Junos Space Security Director Overview
Security Director is a Junos Space management application designed to enable quick, consistent, and accurate creation, maintenance, and application of network security policies. Release 15.2 brings an intuitive new GUI to Security Director. The new GUI provides more isolation from the underlying Junos Space Platform (or Space), allowing security architects, analysts, and operators to focus on security.
Security Director now presents the security-focused administrator with a tabbed interface. The tabs across the top of the GUI provide workspaces in which an administrator can perform specific tasks. Table 1 shows the names of the tabs along with brief descriptions of what is accessible in that workspace.
Table 1: Tabs and What Their Workspaces Access
Tab Name | Accesses |
|---|---|
Dashboard | Graphical security widgets that can be added, removed, and rearranged on a per user basis. These widgets offer each user a customized view of network security. |
Monitor | Live threat maps, job management, and visual analysis of:
|
Devices | Device discovery and device management. |
Configure | Security-related policy management including:
|
Reports | Predefined security reports and the ability to create custom reports. |
Administration | User and role management, logging management, and infrastructure management. |
Access and Log in
If you are working in the Space Platform, you can access Security Director by selecting Security Director from the Applications drop-down list at the upper left corner of the Space GUI, as shown on the left side of Figure 1.
Figure 1: Security Director Access and Log in
After you log out of the Security Director GUI (or the login timer expires while in Security Director), the next time you log in the Security Director login screen will appear, as shown on the right side of Figure 1. Once you use the Security Director login screen, that will remain your default login location unless and until you navigate to the Space Platform URL or return to the Space Platform GUI and either log out from there or let the login timer expire.
When the Security Director application is accessed for the first time, a getting started guide will overlay the Security Director Dashboard page. The guide is designed to assist new and longtime users by providing a quick reference to where functions are located within the new GUI. The guide can be dismissed for subsequent logins and accessed later through the help button on the right side of the banner.
Using Navigational Elements
For a more personal, helpful, and customizable user experience, Juniper Networks has provided some aids within the GUI. Table 2 shows a sample of navigation, customization, and help icons.
Table 2: Navigational Elements
Element | Icon | Location |
|---|---|---|
Breadcrumbs—Trace your location in the GUI. The breadcrumbs provide a path back to one of the six starting tabs: Dashboard, Monitor, Devices, Configure, Reports, and Administration. |    | Upper left part of main screen below the Monitor tab. Not visible on the Dashboard. |
Info Tips—Hover your mouse over any available question mark icon for quick pop-up guidance. |  | Various places around the GUI. |
Show and Hide Left-Nav—Click the hamburger icon to show or hide the left-nav section. |  | Left side of tab bar, below the Juniper Networks logo. |
Show Hide Columns—In tabular displays, you can choose which columns are visible by clicking the icon and then selecting the check boxes on the menu. |  | Upper right corner of some tabular display windows such as the Reports tab and Devices tab. |
Table Search—You can click this magnifying glass icon, within large tabular views, to search for specific text within any of the visible fields in the display. |  | Upper right corner of tabular views. Next to the Show Hide Columns icon. |
Banner Overview
The dark gray bar at the top of the screen is called the Banner. It provides access to system-wide utilities such as a link back to Junos Space Platform, a global search utility, a domain switcher, a notification center, a profile management access menu, and a help button.
Figure 2: Banner
Junos Space Platform Link
Figure 3: Junos Space Platform Link
The GUI for Security Director is designed to enhance security focus. Therefore, for administration or other tasks that are not security related, you will need a way to switch back to the Space Platform GUI. In Security Director, this can be accomplished by simply clicking the Juniper Networks logo in the upper left corner of the banner.
Search Utility
Figure 4: Search Utility
Sometimes you just need to search for things. Did I already create an address object for the corporate management network? Is there a URL category for gambling? If you find yourself in need of search capabilities, the Global Search Utility will fulfill your needs. Type a term into the search field and Security Director will show you all of the places where that term is found. The results lists are clickable, so that you can go directly to the found object simply by clicking.
Domain Switcher
Figure 5: Domain Switcher
Security Director supports multitenancy in the form of domains. Domains provide a customizable separation of managed assets and their configuration elements. See Domains Overview for more information.
Notification Center
Figure 6: Notification Center
On the right side of the banner is a bell-shaped icon called the Notification Center. Clicking this icon reveals lists of the top alerts and alarms in Security Director. Clicking the View All Alarms or View All Alerts links at the bottom of the drop-down menu takes you to the detail page for the respective topic.
User Functions Menu
Figure 7: User Functions Menu
To the right of the Notification Center, there is a head-and-shoulders icon and a field showing the logged in user. Clicking your user name will allow you to access your user profile or log out of Security Director.
