Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Step 2: Up and Running

 

Now that you've installed Security Director, you’ll perform some initial configuration to start managing the security devices on your network. In this section, you learn how to add Log Collector to Security Director so you can view the log data. Next, we’ll show you how to create device discovery profiles and how to discover the security devices on your network. After the security devices are discovered, you can configure basic network settings for them, assign addresses, and set firewall policies. You’ll then learn how to configure Juniper ATP Cloud or JATP with Policy Enforcer.

Add Log Collector to Security Director

Let’s add Log Collector to Security Director to view the log data on the Dashboard, Events and Logs, Reports, and Alerts pages.

  1. Select Administration > Logging Management > Logging Nodes.
  2. Click the + icon to open the Add Logging Node page.
  3. Choose Security Director Log Collector or Juniper Secure Analytics as the Log Collector type.
  4. Complete the Add Collector/JSA Node configuration. If you're not sure what information to provide for a field, hover over the question mark (?).Note

    For Security Director Log Collector, the username is admin and password is juniper123. You must change the default password using the Log Collector CLI command configureNode.sh.

    For JSA, provide the admin credentials that are used to log in to the JSA console.

  5. Click Next to display the certificate details.
  6. Click Finish and review the summary of configuration changes.
  7. Click OK to add the node.

When the configuration is complete, the Log Collector node appears, with an active status, on the Logging Nodes page.

Watch and learn how to add Log Collector as a special node using Security Director Log Collector or JSA Log Collector.

   

Create a Device Discovery Profile

Here's how to create a device discovery profile:

  1. Select Devices > Device Discovery to open the Device Discovery page.
  2. Click the + icon to open the Create Discovery Profile page.
  3. Complete the configuration. If you're not sure what information to provide for a field, hover over the question mark (?).
  4. Click OK.

    A new device discovery profile is created, and you are returned to the Device Discovery page.

Discover Devices

Now, let's discover devices with the device discovery profile you just created.

  1. Select Devices > Device Discovery to open the Device Discovery page.
  2. Select the device discovery profile and click Run Now to trigger the device discovery job.
  3. Click OK to return to the Device Discovery page.

Modify the Configuration of Security Devices

If you need to modify the configuration of one or more security devices, here's how:

  1. Select Devices > Security Devices to open the Security Devices page.
  2. Right-click the devices, and select Configuration > Modify Configuration. You can also select this option from the More menu.

    The Modify Configuration page appears with the Basic Setup section selected by default.

  3. Complete the configuration. If you're not sure what information to provide for a field, hover over the question mark (?).
  4. Click Save and Deploy to save the configuration changes and deploy the saved configuration to the device.

Create Addresses

Now, let's create addresses to use in firewall policies and apply them to SRX Series devices.

  1. Select Configure > Shared Objects > Addresses to open the Addresses page.
  2. Click Create to open the Create Address page.
  3. Complete the configuration. If you're not sure what information to provide for a field, hover over the question mark (?).
  4. Click OK.

    You can use the addresses in firewall policies.

Create a Firewall Policy

Here's how to create a firewall policy:

  1. Select Configure > Firewall Policy > Standard Policies to open the Standard Policies page.
  2. Click the + icon to open the Create Firewall Policy page.
  3. Complete the configuration. If you're not sure what information to provide for a field, hover over the question mark (?).
  4. Click OK.

    A new policy is created. To activate the policy, add rules in one or more rule bases. You can click the policy name to assign rules inline and then click the + icon to configure policy rules.

Assign Policies to Domains

To enable a firewall policy, you'll need to assign it to a domain. You can assign only one policy at a time to a domain. Security Director validates the domain assignment. If the assignment is not acceptable, a warning message is displayed.

  1. Select Configure > Firewall Policy > Standard Policies to open the Standard Policies page.
  2. Right-click the policy, and select Assign Standard Policies to Domains. You can also select this option from the More menu.

    The Assign Standard Policies to Domain page appears.

  3. Select the required items to assign to a domain.
  4. Select the Ignore check box to ignore the warning messages, if any.
  5. Click OK.

    Security Director assigns the policy to the selected domain. You can now use the policy.

Assign Devices to a Policy

Now that you've assigned a policy or policies to a domain, you can assign devices to the policy.

  1. Select Configure > Firewall Policy > Standard Policies to open the Standard Policies page.
  2. Right-click the policy, and select Assign Devices. You can also select this option from the More menu.

    The Assign Devices page appears.

  3. Select the device you want to add to the policy.
  4. Click OK.

    Security Director assigns the devices to the policy.

Publish and Update Policies on Devices

Now you're ready to apply your firewall policies to the security devices on your network.

  1. Select Configure > Firewall Policy > Standard Policies to open the Standard Policies page.
  2. Select one or more policies and click Update to open the Update Firewall Policy page.
  3. Select Run now or Schedule at a later time.
  4. Select the devices on which you want to publish and update policies.
  5. Click Publish and Update.

    A confirmation message appears.

  6. Click Yes to publish and update policies on the selected devices.

Configure Juniper ATP Cloud or JATP with Policy Enforcer

If you are using Policy Enforcer with Security Director, you'll need to configure Juniper ATP Cloud or Juniper Advanced Threat Prevention (JTAP). You’ll need a Juniper ATP Cloud license and a Juniper ATP Cloud account for three of the configuration types (ATP Cloud or JATP with Juniper Connected Security, ATP Cloud or JATP, and Cloud Feeds only), but not for the default mode (No Selection). If you don’t have an ATP Cloud license, contact your local sales office or Juniper Networks partner to place an order for an ATP Cloud premium or basic license.

Here's how to do the initial configuration of Juniper ATP Cloud or JATP:

  1. In the Security Director user interface, select Administration > Policy Enforcer > Settings.
  2. Enter the IP address and login credentials for the Policy Enforcer VM.
  3. Use the Guided Setup, which is the most efficient way, to complete your initial configuration of Policy Enforcer and Juniper ATP Cloud. In the Security Director user interface, navigate to Configure > Guided Setup > Threat Prevention. Click Start Setup to begin.
  4. Configure tenants, secure fabric, policy enforcement groups, ATP Cloud realms, policies, Geo IP, and click Finish.

    You’ll find more details here.