Software Installation and Upgrade
-
—Starting in Junos OS Release 22.2R1S2, you can use RFC-8572-based SZTP to bootstrap your remotely located network devices that are in a factory-default state. SZTP enables mutual authentication between the bootstrap server and the network device before the remote network device is accessed for initiating zero touch provisioning.
To enable mutual authentication, you need a unique digital voucher, which is generated based on the DevID (Digital Device ID or Cryptographic Digital Identity) of the network device. The DevID is embedded inside the Trusted Platform Module (TPM) 2.0 chip on the network device. Juniper Networks issues a digital voucher to customers for each eligible network device.
[See Secure ZTP Quick Start Guide, Secure Zero Touch Provisioning (SZTP) and Generate Voucher Certificate.]