Juniper SDSN for VMware NSX Licensing
VMware NSX is VMware’s network virtualization platform for the Software Defined Data Center (SDDC). You can add the vSRX Virtual Services Gateway as a partner security service in the VMware NSX environment. The vSRX security service is managed by the Junos Space Security Director and VMware NSX Manager to deliver a complete and integrated virtual security solution for your SDDC environment. The vSRX provides advanced security services (Layer 7 services), including intrusion detection and prevention (IDP), and application control and visibility services through AppSecure.
The Juniper SDSN for VMware NSX licensing includes support for Juniper’s virtual firewall (vSRX), Network Security services (AppSecure, IDP) and the Juniper SDSN and Security Management solutions (Policy Enforcer and Security Director) for VMware NSX-based private cloud advanced security.
Juniper SDSN for VMware NSX Advanced Security Licenses
The SDSN for NSX Advanced Security (ADS) licenses that are available from Juniper Networks provide entitlement for protection of one physical CPU socket, with one vSRX instance key provided for each license. Typically, a VMware ESXi server has multiple CPU sockets, and each CPU socket has multiple cores.
All Juniper SDSN for NSX ADS licenses have an associated time duration; you purchase licenses as subscription based for a 1-year, 3-year, or 5-year duration.
A Juniper SDSN for NSX ADS license cannot be purchased as a perpetual (never expire) license. Each license is only available on a subscription basis.
Each license includes support for the following:
Juniper vSRX Series Virtual Services Gateway, including:
Stateful L3-L4 firewall
Advanced Application Security (ASEC) features (such as AppID, AppFW, AppQoS, and AppTrack)
Intrusion Detection and Prevention (IDP)
Juniper Security Management solutions, including:
Junos Space Security Director
SDSN Policy Enforcer
The licenses available in the Juniper SDSN for VMware NSX ADS licensing model are based on SKUs which represent the terms of subscription and the supported features.
Table 1 describes the various license packages.
Table 1: Juniper SDSN for VMware NSX ADS Licensing Packages
License Model Number
Juniper SDSN for NSX Advanced Security with vSRX for 1 physical CPU socket - 1 Year Subscription
The 1 year subscription license includes support for Security Director, Policy Enforcer, 1 vSRX entitlement for 1 physical CPU socket protection with AppSecure and IDP feature support
Juniper SDSN for NSX Advanced Security with vSRX for 1 physical CPU socket - 3 Year Subscription
The 3 year subscription license includes support for Security Director, Policy Enforcer, 1 vSRX entitlement for 1 physical CPU socket protection with AppSecure and IDP feature support
Juniper SDSN for NSX Advanced Security with vSRX for 1 physical CPU socket - 5 Year Subscription
The 5 year subscription license includes support for Security Director, Policy Enforcer, 1 vSRX entitlement for 1 physical CPU socket protection with AppSecure and IDP feature support
The Juniper SDSN for NSX ADS license model is subscription based. A subscription license is an annual license that allows you to use the licensed software for the matching duration. Subscriptions might involve periodic downloads of content (such as for IDP threat signature files). At the end of the license period, you need to renew the license to continue using it.
Subscription licenses start when you retrieve the license key or 30 days after purchase if you have not retrieved the license key. All subscription licenses are renewable.
License Procurement and Installation
To enable a Juniper SDSN for NSX ADS license, you must purchase, install, and manage the license key that corresponds to the specific terms of each license. The presence of the appropriate software unlocking key on your virtual instance allows you to configure and use that license.
Licenses are usually ordered when the software application is purchased, and this information is bound to a customer ID. If you did not order the licenses when you purchased your software application, contact your account team or Juniper Networks Customer Care at https://www.juniper.net/in/en/contact-us/ for assistance. Licenses can be procured from the Juniper Networks License Management System (LMS).
From the Junos Space Security Director you discover the NSX Manager and perform service registration of the vSRX VM with the NSX Manager. The NSX Manager is added as a device in Security Director and its inventory is synchronized with Security Director. Discovering the NSX Manager and registering vSRX as a security service in Security Director are described in detail in Deploying the vSRX as an Advanced Security Service in a VMware NSX Environment.
As part of the service registration procedure, in the Service Manager Registration section of the Add NSX Manager page, you enter the license key (see Figure 1).