Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Overview of Remote Profiles in Security Director


Remote profiles are used to assign a specific set of roles to users when remote authentication and authorization are enabled in Junos Space. A remote profile is a collection of roles defining the set of functions that a user is allowed to perform.

Junos Space does not create remote profiles by default, and if you want to use remote authentication and authorization, you must create one or more remote profiles. When you create a remote profile, you must specify one or more roles and domains to associate with the remote profile. You can then configure the name of the remote profile for one or more user accounts in the remote authentication servers (RADIUS or TACACS+) that you are using for authentication and authorization. Remote profile names can be configured as a vendor-specific attribute (VSA) in RADIUS servers and as an attribute-value pair (AVP) in TACACS+ servers.

When a remote authentication server successfully authenticates a user session, the server includes the configured remote profile name for that user in the response message that is sent to Junos Space. Junos Space looks up the remote profile based on this name and determines the set of roles for the user. Junos Space then uses this information to control the set of workspaces the user can access and the tasks the user is allowed to perform.