Help Center User GuideGetting StartedFAQRelease Notes
 
X
User Guide
Getting Started
FAQ
Release Notes
Contents  

Table of Contents

About the Documentation
Documentation and Release Notes
Documentation Conventions
Documentation Feedback
Requesting Technical Support
Junos Space Security Director
Overview
Junos Space Security Director Overview
Juniper Networks Software-Defined Secure Network Overview
Dashboard
Overview
Dashboard Overview
Monitor
Events and Logs-All Events
Events and Logs Overview
Creating Alerts
Creating Reports
Creating Filters
Grouping Events
Using Events and Logs Settings
Selecting Events and Logs Table Columns
Viewing Threats
Viewing Data for Selected Devices
Using the Detailed Log View
Using the Raw Log View
Showing Exact Match
Using Filter on Cell Data
Using Exclude Cell Data
Showing Firewall Policy
Showing Source NAT Policy
Showing Destination NAT Policy
Downloading Packets Captured
Showing Attack Details
Using Filters
Events and Logs-Firewall
Firewall Events and Logs Overview
Events and Logs-Web Filtering
Web Filtering Events and Log Overview
Events and Logs-VPN
VPN Events and Logs Overview
Events and Logs-Content Filtering
Content Filtering Events and Logs Overview
Events and Logs-Antispam
Antispam Events and Logs Overview
Events and Logs-Antivirus
Antivirus Events and Logs Overview
Events and Logs-IPS
IPS Events and Logs Overview
Events and Logs-Screen
Screen Events and Logs Overview
Events and Logs-Sky ATP
Sky ATP Events and Logs Overview
Events and Logs-Apptrack
Apptrack Events and Logs Overview
Threat Prevention-Hosts
Infected Hosts Overview
Infected Host Details
Threat Prevention-C&C Servers
Command and Control Servers Overview
Command and Control Server Details
Threat Prevention-HTTP File Download
HTTP File Download Overview
HTTP File Download Details
Threat Prevention-Email Quarantine and Scanning
SMTP Quarantine Overview
Email Attachments Scanning Overview
Email Attachments Scanning Details
Threat Prevention-IMAP Block
IMAP Block Overview
Threat Prevention-Manual Upload
File Scanning Limits
Threat Prevention-Feed Status
Device Feed Status Details
Threat Prevention-All Hosts Status
All Hosts Status Details
Threat Prevention-DDoS Feeds Status
DDoS Feeds Status Details
Applications
Application Visibility Overview
Blocking Applications and Users
Users
User Visibility Overview
Blocking Users and Applications
Source IP
Source IP Visibility Overview
Blocking Source IP Addresses
Live Threat Map
Threat Map Overview
Blocking Threat Events
Alerts and Alarms - Overview
Alerts and Alarms Overview
Alerts and Alarms-Alerts
Deleting an Alert
Searching Alerts
Using Generated Alerts
Alerts and Alarms-Alert Definitions
Creating Alert Definitions
Editing Alert Definitions
Cloning Alert Definition
Deleting Alert Definitions
Searching Alert Definitions
Alert Definitions Main Page Fields
Alerts and Alarms-Alarms
Using Device Alarms
Device Alarms Main Page Fields
VPN
IPsec VPN Monitoring Overview
About the Overview Page
Managing Monitored and Unmonitored VPNs
About the Monitored Tunnels Page
About the Devices Page
Job Management
Using Job Management in Security Director
Overview of Jobs in Security Director
Archiving and Purging Jobs in Security Director
Viewing the Details of a Job in Security Director
Canceling Jobs in Security Director
Reassigning Jobs in Security Director
Rescheduling and Modifying the Recurrence of Jobs in Security Director
Retrying a Failed Job on Devices in Security Director
Exporting the Details of a Job in Security Director
Job Management Main Page Fields
Audit Logs
Using Audit Logs in Security Director
Understanding Audit Logs in Security Director
Purging or Archiving and Purging Audit Logs in Security Director
Exporting Audit Logs in Security Director
Viewing the Details of an Audit Log in Security Director
Audit Logs Main Page Fields
Packet Capture
Packet Capture Overview
About the Packets Captured Page
Setting the Purge Policy
NSX Inventory-Security Groups
