Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

ON THIS PAGE
 

Step 2: Up and Running

In this section, you’ll learn how to add devices to the Juniper Security Director Cloud portal and subscribe them to your subscriptions.

Adding Devices

There are multiple ways to add devices to the Security Director cloud portal. Choose the method that's right for you:

  • Add Devices Using Commands. Juniper Security Director Cloud generates commands for adding a device or device cluster. You can copy the commands and paste them into the device console. When you commit the commands to the device, Juniper Security Director Cloud discovers and adds the device or device cluster to the cloud. See Add Devices Using Commands for details.

  • Add Devices With Zero Touch Provisioning. With zero-touch provisioning (ZTP) you can configure and provision devices automatically. You can use ZTP to add devices for Junos OS Release 18.4R1 on SRX300, SRX320, SRX340, SRX345, SRX550 HM, SRX1500 SRX Series devices and for Junos OS Release 20.1R1 on SRX380 devices. See Add Devices Using Zero Touch Provisioning in the Juniper Security Director Cloud User Guide for details.

  • Add Devices Using J-Web. This feature is supported from J-Web Release 21.3R1 and later. See Add an SRX Series Device to Juniper Security Director Cloud in the J-Web User Guide for SRX Series Devices for details.

  • Add Devices from Security Director. This feature is supported from Security Director Release 21.3R1 and later. See Add Devices to Security Director Cloud in the Security Director User Guide for details.

Note:

Ensure that your network firewall is configured in the following manner:

  • Allows access to the srx.sdcloud.juniperclouds.net FQDN.

  • Port TCP/443 (HTTPS) is opened for Juniper Security Director Cloud portal and Redirect server.

  • Port TCP/7804 (NETCONF) is opened for SRX Series device outbound access to Juniper Security Director Cloud portal.

  • Port TCP/6514 (TLS Syslog) is opened for monitoring and sending security logs to Juniper Security Director Cloud.

  • Port TCP/53 (DNS) - (IP: 8.8.8.8) is opened to allow to google DNS server.

  • Port UDP/53 (DNS) - (IP: 8.8.4.4) is opened to allow to google DNS server.

  • Port 2050 is opened to use PACAP monitoring in Juniper Security Director Cloud.

Add Devices Using Commands

Juniper Security Director Cloud generates commands for adding a device or device cluster. You can copy the commands and paste them into the device console. When you commit the commands to the device, Juniper Security Director Cloud discovers and adds the device or device cluster to the cloud.

  1. In the Security Cloud Director portal, select SRX > Device Management > Devices to open the Devices page.
  2. Click Add Devices to open the Add Devices page.
  3. Click Adopt SRX Devices.
  4. Juniper Security Director Cloud allows you to add individual devices or device clusters.

    • Select SRX Devices if you want to add individual devices.

    • Select SRX Clusters if you want to add device clusters.

  5. Enter the number of devices or device clusters that you want to add to Juniper Security Director Cloud in the Number of SRX devices to be adopted field and click OK. You can add a maximum of 50 devices or device clusters at one time.

    A message displays confirming that the new device or device cluster is added. The Devices page opens showing the device or device cluster you just added.

    Note:

    At this point, Juniper Security Director Cloud has not yet completely added the device or device cluster. Therefore, the Connection Status displays as Discovery Not Initiated.

  6. On the Devices page, in the Connection Status column for the new device, click the Adopt Device link. If you are adding a device cluster, click the Adopt Cluster link.

    The Adopt Devices page opens with the commands you need to commit to the device.

  7. Copy the commands and paste them to your device console edit prompt and press Enter to run the commands. If you want to add a device cluster, paste these commands to the CLI of the primary device of the cluster.
  8. Type Commit and press Enter to commit the changes to the device.

    When you commit the commands to the device, Juniper Security Director Cloud begins to discover the devices. Refresh the Devices page to view the device discovery progress in the Connection Status column.

    You can view the status of this process, by going to the Administration > Jobs page.

Once Juniper Security Director Cloud discovers and adds a device or device cluster, the Connection Status changes to Up. If the process fails, the Connection Status changes to Discovery failed. Hover your mouse over the Discovery failed message to see the reason for failure.

Now that you’ve added your device(s) to Juniper Security Director Cloud, you’re ready to subscribe your device(s) to your Security Director Cloud subscription (or multiple subscriptions).

Associate Devices with Your Juniper Security Director Cloud Subscription

You’ll need to associate each device with your Juniper Security Director Cloud subscription (or multiple subscriptions). Here’s how:

  1. Log in to Juniper Security Director Cloud.
  2. Select SRX >Device Management >Devices to open the Devices page.

    For devices that don’t have subscriptions, the Subscriptions column displays No subscription.

  3. Select the device(s) and click Manage Subscriptions. The Manage Subscriptions page opens.
  4. Choose the subscription for the devices.
    Note:

    • If you’re using a trial subscription, then select Trial from the list.

    • After associating a device subscription with a device, you can’t remove or transfer the device subscription to another device.

  5. Click OK.

    The device is associated with the subscription. You can see the details of the subscription on the Devices page.