Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Installing Security Director

 

In Junos Space Security Director, a single image installs Security Director, Log Director, and the Security Director Logging and Reporting modules. You must deploy the Log Collector and then add it to the Security Director to view the log data in the Dashboard, Events and Logs, Reports, and Alerts pages.

Note

Both JSA as Log Collector and Security Director Log Collector cannot be added together.

To install the Junos Space Security Director:

  1. Download the Junos Space Security Director Release image from the download site.
  2. Install the Security Director application using the procedure at Adding a Junos Space Application.

The administrator can add a new Junos Space application while Junos Space Network Management Platform is still running.

Adding an application to the Junos Space Platform server is a two-step process:

  1. Upload the application to the Junos Space Platform server.
  2. Install the uploaded application.

Uploading the Junos Space Application

To upload a Junos Space application:

  1. Ensure that the Junos Space application you want to add is downloaded from the Juniper Networks software download site to the local client file system:

    https://www.juniper.net/support/products/space/#sw

  2. Select Administration > Applications and click the Add Application icon.

    The Add Application page appears. If you have not uploaded any applications, the page is blank.

  3. Upload the new application by performing one of the following steps:
    1. Click Upload via HTTP.

      The Software File dialog box appears.

      1. Type the name of the application file or click Browse to navigate to where the new Junos Space application file is located on the local file system.
      2. Click Upload. This action might take a while. Wait until the application is uploaded.

        If you are trying to upload an application that is not supported by Junos Space Platform 19.1R1, then Junos Space Platform displays the following error message:

        Current platform version does not support this software version.

        The Application Management Job Information dialog box appears. Go to step 4 to confirm whether the application is uploaded successfully.

    2. Click Upload via SCP.

      The Upload Software via SCP dialog box appears. Add the Secure Copy credentials to upload the Junos Space Platform application image from a remote server to Junos Space.

      1. In the Username field, enter your username.
      2. In the Password field, enter your password.
      3. In the Confirm password field, enter your password again to confirm the password.
      4. In the Machine IP field, enter the host IP address.Note
        • Depending on whether the Junos Space fabric is configured with only IPv4 addresses or both IPv4 and IPv6 addresses, Junos Space Platform allows you to enter an IPv4 address or either an IPv4 or IPv6 address respectively for the SCP server.

        • The IPv4 and IPv6 addresses that you use must be valid addresses. Refer to http://www.iana.org/assignments/ipv4-address-space for the list of restricted IPv4 addresses and http://www.iana.org/assignments/ipv6-address-space for the list of restricted IPv6 addresses.

      5. In the Software File Path field, enter the path name of the Junos Space application file.

        For example, /root/<image-name>.img.

      6. Click Upload. This action might take a while. Wait until the application is uploaded.

        If you are trying to upload an application that is not supported by Junos Space Platform Release 14.1R2, then Junos Space Platform displays the following error message:

        Current platform version does not support this software version.

        The Application Management Job Information dialog box appears. Go to step 4 to confirm whether the application is uploaded successfully.

  4. In the Application Management Job Information dialog box, if you click the Job ID link, you see the Add Application job on the Jobs > Job Management inventory page. Wait until the job is completed and ensure that the job is successful.

    If the upload is successful, then the new application is displayed by application name, filename, version, release level, and the required Junos Space Platform version on the Add Application page.

Installing the Uploaded Junos Space Application

To install the uploaded application:

  1. Select Administration > Applications and click the Add Application icon.

    The Add Application page appears.

  2. Select the uploaded application.
  3. Click Install to install the application or click Cancel to exit the Add Application page.

    The Application configuration page appears, displaying a list of server groups to which you can deploy the application.

    Caution

    After you select and successfully deploy an application to a server group, it is not possible to move the application from one server group to another from the Junos Space GUI. So choose a server group after careful consideration. To move an application from one server group to another, use the script tool (see the instructions specified in Running Applications in Separate Server Instances).

  4. Select a server group to which you want to deploy the application.

    The default server group is platform to which Junos Space Platform is deployed. If you do not select any server group, the selected application is automatically deployed to the default platform server group.

  5. Click OK to proceed.

    The Application Management Job Information dialog box appears.

  6. In the Application Management Job Information dialog box, if you click the Job ID link, you see the Add Application job on the Job Management page. Wait until the application is fully deployed and ensure that the job is successful.

    If the installation of the application is a failure, then the Summary column for the installation job displays the reason for failure. However, the display of messages depends also on the type and version of the application being installed.

    Note

    It is important that you install the applications in the right order: from the primary application to the dependent applications.

  7. If the installation is successful, without logging out of Junos Space Platform, select the application from the Application Chooser list (located at the top-left) to view and begin using its workspaces and tasks.

Installing and Upgrading Security Director from the Junos Space Store

The Junos Space store displays a list of applications, which can be installed on the Junos Space Network Management Platform. This topic describes the Security Director installation and upgrade procedure using the Junos Space store.

Before You Begin

  • Configure Junos Space Store in Junos Space Network Management Platform. For details on configuring and modifying the Junos Space settings, see Configuring and Managing Junos Space Store.

  • You must deploy the Log Collector and Policy Enforcer nodes before installing Security Director.