About the Security Groups Page
Viewing Members of a Security Group
vCenter Server Inventory-Virtual Machines
About the Virtual Machines Page
Viewing Network Details of a Virtual Machine
Viewing Security Groups of a Virtual Machine
Devices
Security Devices
Using Features in Security Devices
Security Devices Overview
Updating Security-Specific Configurations or Services on Devices
Resynchronizing Managed Devices with the Network in Security Director
Performing Commit Check
Logical Systems (LSYS) Overview
Creating a Logical System (LSYS)
Creating a Security Profile
Editing a Security Profile
Modifying a Logical System (LSYS)
Uploading Authentication Keys to Devices in Security Director
Modifying the Configuration of Security Devices
Modifying the Basic Configuration for Security Devices
Modifying the Static Routes Configuration for Security Devices
Modifying the Routing Instances Configuration for Security Devices
Modifying the Physical Interfaces Configuration for Security Devices
Modifying the Syslog Configuration for Security Devices
Modifying the Security Logging Configuration for Security Devices
Modifying the Screens Configuration for Security Devices
Modifying the Zones Configuration for Security Devices
Modifying the IPS Configuration for Security Devices
Configuring Aruba ClearPass for Security Devices
Configuring APBR Tunables for Security Devices
Modifying the Express Path Configuration for Security Devices
Modifying the Device Information Source Configuration for Security Devices
Viewing the Active Configuration of a Device in Security Director
Deleting Devices in Security Director
Rebooting Devices in Security Director
Resolving Key Conflicts in Security Director
Launching a Web User Interface of a Device in Security Director
Connecting to a Device by Using SSH in Security Director
Importing Security Policies to Security Director
Importing Device Changes
Viewing Device Changes
Viewing and Exporting Device Inventory Details in Security Director
Previewing Device Configurations
Refreshing Device Certificates
Assigning Security Devices to Domains
Acknowledging Device SSH Fingerprints in Security Director
Viewing Security Device Details
Security Devices Main Page Fields
Device Discovery
Overview of Device Discovery in Security Director
Creating Device Discovery Profiles in Security Director
Editing, Cloning, and Deleting Device Discovery Profiles in Security Director
Running a Device Discovery Profile in Security Director
Viewing the Device Discovery Profile Details in Security Director
Device Discovery Main Page Fields
Secure Fabric
Creating Secure Fabric and Sites
Secure Fabric Overview
Adding Enforcement Points
Editing or Deleting a Secure Fabric
NSX Managers
Understanding Juniper SDSN for VMware NSX Integration
Before You Deploy vSRX in VMware NSX Environment
Juniper SDSN for VMware NSX Licensing
About the NSX Managers Page
Downloading the SSH Key File
Adding the NSX Manager
Registering Security Services
Editing NSX Managers
Viewing Service Definitions
Deleting the NSX Manager
Deploying the vSRX as an Advanced Security Service in a VMware NSX Environment
vCenter Servers
About the vCenter Servers Page
Configure
Firewall Policy-Standard Policies
Firewall Policies Overview
Policy Ordering Overview
Creating Firewall Policies
Firewall Policies Best Practices
Creating Firewall Policy Rules
Rule Base Overview
Firewall Policy Locking Modes
Rule Operations on Filtered Rules Overview
Creating and Managing Policy Versions
Assigning Devices to Policies
Comparing Policies
Exporting Policies
Creating Custom Columns
Promoting to Group Policy
Converting Standard Policy to Unified Policy
Importing Policies
Deleting and Replacing Policies and Objects
Unassigning Devices from Policies
Editing and Cloning Policies and Objects
Publishing Policies
Showing Duplicate Policies and Objects
Showing and Deleting Unused Policies and Objects
Updating Policies on Devices
Firewall Policies Main Page Fields
