Related Documentation
- SRX Series
- Understanding Logical Systems for SRX Series Services Gateways
- Example: Configuring Interfaces, Routing Instances, and Static Routes for the Master and Interconnect Logical Systems and Logical Tunnel Interfaces for User Logical Systems
- Understanding Logical Systems Security Profiles
- Example: Configuring Logical Systems Security Profiles
- Additional Information
- Junos OS Feature Support Reference for SRX Series and J Series Devices
Understanding User Logical Systems and the User Logical System Administrator Role
Logical systems allow a master administrator to partition an SRX Series device into discrete contexts called user logical systems. User logical systems are self-contained, private contexts, separate both from one another and from the master logical system. A user logical system has its own security, networking, logical interfaces, routing configurations, and one or more user logical system administrators.
When the master administrator creates a user logical system, he assigns one or more user logical system administrators to manage it. A user logical system administrator has a view of the device that is limited to his logical system. Although a user logical system is managed by a user logical system administrator, the master administrator has a global view of the device and access to all user logical systems. If necessary, the master administrator can manage any user logical system on the device.
The role and responsibilities of a user logical system administrator differ from those of the master administrator. As a user logical system administrator, you can access, configure, and view the configuration for your user logical system resources, but not those of other user logical systems or the master logical system.
As a user logical system administrator, you can:
- Configure zones, address books, security policies, user
lists, custom services, and so forth, for your user logical system
environment, based on the resources allocated to it.
For example, if the master administrator allocates 40 zones to your user logical system, you can configure and administer those zones, but you cannot change the allocated number.
- Configure routing instances and assign allotted interfaces to them. Create static routes and add them to your routing instances. Configure routing protocols.
- Configure, enable, and monitor application firewall policy on your user logical system.
- Configure AppTrack.
- View all assigned logical interfaces and configure their attributes. The attributes that you configure for logical interfaces for your user logical system cannot be seen by other user logical system administrators.
- Run operational commands for your user logical system.
Related Documentation
- SRX Series
- Understanding Logical Systems for SRX Series Services Gateways
- Example: Configuring Interfaces, Routing Instances, and Static Routes for the Master and Interconnect Logical Systems and Logical Tunnel Interfaces for User Logical Systems
- Understanding Logical Systems Security Profiles
- Example: Configuring Logical Systems Security Profiles
- Additional Information
- Junos OS Feature Support Reference for SRX Series and J Series Devices