Help Button
Figure 8: Help Button
Access to the online Help system and the Getting Started Guide are available by clicking the right-most icon on the banner, shaped like a question mark. The help system includes access to a list of supported web browsers, user interface assistance, as well as links to technical support and full Security Director documentation.
Main Workspace Overview
The main workspace of Security Director takes up the remainder of the browser window and is divided by six horizontal tabs just below the Banner. As shown in Table 1, the six tabs are: Dashboard, Monitor, Devices, Configure, Reports, and Administration. Each workspace and its accessible functions are described later in this document.
Dashboard
The Dashboard is the main landing page for Security Director. It is the first thing you will see each time you log in. Therefore, Juniper Networks has provided a means for you to be presented with the network security information that you are most interested in. You can customize the workspace in your Dashboard by adding widgets from the carousel below the banner. The placement of, and settings within, widgets are saved so that anything from device information to firewall event information or from top blocked viruses to live threat maps can be unique for each user. Once you decide on the widgets that you want to see, you can close the carousel to regain some screen space.
Figure 9: Security Director Dashboard Tab
Monitor
The Monitor tab provides a workspace in which graphical representations of network traffic, firewall events, live threats, and network user data are available. There is also detailed data for alerts and alarms and job management information. In this workspace, you can review the detailed information needed to understand what is happening to the managed security devices and traffic in your network.
Figure 10: Security Director Monitor Tab
Devices
The Devices tab provides a workspace in which you can add and manage Security Director devices. There are several columns of information available by default. This includes live CPU and memory data, and running software version and platform information. Schema mismatches are easily visible so that you can correct them before updating a device.
 | Note: Before working with a particular device in Security Director, ensure that the proper DMI Schema is available. If there is a mismatch between the device’s software image and the schema version that Security Director is using to manage the device, unexpected behavior will result. DMI Schema management is performed in the Junos Space Platform Administration workspace. |
Figure 11: Security Director Devices Tab
Configure
The Configure tab is the workspace where all of the security configuration happens. You can configure firewall, IPS, NAT, and UTM policies, assign policies to devices, create and apply policy schedules, create and manage VPNs, and create and manage all of the shared objects needed for managing your network security.
Figure 12: Security Director Configure Tab
Reports
The Reports tab provides a workspace in which you can create and send reports to other interested parties. The reports available on the Dashboard tab are a subset of the reports available here. When run, the report engine provides both graphic and numeric data for a complete visualization of the log data. Security Director comes with a predefined set of reports, and you can add your own customized reports from scratch or by cloning any of the predefined reports.
Figure 13: Security Director Reports Tab
Administration
The Administration tab provides a workspace in which you can manage role-based access control (RBAC), review and manage audit logs, manage logging, review and update the IPS signature database, and manage your login profile. Domain RBAC allows system administrators to logically divide Security Director into sections called domains. Policies, objects, logs, and services created for devices within any one domain are available for use only within that domain. User access can also be restricted to individual domains. For more information regarding RBAC, see Domain RBAC Overview.
Figure 14: Security Director Administration Tab
Global Features
Security Director contains assistive workflow wizards that guide you through some of its security functions. These include a rule-creation wizard and an add-device-profile wizard.
The publish workflow allows security configurations to be created or changed, assigned to devices, published and then updated to those devices. Policy changes, whether to IPS, Firewall, or any other managed policy can be staged by network operations center (NOC) personnel, previewed and approved by managers, and updated to the devices individually or all at once during maintenance windows or as often as needed by using the publish workflow. Figure 9 shows a sample of a configuration preview that could be used to review the changes that Security Director would make during the next update.
Cloning allows quick duplication of everything from objects, to rules, to entire policies. When dealing with complex rules or policies, cloning to make changes can ensure that there is a consistent starting point from which to make changes.
Figure 15: Configuration Update Preview
The configuration preview is available as CLI commands or as XML.
Conclusion
Security Director is a security management application designed with speed and scale in mind. Shared objects can be created and used across many security policies and devices. Firewall policies, NAT policies, and others can be created, changed, managed, and applied to individual devices or to groups of devices.
RBAC and domain features enable the Security Director administrator to allow access to many levels of users while restricting the visibility that they have into sensitive security information. Security devices, users, shared objects, and policies in one domain remain inaccessible to users who do not have access to that domain. Thus service provider organizations can provide customer isolation, allowing them to diversify their customer base. User management can be performed locally within Security Director, or remotely using central user management systems such as RADIUS.
And finally, events received by Security Director are logged and correlated in various ways, providing graphical and numerical charts that are understandable and actionable. Reports based on this information can be run and sent directly to stakeholders within an organization. The reports can show security and user trends over time, helping decision makers to craft concise and accurate security policies.