Firewall Policy Rules Main Page Fields
Firewall Policy-Unified Policies
About the Unified Policies Page
Unified Policy Overview
Creating Unified Firewall Policies
Creating Unified Firewall Policy Rules
Configuring a Default SSL Proxy Profile
Firewall Policy-Devices
Devices with Firewall Policies Main Page Fields
Firewall Policy-Schedules
Schedules Overview
Creating Schedules
Schedules Main Page Fields
Firewall Policy-Profiles
Understanding Firewall Policy Profiles
Understanding Captive Portal Support for Unauthenticated Browser Users
Creating Firewall Policy Profiles
Editing and Cloning Policies and Objects
Deleting and Replacing Policies and Objects
Assigning Policies and Profiles to Domains
Viewing Policy and Shared Object Details
Firewall Policy Profiles Main Page Fields
Firewall Policy-Templates
Understanding Firewall Policy Templates
Creating Firewall Policy Templates
Editing and Cloning Policies and Objects
Deleting and Replacing Policies and Objects
Firewall Policy Templates Main Page Fields
Environment
Environment Variables and Conditions Overview
About the Environment Page
Creating a New Environment Variable
Editing and Deleting Environment Variables
Creating a New Environment Condition
Editing and Deleting Environment Conditions
Application Firewall Policy-Policies
Understanding Application Firewall Policies
Creating Application Firewall Policies
Deleting and Replacing Policies and Objects
Editing and Cloning Policies and Objects
Showing and Deleting Unused Policies and Objects
Finding Usages for Policies and Objects
Application Firewall Policies Main Page Fields
Application Firewall Policy-Signatures
Understanding Custom Application Signatures
Creating Application Signatures
Editing, Cloning, and Deleting Custom Application Signatures
Creating Application Signature Groups
Application Signatures Main Page Fields
Application Firewall Policy-Redirect Profiles
About the Redirect Profiles Page
Adding a Redirect Profile
Cloning, Editing, and Deleting Redirect Profiles
SSL Profiles
SSL Forward Proxy Overview
Creating SSL Forward Proxy Profiles
SSL Forward Proxy Profile Main Page Fields
Creating SSL Reverse Proxy Profiles
User Firewall Management-Active Directory
About the Active Directory Profile Page
Creating Active Directory Profiles
Deploying the Active Directory Profile to SRX Series Devices
Editing and Deleting Active Directory Profiles
User Firewall Management-Access Profile
LDAP Functionality in Integrated User Firewall Overview
About the Access Profile Page
Creating Access Profiles
Deploying the Access Profile to SRX Series Devices
Editing and Deleting Access Profiles
User Firewall Management-Identity Management
Juniper Identity Management Service Overview
About the Identity Management Profile Page
Creating Identity Management Profiles
Editing, Cloning, and Deleting Identity Management Profiles
Updating the Identity Management Profile to SRX Series Devices
User Firewall Management-End User Profile
End User Profile Overview
About the End User Profile Page
Creating an End User Profile
Editing and Deleting End User Profile
End User Profile Operations
IPS Policy-Policies
Understanding IPS Policies
Creating IPS Policies
Creating IPS Policy Rules
Publishing Policies
Updating Policies on Devices
Assigning Devices to Policies
Creating and Managing Policy Versions
Creating Rule Name Template
Exporting Policies
Unassigning Devices to Policies
Editing and Cloning Policies and Objects
Deleting and Replacing Policies and Objects
Assigning Policies and Profiles to Domains
Viewing Policy and Shared Object Details
IPS Policies Main Page Fields
IPS Policy-Devices
Understanding IPS Policies
Devices with IPS Policies Main Page Fields
IPS Policy-Signatures
Understanding IPS Signatures
Creating IPS Signatures
Creating IPS Signature Static Groups
Creating IPS Signature Dynamic Groups
Editing and Cloning Policies and Objects
Deleting and Replacing Policies and Objects
Viewing Policy and Shared Object Details
