Securing the Juniper Networks Database (SRC CLI)
You can secure connections to a Juniper Networks database by:
Allowing only Secure Lightweight Directory Access Protocol (LDAPS) connections from remote systems. In this case, both database replication and remote SRC components connect through LDAPS. Restricting all remote connections to LDAPS is supported only on C Series Controllers.
Allowing only LDAPS connections for database replication, but LDAP or LDAPS connections for other applications. In this case, remote SRC components can connect through LDAP or LDAPS.
Use the following configuration statements to secure connections to the Juniper Networks database on a C Series Controller:
The strict statement is supported only on C Series Controllers.
To secure the Juniper Networks database, perform one of the following tasks:
(Optional) From configuration mode, access the configuration statement that configures the Juniper Networks database to secure connections to other Juniper Networks databases for data replication:
user@host# edit system ldap server security enable(Optional) From configuration mode, access the configuration statement that configures the Juniper Networks database to accept connections only through LDAPS:
user@host# edit system ldap server security strict