate read- only v1 or v2c or v3 credentials if you intend
to use SNMP as the probe method to discover devices.
NOTE: To discover and manage a cluster of SRX Series Firewalls, each cluster node must be discovered independently using the management IP address of the respective node.
To run discovery profiles:

62
1. On the Junos Space Network Management Platform user interface, select Devices >Device Discovery > Device Discovery Profiles. The Discover Discovery Profiles page is displayed.
2. Select the check boxes corresponding to the discovery profiles you want to run and click the Run Now icon on the toolbar. The Discovery Status report appears. This report shows the progress of discovery in real time. Click a bar in the chart to view information about the devices currently managed or discovered, or for which discovery failed.
A job is created for every device discovery profile you run. From the Job Details page, you can check whether a device was discovered and added to Junos Space Network Management Platform. If a device is discovered, you can view the device on the Device Management page.
To go to the Job Details page, double-click the ID of the device discovery job on the Job Management page. The Description column on this page specifies whether the device was discovered and added to Junos Space Network Management Platform. If the device was not discovered and added to Junos Space Network Management Platform, the column lists the reason for failure. You can also sort all the columns in ascending or descending order to identify the devices that are discovered and devices that are not discovered.
To export the device discovery details for all device discovery profiles that are run, from the Job Details page, see “Exporting the Device Discovery Details As a CSV File” on page 68.
Verify the following changes in the Web UI to ensure that the clusters are discovered successfully:
· In the Manage Devices Inventory page:
Each peer device displays the other cluster member.
The devices are displayed as primary and secondary in the cluster.
· In the Physical Inventory page:
The chassis information is displayed for each peer device in the cluster.
RELATED DOCUMENTATION Creating a Device Discovery Profile | 53 Device Discovery Profiles Overview | 47 Viewing a Device Discovery Profile | 65 Exporting the Device Discovery Details As a CSV File | 68

63
Modifying a Device Discovery Profile
You modify a device discovery profile when you want to expand the range of device targets, change device targets when devices were not discovered, change credentials or other details such as fingerprints or the discovery schedule.
NOTE: Ensure that you have no discovery jobs scheduled for a device discovery profile that you want to modify. All discovery jobs scheduled from the original device discovery profile are canceled after you modify the original device discovery profile.
To modify a device discovery profile: 1. On the Junos Space Network Management Platform user interface, select Devices > Device
Discovery > Device Discovery Profiles. The Discover Discovery Profiles page is displayed. 2. Select the check box corresponding to the device discovery profile you want to modify and click the Modify Profile icon on the toolbar The Modify Device Discovery Profile page is displayed. The Device Discovery Target page is displayed on the left. The list of different tasks that should be completed to create a device discovery profile is displayed on the right: Device Discovery Target, Specify Probes, Specify Credentials, Specify Device FingerPrint, and Schedule/Recurrence.
NOTE: At any point in time, you can click the links to the different tasks (on the right of the page), navigate to those pages, and modify the details of the device discovery profile.
3. (Optional) Review and modify the details of the device and click Next. The Specify Probes page is displayed.
4. (Optional) Review and modify the probes and click Next. The Specify Credentials page is displayed.
5. (Optional) Review and modify the authentication details and click Next.
NOTE: If you modify the discovery profile, the Private Key field displays id_rsa (which is the default filename) instead of the name of the uploaded file.
The Specify Device FingerPrint page is displayed. 6. (Optional) Review and modify the fingerprint details and click Next.

64
The Schedule/Recurrence page is displayed. 7. Review and modify the schedule and click Finish.
The device discovery profile is modified. A job is created and the Discover Network Elements Information dialog box displays the link to the job ID. Click OK to close the Information dialog box.
NOTE: If you modify and run a device discovery profile for which an associated device discovery job is already in progress, the existing job is cancelled and a new job is triggered for the modified discovery profile.
RELATED DOCUMENTATION Creating a Device Discovery Profile | 53 Running Device Discovery Profiles | 61 Viewing a Device Discovery Profile | 65 Deleting Device Discovery Profiles | 67
Cloning a Device Discovery Profile
You clone a device discovery profile when you want to reuse the details of an existing device discovery profile and quickly create a new device discovery profile.
NOTE: To use the cloned device discovery profile immediately after cloning, you must not modify the targets and fingerprints, or the discovery schedule. You can also choose not to schedule discovery until you finalize

References

• 104.131.165.47
• รับทำการตลาด สายเทา seo วิธีหาหาลูกค้า เว็บพนัน 2023
• Félicitations ! Votre domaine a bien été créé chez OVHcloud !
• Installing Subversion
• 匠
• Home · TortoiseSVN
• Apache Velocity Engine - User Guide
• IANA IPv4 Address Space Registry
• Internet Protocol Version 6 Address Space
• Internet Protocol Version 6 Address Space
• Internet Protocol Version 6 Address Space
• Support
• Documentation | Juniper Networks
• OpenNMS - Open Source Network Monitoring Platform
• Home · TortoiseSVN
• Junos Space Archives | Juniper Networks
• Junos Space Archives | Juniper Networks
• Junos Space Archives | Juniper Networks
• Junos Space Archives | Juniper Networks
• Junos Space Archives | Juniper Networks
• Junos Space Virtual Appliance Installation and Configuration Guide - TechLibrary - Juniper Networks
• Junos Space Virtual Appliance Deployment Overview - TechLibrary - Juniper Networks
• Configuring a Junos Space Virtual Appliance as a Junos Space Node - TechLibrary - Juniper Networks
• RADIUS Authentication | Junos OS | Juniper Networks
• Before You Begin Autoinstallation on an ACX Series Universal Access Router - Technical Documentation - Support - Juniper Networks
• USB Autoinstallation on ACX Series Routers - Technical Documentation - Support - Juniper Networks
• Junos OS 13.1 Junos XML Management Protocol Guide
• Understanding Autoinstallation of Configuration Files (Junos OS) | Junos OS | Juniper Networks
• Configuring Autoinstallation of Configuration Files (Junos OS) | Junos OS | Juniper Networks
• Juniper Licensing User Guide | Licensing | Juniper Networks
• Example: Configuring an Active/Passive Cluster Deployment | Juniper Networks
• Junos Space Archives | Juniper Networks
• Upgrading to Junos Space Network Management Platform Release 21.1R1 | Workspaces User Guide | Juniper Networks TechLibrary
• Logical Systems and Tenant Systems User Guide for Security Devices | Junos OS | Juniper Networks
• Downloads

Read User Manual Online (PDF format)

Read User Manual Online (PDF format)  >>

Download This Manual (PDF format)

Download this manual  >>