Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Managing Spotlight Secure Connectors

 

To open the Spotlight Secure Connectors page:

  • Select Security Intelligence > Spotlight Secure Connectors.

    The Spotlight Secure Connectors landing page appears, listing the existing spotlight secure connector.

  • Right-click the spotlight secure connector to manage it, or select the required options from Actions.

You can perform the following management tasks on the Spotlight Secure Connectors page:

Adding Spotlight Secure Connector Global Settings

To add spotlight secure connector global settings:

  1. Select Security Intelligence > Spotlight Secure Connectors.

    The Spotlight Secure Connectors landing page appears, listing the existing spotlight secure connectors.

  2. Click the Spotlight Secure Connector - Global Settings icon in the toolbar.

    The Spotlight Secure Connector - Global Settings page appears, as shown in Figure 1.

    Figure 1: Global Connector Settings
    Global Connector
Settings
  3. Under the Connection tab, configure the following parameters:
    • To generate a 32-character token for the Device Connector Auth Token field, click Generate.

    • To generate a 32-character token for the WebApp Secure Auth Token field, click Generate.

    You can edit the auto-generated token; however, make sure that it still contains 32 characters.

  4. Under the Syslog tab, configure the following parameters:
    • Select the Enabled check box to enable the syslog collection.

    • In the Address field, provide the address to use to collect the syslog data.

    • In the Log Verbosity drop-down list, select the required option. The available options are:

      • Error

      • Warning

      • Info

      • Debug

  5. Under the E-mail tab, configure the following parameters:
    • Select the Enabled check box to enable the E-mail functionality.

    • In the Host field, enter the hostname.

    • In the Port field, select the required port number.

    • In the Username field, enter the username.

    • In the Password field, enter the password information.

    • In the From Address field, enter the From address.

    • in the To Address field, enter the To address.

    • Select the Use TLS check box.

  6. Under the Auto-upgrade tab, you can configure the following parameters:
    • To automatically upgrade the spotlight secure connector once a week, select the Weekly Auto-upgrade check box.

    • From the Day of the Week drop-down list, select the required day to perform the automatic upgrade.

    • From the Time of the Day drop-down list, select the time.

  7. Click Save to save the spotlight secure connector settings.

Uploading Trusted Server CAs

To upload the trusted server CA certificates:

  1. Select Security Intelligence > Spotlight Secure Connectors.

    The Spotlight Secure Connectors landing page appears, listing the existing spotlight secure connectors.

  2. Click the Trusted Server CAs icon.

    The Trusted Server CAs page appears, listing the already uploaded certificates.

  3. To upload the new certificate, click the plus sign (+).

    The Upload Trusted Server CA Certificate pop-up window appears.

  4. To select the certificate file to upload, click Select file.
  5. To upload the certificate files, click Upload.

Associating Devices to Spotlight Secure Connectors

To associate a device with a spotlight secure connector:

  1. Select Security Intelligence > Spotlight Secure Connectors.

    The Spotlight Secure Connectors landing page appears, listing the existing spotlight secure connectors.

  2. Right-click the spotlight secure connector, or, from the Actions, select Associate Devices.

    The Device Association page appears.

  3. Select the required devices from the Available column, and move them to the Selected column.

    If you assign a SRX550 or SRX650 device, the following message about the memory optimization is shown, as shown in Figure 2.

    Figure 2: Confirm Device Association
    Confirm Device
Association
  4. To associate the selected devices with the spotlight secure connector, click Save.

When a device is associated with a spotlight secure connector or disassociated from a spotlight secure connector, a job is created in Security Director to push the spotlight secure connector configuration information to the device.

You can view the associated devices on the Spotlight Secure Connectors landing page. Click the Associated Devices column for the respective spotlight secure connector, and all the devices are listed, as shown in Figure 3.

Figure 3: Connector-Device List
Connector-Device
List

You can view the feed update status of the security device. Select the required device and click the Feed Update Status. A window appears showing the feed status of the device, as shown in Figure 4.

Figure 4: Security Device Feed Status
Security Device
Feed Status

You can update the feed to any listed device. Select the required Security Device, and click Update Feed option provided in the bottom of the Device List page, as shown in Figure 3.

A job window appears showing the status of the feed update. Click View under the Message column to view the update feed message.

Updating Spotlight Secure Connector Configuration

If the configuration of a spotlight secure connector is out of sync from Security Director, administrator can choose to push or update the latest configuration to a spotlight secure connector.

To update the configuration:

  1. Select Security Intelligence > Spotlight Secure Connectors.

    The Spotlight Secure Connectors landing page appears, listing the existing spotlight secure connectors.

  2. Right-click the spotlight secure connector, or, from the Actions, select Update Spotlight Secure Connector Configuration.

    A confirmation message appears confirm the update.

  3. Click Continue.

    The Job Details page appears, showing the spotlight secure connector update details.

  4. In the Message column, click View to view the spotlight secure connector configuration.

When Device connector auth-token changes, both Update connector and Update connector settings to device jobs begin. The later job updates the auth-token information alone in the device.

Deleting Spotlight Secure Connectors

To delete a spotlight secure connector:

  1. Select Security Intelligence > Spotlight Secure Connectors.

    The Spotlight Secure Connectors landing page appears, listing the existing spotlight secure connectors.

  2. Right-click the spotlight secure connector and select Delete Spotlight Secure Connector, or click the minus sign (-).
  3. You cannot directly delete a spotlight secure connector from the Security Intelligence workspace. A pop-up window appears to enable you to delete the spotlight secure connector.
  4. Go to Network Management Platform > Administration > Fabric.

    Select the required node, and click the minus sign (-).

  5. The required spotlight secure connector is deleted.

Viewing Spotlight Secure Connector Feed Status

To view the feed status of a spotlight secure connector:

  1. Select Security Intelligence > Spotlight Secure Connectors.

    The Spotlight Secure Connectors landing page appears, listing the existing spotlight secure connectors.

  2. Click the Feed Status column for the required spotlight secure connector.

    A Feed Status page appears showing the feed name, last updated time, and the last updated status, as shown in Figure 5.

    Figure 5: Spotlight Secure Connector Feed Status
    Spotlight Secure
Connector Feed Status
  3. To close the window, click Done.

Upgrading Spotlight Secure Connector Software or Package

To upgrade the new spotlight secure connector software package:

  1. Enable the auto upgrade option for the spotlight secure connector. Ensure the spotlight secure connector has connectivity to the spotlight secure connector software repository.
  2. If a spotlight secure connector does not have the latest software version and the spotlight secure connector has connectivity to the spotlight secure connector software package, administrator can upgrade the spotlight secure connector from the update link of the spotlight secure connector listing page.
  3. If Step 1 and Step 2 options are not available, administrator can upload the software image and apply to spotlight secure connectors for upgrade. In the first release, administrator must SCP the upgrade package to spotlight secure connector VMs and invoke the upgrade process by executing a a set of specific commands. You require an active internet connection because the command downloads the latest spotlight secure connector release from the Juniper Networks cloud package server.