IPS Policy Signatures Main Page Fields
IPS Policy-Templates
Understanding IPS Policy Templates
Creating IPS Policy Templates
Editing and Cloning Policies and Objects
Deleting and Replacing Policies and Objects
IPS Policy Templates Main Page Fields
NAT Policy-Policies
NAT Overview
NAT Global Address Book Overview
Creating NAT Policies
Publishing Policies
NAT Policy Rules Main Page Field
Creating NAT Rules
Updating Policies on Devices
Editing and Cloning Policies and Objects
Deleting and Replacing Policies and Objects
Viewing Policy and Shared Object Details
Assigning Policies and Profiles to Domains
Comparing Policies
Creating and Managing Policy Versions
Assigning Devices to Policies
Unassigning Devices to Policies
Creating Rule Name Template
Configuring NAT Rule Sets
Auto Grouping
NAT Policies Main Page Fields
NAT Policy-Devices
Devices with NAT Policies Main Page Fields
NAT Policy-Pools
Creating NAT Pools
Editing and Cloning Policies and Objects
Deleting and Replacing Policies and Objects
Showing and Deleting Unused Policies and Objects
Showing Duplicate Policies and Objects
Viewing Policy and Shared Object Details
Assigning Policies and Profiles to Domains
NAT Pools Main Page Fields
NAT Policy-Port Sets
Creating Port Sets
Deleting and Replacing Policies and Objects
Editing and Cloning Policies and Objects
Showing and Deleting Unused Policies and Objects
Showing Duplicate Policies and Objects
Viewing Policy and Shared Object Details
Assigning Policies and Profiles to Domains
Port Sets Main Page Fields
UTM Policy-Policies
UTM Overview
Creating UTM Policies
Comparing Policies
Deleting and Replacing Policies and Objects
Viewing Policy and Shared Object Details
Assigning Policies and Profiles to Domains
Showing Duplicate Policies and Objects
Editing and Cloning Policies and Objects
Showing and Deleting Unused Policies and Objects
UTM Policies Main Page Fields
UTM Policy-Web Filtering Profiles
Creating Web Filtering Profiles
Selecting a Web Filtering Solution
Web Filtering Profile Main Page Fields
UTM Policy-Category Update
About the Category Update Page
Configuring the Download URL Settings
Downloading and Installing URL Categories
Uploading and Installing URL Categories
Installing URL Categories on SRX Series Devices
UTM Policy-Antivirus Profiles
Creating Antivirus Profiles
Antivirus Profile Main Page Fields
UTM Policy-Antispam Profiles
Creating Antispam Profiles
Antispam Profile Main Page Fields
UTM Policy-Content Filtering Profiles
Creating Content Filtering Profiles
Content Filtering Profile Main Page Fields
UTM Policy-Global Device Profiles
Creating Device Profiles
Device Profiles Main Page Fields
UTM Policy-URL Patterns
Creating URL Patterns
UTM Policy-Custom URL Categories
Creating Custom URL Category Lists
Application Routing Policies
Understanding Application-Based Routing
About the Application Routing Policies Page
Configuring Advanced Policy-Based Routing Policy
About the Rules Page (Advanced Policy-Based Routing)
Creating Advanced Policy-Based Routing Rules
About the App Based Routing Page
Editing and Cloning Policies and Objects
Assigning Devices to Policies
Customizing Profile Names
Publishing Policies
Updating Policies on Devices
Threat Prevention - Policies
Creating Threat Prevention Policies
Threat Prevention Policy Overview
Threat Policy Analysis Overview
Implementing Threat Policy on VMWare NSX
Threat Prevention - Feed Sources
About the Feed Sources Page
Sky ATP Realm Overview
Sky ATP Malware Management Overview
Sky ATP Email Management Overview
File Inspection Profiles Overview
Sky ATP Email Management: SMTP Settings
Configure IMAP Settings
Creating Sky ATP Realms and Enrolling Devices or Associating Sites
Modifying Sky ATP Realm
Creating File Inspection Profiles
Creating Allowlist for Sky ATP Email and Malware Management
Creating Blocklists for Sky ATP Email and Malware Management
Custom Feed Sources Overview
Creating Custom Feeds
