AIM Partner Controller and End-User Operational Modes

You can run AIM in a cascaded Partner Controller and End Customer engagement method. Juniper Networks partners and their end customers can use AIM with the same or similar functionality as a direct customer. The interaction between the AIS components in an AIM partner and end user installation is as follows:

• The partner installs AIM and connects it to JSS.
• The partner requests a license from Juniper Networks to enable AIM Partner Controller functionality.
• The partner’s end users install AIM and configure it to connect to the partner’s AIM. End users connect to the partner using the HTTPS communication protocol. The URL used for connection between the end user and the partner is configured on the AIM Settings > General Settings page in the end user's installation.
• The partner creates a proxy device group for each end user and activates the groups with JSS. This can be done through the AIM Settings > Organizations page.
• The partner administrator controls which AIM users have access to each end user by associating user groups to the proxy device group.
• The partner creates reaction policies directed to a proxy device group. This allows the partner to react to certain events (such as a New Incident Detected) specific to a particular end user.
• The end user installs AI-Scripts on devices on the network and sets up AIM to detect device event and informational JMBs.
• The end user operates AIM the same way as an AIM direct customer. However, instead of communicating directly with JSS, the end user communicates with the partner.
• The partner manages communication to and from the end users. For example, cases submitted by the partner’s end users can be handled directly by the partner or forwarded to JSS for resolution by Juniper Networks JTAC engineers.
• When partners use their own case management system to track problems, they can integrate with AIM by providing the case link, status, and ID references for each incident reported. AIM forwards the case link and ID to the end user, thus providing the end user with access to the partner’s case management system.
• Partners forward any intelligence messages received from JSS to their end users at their discretion. The intelligence message can be customized by the partner before it is sent to the end user.
• The partner's AIM filters end-user items can be based on a specific proxy device group, enabling the partner to view all incidents for a particular end user.

New partner and end user AIM user interface changes appear in AIM as follows:

• License Manager—A new license is required for AIM Partner Controller mode.
• General Settings—Includes a new field for adding the URL used to connect to JSS or a partner. If AIM is run in standard or partner modes, this URL is always the current JSS URL: https://services.juniper.net. If AIM is run in end user mode, the URL can be changed to the partner’s URL.
• Proxy Organizations—When AIM is run in Partner Controller mode, the partner can create a proxy organization which is a sub-organization representing a end user in the partner’s AIM. Proxy organizations allow a partner to view the alerts and informational message sent to a specific end user.
• Organization Device Groups—A device can belong to only one AIM Organization Device group. The Device group is for administrative operation that can lead to the overwriting of settings on a device. Device groups are visible in all three AIM modes of operation. In the current AIM release, Directives groups are for devices not capable of running AI-Scripts and that use the Juniper Data Collector to gather operational data. Devices can belong to more than one Directives group. Directives groups are visible in all three AIM modes of operation.
• Incident Manager—An addition to the Organization/Device Group column shows the proxy organization alias. A partner can create a case on behalf of an end user. The Filter by list box name has been changed to Show and includes proxy organizations. The On drop-down list box dynamically changes to show the available proxy organizations. The partner only sees incidents for devices to which they are associated through the user groups to which they belong.
• Incident Details—The Incident Manager Incidents Details page includes new fields for incidents when run in Partner Controller mode so that the partner can resolve an incident themselves instead of JSS by creating a non-Juniper Networks case link, case ID, and case status. If these fields are left unmodified, JSS resolves the case using the JSS attributes.
• Reaction Policies—All reaction policy types now also apply to a proxy organization. Two new reaction policy types (only available in AIM Partner Controller mode) have been added: Incident Reported by End Customer and New Approval Required.
• Intelligence Manager—The Intelligence Updates tab allows filtering by proxy organization to allow the partner to view the alerts and informational messages that have been sent to a specific end user. The Intelligence Updates tab includes a new column for proxy organizations to which an alert or intelligence message has been sent. A new Associate Proxy Organizations button on the Information Entry and Alert Entry pages allows the partner to associate the end users to whom to send alerts and informational messages. A new row in the Intelligence Manager table shows the proxy organizations to which an alert or informational message has been sent. The Scan for Impact page displays a table of all the proxy organizations that the alert or informational message affects. The Scan for Impact page also lets the partner decide to which proxy organizations to send an intelligence update.