Configuring Zone Objects for vGW Series Interoperability with SRX Series Devices

To create a new SRX Series zone object, using the vGW Security Design VM interface:

  1. Select the Settings module.
    1. In the Security Settings box on the left pane, select SRX Zones.
    2. Click the Add button on the lower right side of the screen.

      The Add SRX Zone pane appears.

    3. Specify the following information for the SRX zone in the Add SRX Zone pane:
      • Name: A short descriptive name for the SRX zone object. This name is used in VM zone labels.
      • Host: Device management IP address on the SRX Series device used to connect to the vGW Security Design VM.
      • Port: TCP port used to connect to the SRX Series device through the Junoscript interface.
      • Login and Password: Credentials used to authenticate to the SRX Series device.

        The account for the SRX zone object requires read access to the SRX Series device’s zones, interface, network, and routing configuration. Optionally, it requires write access to the Address Book for each zone to populate it with VM entries.

        If you do not want the system to enter VM objects in the SRX Series device’s address book, you do not need to provide write access.

      • VMs associated with this SRX: This parameter specifies the VMs scope. It defines VMs that are relevant to the SRX Series device.
  2. To define synchronization intervals and relevant interfaces, click Load Zones after you save the SRX zone object definition.

After the zone synchronization process has completed, a list of zones that the vGW Series retrieved is displayed. You can select the zones to import into the vGW Series as VM zone groupings.

You can configure zone synchronization to automatically poll the SRX Series device for zone updates.

To configure the vGW Series automatic zone synchronization process to control synchronization update, specify the following information:

SRX Series zones that participate in the synchronization process are automatically created in the vGW Series as VM Smart Groups. A Smart Group is created based on the following parameters:

If the zone synchronization configuration includes a VMs associated selection, the group you select is included in the Smart Group.

