Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Security and Confidentiality Overview

    Junos Space Service Automation provides full data security and confidentiality to customers and partners. As Service Automation is implemented on Junos Space Network Management Platform, Junos Space Service Now and Junos Space Service Insight use all security mechanisms implemented in Junos Space Platform. See Junos Space Network Management Platform Hardening for information about security mechanisms implemented in Junos Space Network Management Platform.

    Service Automation ensures security and confidentiality by meeting the following requirements:

    • Junos Space appliances use SSH and NETCONF or Device Management Interface (DMI) to collect JMBs from a device.
    • JMBs are transferred between a Junos Space Appliance and JSS or between a Service Now end customer and Service Now partner through HTTPS connections (port 443).
    • A user can access the Service Now and Service Insight GUIs only by using HTTPS (port 443).
    • Junos Space appliances initiate all communications with Juniper Support System (JSS) by using the eth0 interface. JSS never initiates a connection with Junos Space appliances.
    • The level of information in a JMB shared with JSS is configurable; for example, all IP addresses on the device can be hidden in the JMB. See Data Confidentiality in a JMB for more information.
    • Changes made in Junos Space and managed devices are recorded in the audit log database along with details such as the name of the user who initiated the modification, the time of the request, and the Junos Space Appliance that served the modification request.
    • AI-Scripts generate JMBs as XML files and store them at the var/tmp location of the device. Service Now validates the structure and schema of the JMBs before collecting them from the device.
    • A Service Now end customer validates the Service Now partner by using SSL certificates while establishing a connection; see Service Now End Customer–Partner Communication Overview for more information.