  • Ensure the HDD size (>500GB) of the Junos Space Platform before configuring Log Collector. OpenNMS should be in the disabled state.

For configuring Log Collector component in Junos Space store:

  • For distributed deployment of Security Director Log Collector, deploy Log Collector VM on a VMWare ESX server, KVM server, or a JA2500 appliance. To know more about distributed deployment, see Setting Up Security Director Log Collector.

  • For integrated deployment of Log Collector, install the Integrated Log Collector on a JA2500 Appliance or Junos Space virtual appliance. To know more about the integrated deployment of Log Collector, see, Setting Up Security Director Log Collector.

  • Deploy and configure JSA for using JSA as Log Collector. See, JSA Log Collector Overview.

For configuring Policy Enforcer component in Junos Space Store:

To install and upgrade Security Director from the Junos Space Store:

  1. Log in to Junos Space Network Management Platform.
  2. Select Administration > Applications > Junos Space Store.

    The Junos Space Store page appears.

    Note

    Click Get Latest to refresh the list of applications in Junos Space store.

    The Junos Space store with all the applications are displayed as shown in Figure 1.

    Figure 1: Junos Space Store
    Junos Space Store
  3. Select Security Director.

    The details of the application such as the compatible versions, version release date, and release highlights are displayed.

    Note

    Click Show only compatible version option to display only the Security Director versions supported on the current platform version.

  4. Select a version to be installed or upgraded and click NextNote

    If the selected version is not compatible with the Junos Space Network Management Platform version, a warning message is displayed.

    The Security Director configuration options are displayed as shown in Figure 2.

    Figure 2: Security Director Components
    Security Director
Components
  5. Select the components, which you want to configure and complete the configuration according to the guidelines given in Table 1.Note

    User can configure Log Collector and Policy Enforcer if already deployed and available. The previous method of adding the Log Collector and Policy Enforcer from Security Director is also applicable.

    Note

    Junos Space store allows the component configuration while installing Security Director. Upgrade of components like Log Collector and Policy Enforcer is not handled by Junos Space Store. Therefore, refer the existing method of upgrading Log Collector and Policy Enforcer components after upgrading the Security Director application.

  6. Click Next.

    The Security Director terms and conditions and the license agreement is displayed. Review the license agreement.

  7. Click Accept and Install.

    The job status is displayed as shown in Figure 3.

    Figure 3: Job Status
    Job Status
  8. Click Go to Junos Space Store.

    The installed or upgraded version of Security Director is displayed in the Junos Space store as shown in Figure 4.

    Figure 4: Verifying the Installed or Upgraded Version
    Verifying the Installed or Upgraded Version

Table 1: Security Director Components Description

Fields

Description

Log Collector

Deployment Mode

Select one of the following:

  • Integrated—The integrated Log Collector is installed on Junos Space node (JA2500 appliance or virtual appliance).

    Integrated Log Collector on a JA2500 appliance or Junos Space virtual appliance supports only 500 eps.

    Note: For Integrated Log Collector, OpenNMS must be disabled. On the Junos Space Network Management Platform, the disk space must be greater than 500GB.

  • Standalone—Standalone log collector VM is deployed separately on a VMWare ESX Server, KVM Server, or JA2500 appliance.

    Note: The fields Node Type, Node Name, IP Address, and Username and Password are applicable only if the deployment mode is Standalone.

Node Type

Select one of the following:

  • Security Director Log Collector

  • Juniper Secure Analytics

Note: You can add only Log Receiver node in Security Director and cannot add Log Storage node.

Node Name

Enter the Node name.

IP Address

Enter the IPv4 or IPv6 address.

Username and Password

For Security Director Log Collector, provide the default credentials; username is admin and password is juniper123. Change the default password using the Log Collector CLI configureNode.sh command as shown in Figure 5.

Figure 5: Change Password
Change Password

For JSA, provide the admin credentials that is used to login to the JSA console.

Policy Enforcer

Deployment Mode

Select Standalone.

Note: For Policy Enforcer, only Standalone option is available.

IP Address

Specify the IP address of the Policy Enforcer virtual machine.

Password

Enter the password to login to the virtual machine with the root credentials.

Sky ATP Configuration Type

Select one of the following configuration types:

  • Sky ATP—Includes all threat prevention types, but does not include the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer. All enforcement is done through SRX Series Device policies.

  • Cloud Feeds Only—The prevention types available are command and control server, infections hosts, and Geo IP feeds. Policy Enforcer Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies are also available. All enforcement is done through SRX Series Device policies.

  • Sky ATP with SDSN—A full version of the product. All Policy Enforcer features and threat prevention types are available.

  • None—There are no feeds available from Sky ATP, but the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer are available. Infected hosts is the only prevention type available.

Network End Point

Polling timers affect how often the system polls to discover endpoints. The timer polls infected endpoints moving within the sites that are a part of Secure fabric. You can set this range from 2 minutes to 60 minutes. The default is 5 minutes.

PollSite End Point

Polling timers affect how often the system polls to discover endpoints. The timer polls all endpoints added to the secure fabric. You can set this range between 1 to 48 hours. The default is 24 hours.