Installing and Upgrading Security Director from the Junos Space Store
The Junos Space store displays a list of applications, which can be installed on the Junos Space Network Management Platform. This topic describes the Security Director installation and upgrade procedure using the Junos Space store.
Before You Begin
Configure Junos Space Store in Junos Space Network Management Platform. For details on configuring and modifying the Junos Space settings, see Configuring and Managing Junos Space Store.
You must deploy the Log Collector and Policy Enforcer nodes before installing Security Director.
Ensure the HDD size (>500GB) of the Junos Space Platform before configuring Log Collector. OpenNMS should be in the disabled state.
For configuring Log Collector component in Junos Space store:
For distributed deployment of Security Director Log Collector, deploy Log Collector VM on a VMWare ESX server, KVM server, or a JA2500 appliance. To know more about distributed deployment, see Setting Up Security Director Log Collector.
For integrated deployment of Log Collector, install the Integrated Log Collector on a JA2500 Appliance or Junos Space virtual appliance. To know more about the integrated deployment of Log Collector, see, Setting Up Security Director Log Collector.
Deploy and configure JSA for using JSA as Log Collector. See, JSA Log Collector Overview.
For configuring Policy Enforcer component in Junos Space Store:
Deploy and configure Policy Enforcer. See, Installing Policy Enforcer in Administration Guide.
To install and upgrade Security Director from the Junos Space Store:
- Log in to Junos Space Network Management Platform.
- Select Administration > Applications > Junos Space Store.
The Junos Space Store page appears.
Click Get Latest to refresh the list of applications in Junos Space store.
The Junos Space store with all the applications are displayed as shown in Figure 1.
- Select Security Director.
The details of the application such as the compatible versions, version release date, and release highlights are displayed.
Click Show only compatible version option to display only the Security Director versions supported on the current platform version.
- Select a version to be installed or upgraded and click Next
If the selected version is not compatible with the Junos Space Network Management Platform version, a warning message is displayed.
The Security Director configuration options are displayed as shown in Figure 2.
- Select the components, which you want to configure and
complete the configuration according to the guidelines given in Table 1.
User can configure Log Collector and Policy Enforcer if already deployed and available. The previous method of adding the Log Collector and Policy Enforcer from Security Director is also applicable.
Junos Space store allows the component configuration while installing Security Director. Upgrade of components like Log Collector and Policy Enforcer is not handled by Junos Space Store. Therefore, refer the existing method of upgrading Log Collector and Policy Enforcer components after upgrading the Security Director application.
- Click Next.
The Security Director terms and conditions and the license agreement is displayed. Review the license agreement.
- Click Accept and Install.
The job status is displayed as shown in Figure 3.
- Click Go to Junos Space Store.
The installed or upgraded version of Security Director is displayed in the Junos Space store as shown in Figure 4.
Table 1: Security Director Components Description
Select one of the following:
Select one of the following:
Note: You can add only Log Receiver node in Security Director and cannot add Log Storage node.
Enter the Node name.
Enter the IPv4 or IPv6 address.
Username and Password
For Security Director Log Collector, provide the default credentials; username is admin and password is juniper123. Change the default password using the Log Collector CLI configureNode.sh command as shown in Figure 5.
For JSA, provide the admin credentials that is used to login to the JSA console.
Note: For Policy Enforcer, only Standalone option is available.
Specify the IP address of the Policy Enforcer virtual machine.
Enter the password to login to the virtual machine with the root credentials.
Sky ATP Configuration Type
Select one of the following configuration types:
Network End Point
Polling timers affect how often the system polls to discover endpoints. The timer polls infected endpoints moving within the sites that are a part of Secure fabric. You can set this range from 2 minutes to 60 minutes. The default is 5 minutes.
PollSite End Point
Polling timers affect how often the system polls to discover endpoints. The timer polls all endpoints added to the secure fabric. You can set this range between 1 to 48 hours. The default is 24 hours.