Example: Creating a Dynamic Address Custom Feed and Firewall Policy
Configuring Settings for Custom Feeds
IPsec VPN-VPNs
IPsec VPN Overview
Creating IPsec VPNs
Understanding IPsec VPN Modes
Comparison of Policy-Based VPNs and Route-Based VPNs
Understanding IPsec VPN Routing
Understanding IKE Authentication
Publishing IPsec VPNs
Updating IPSec VPN
Modifying VPN Settings
Viewing Tunnels
Importing IPsec VPNs
Deleting IPSec VPN
IPsec VPN Main Page Fields
IPsec VPN-Extranet Devices
Creating Extranet Devices
Extranet Devices Main Page Fields
IPsec VPN-Profiles
VPN Profiles Overview
Creating VPN Profiles
Editing and Cloning Policies and Objects
Assigning Policies and Profiles to Domains
VPN Profiles Main Page Fields
Shared Objects-Geo IP
Creating Geo IP Policies
Geo IP Overview
Deleting and Replacing Policies and Objects
Shared Objects-Policy Enforcement Groups
Creating Policy Enforcement Groups
Policy Enforcement Groups Overview
Deleting and Replacing Policies and Objects
Shared Objects-Addresses
Addresses and Address Groups Overview
Creating Addresses and Address Groups
Importing and Exporting CSV Files
Assigning Addresses and Address Groups to Domains
Showing Duplicate Policies and Objects
Addresses Main Page Fields
Shared Objects-Services
Services and Service Groups Overview
Creating Services and Service Groups
Showing Duplicate Policies and Objects
Shared Objects-Variables
Variables Overview
Creating Variables
Editing Variables
Importing and Exporting CSV Files
Showing Duplicate Policies and Objects
Shared Objects-Zone Sets
Understanding Zone Sets
Creating Zone Sets
Editing and Cloning Policies and Objects
Deleting and Replacing Policies and Objects
Finding Usages for Policies and Objects
Showing and Deleting Unused Policies and Objects
Showing Duplicate Policies and Objects
Viewing Policy and Shared Object Details
Zone Sets Main Page Fields
Shared Objects-Metadata
Metadata-Based Policy Enforcement Overview
About the Metadata Page
Creating a Metadata
Change Management-Change Requests
Change Control Workflow Overview
Creating a Firewall or NAT Policy Change Request
About the Changes Submitted Page
Approving and Updating Changes Submitted
Creating and Updating a Firewall Policy Using Change Control Workflow
Editing, Denying, and Deleting Change Requests
About the Changes Not Submitted Page
Discarding Policy Changes
Viewing Submitted and Unsubmitted Policy Changes
Change Management-Change Request History
About the Change Request History Page
Overview of Policy Enforcer and Sky ATP
Juniper Networks Software-Defined Secure Network Overview
Policy Enforcer Overview
Benefits of Policy Enforcer
Sky ATP Overview
Concepts and Configuration Types to Understand Before You Begin (Policy Enforcer and Sky ATP)
Policy Enforcer Components and Dependencies
Policy Enforcer Configuration Concepts
Sky ATP Configuration Type Overview
Features By Sky ATP Configuration Type
Available UI Pages by Sky ATP Configuration Type
Comparing the SDSN and non-SDSN Configuration Steps
Installing Policy Enforcer
Policy Enforcer Installation Overview
Deploying and Configuring the Policy Enforcer with OVA files
Installing Policy Enforcer with KVM
Policy Enforcer Ports
Identifying the Policy Enforcer Virtual Machine In Security Director
Obtaining a Sky ATP License
Creating a Sky ATP Cloud Web Portal Login Account
Loading a Root CA
Upgrading Your Policy Enforcer Software
Configuring Policy Enforcer Settings and Connectors
Policy Enforcer Settings
Policy Enforcer Connector Overview
Creating a Policy Enforcer Connector for Public and Private Clouds
Creating a Policy Enforcer Connector for Third-Party Switches
Editing and Deleting a Connector
Viewing VPC or Projects Details
Integrating ForeScout CounterACT with Juniper Networks SDSN
ClearPass Configuration for Third-Party Plug-in
Cisco ISE Configuration for Third-Party Plug-in
Integrating Pulse Policy Secure with Juniper Networks SDSN
Guided Setup-Sky ATP with SDSN
Using Guided Setup for Sky ATP with SDSN
Guided Setup-Sky ATP
Using Guided Setup for Sky ATP
Guided Setup for No Sky ATP (No Selection)
Using Guided Setup for No Sky ATP (No Selection)
Manual Configuration-Sky ATP with SDSN
Configuring Sky ATP with SDSN (Without Guided Setup) Overview
Creating Sky ATP Realms and Enrolling Devices or Associating Sites
Secure Fabric Overview
Creating Secure Fabric and Sites
Editing or Deleting a Secure Fabric
Policy Enforcement Groups Overview
Creating Policy Enforcement Groups
Threat Prevention Policy Overview
Creating Threat Prevention Policies
Threat Policy Analysis Overview
Geo IP Overview
Creating Geo IP Policies
Manual Configuration-Sky ATP
Configuring Sky ATP (No SDSN and No Guided Setup) Overview
Sky ATP Realm Overview
Creating Sky ATP Realms and Enrolling Devices or Associating Sites
Threat Prevention Policy Overview
Creating Threat Prevention Policies
Configuring Cloud Feeds Only
Configuring Cloud Feeds Only
Configuring No Sky ATP (No Selection) (without Guided Setup)
Secure Fabric Overview
Creating Secure Fabric and Sites
Creating Policy Enforcement Groups
Creating Custom Feeds
Threat Prevention Policy Overview
Creating Threat Prevention Policies
Migration Instructions for Spotlight Secure Customers
Moving From Spotlight Secure to Policy Enforcer
Reports
Reports
Creating Log Report Definitions
Creating Policy Analysis Report Definitions
Creating Bandwidth Report Definitions
Reports Overview
Using Reports
Using Report Definitions
Editing Report Definitions
Deleting Report Definitions
Using Report
Report Definition Main Page Fields
Administration
My Profile
Modifying Your User Profile in Security Director
Users and Roles-Users
Overview of Users in Security Director
Creating Users in Security Director
Editing and Deleting Users in Security Director
Viewing and Terminating Active User Sessions in Security Director
Viewing the User Details in Security Director
Clearing Local Passwords for Users in Security Director
Disabling and Enabling Users in Security Director
Unlocking Users in Security Director
Users Main Page Fields
Users and Roles-Roles
Domain RBAC Overview
Creating Customized Roles in Security Director
Understanding Roles in Security Director
Editing, Cloning, and Deleting Roles in Security Director
Viewing the Details of a Role in Security Director
Importing and Exporting Roles in Security Director
Roles Main Page Fields
Users and Roles-Domains
Overview of Domains in Security Director
Creating Domains in Security Director
Editing and Deleting Domains in Security Director
Exporting Domains in Security Director
Viewing Users, Devices, and Remote Profiles Assigned to a Domain in Security Director
Assigning Devices to Domains in Security Director
Assigning and Unassigning Remote Profiles to Domains in Security Director
Assigning and Unassigning Users to Domains in Security Director
Domains Main Page Fields
Users and Roles-Remote Profiles
Creating Remote Profiles in Security Director
Overview of Remote Profiles in Security Director
Editing and Deleting Remote Profiles in Security Director
Viewing the Details of a Remote Profile in Security Director
Remote Profiles Main Page Fields
Logging Management
Logging and Reporting Overview
Logging Management-Logging Nodes
Adding Logging Nodes
Enabling Log Forwarding
Logging Nodes Main Page Fields
Logging Management-Statistics & Troubleshooting
Using the Log Statistics and Troubleshooting
Logging Management-Logging Devices
Logging Devices Main Page Fields
Creating Security Logs
Monitor Settings
About the Monitor Settings Page
Monitor Settings Overview
Signature Database
Using the Signature Database
Understanding Signature Databases
Signature Database Main Page Fields
Installing the Signature Database Configuration
Downloading the Signature Database Configuration
Uploading the Signature Database Configuration from a File System
Migrating Content from NSM to Security Director
NSM Migration
Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit