Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Install and Upgrade Security Director from the Junos Space Store

The Junos Space store displays a list of applications, which can be installed on the Junos Space Network Management Platform. This topic describes the Security Director installation and upgrade procedure using the Junos Space store.

Before You Begin

  • Configure Junos Space Store in Junos Space Network Management Platform. For details on configuring and modifying the Junos Space settings, see Configuring and Managing Junos Space Store.

  • Ensure the HDD size (>500GB) of Junos Space Platform before configuring integrated Log Collector. OpenNMS should be in the disabled state.

For configuring Log Collector component in Junos Space store:

  • For integrated deployment of Log Collector, install the Integrated Log Collector on a Junos Space virtual appliance.

  • Deploy and configure JSA for using JSA as Log Collector. See, JSA Log Collector Overview.

For configuring Policy Enforcer component in Junos Space Store:

  • Deploy and configure Policy Enforcer. See, Security Director Insights Installation and Upgrade Guide.

To install and upgrade Security Director from the Junos Space Store:

  1. Log in to Junos Space Network Management Platform.
  2. Select Administration > Applications > Junos Space Store.

    The Junos Space Store page appears.

    Note:

    Click Get Latest to refresh the list of applications in Junos Space store.

    The Junos Space store with all the applications are displayed as shown in Figure 1.

    Figure 1: Junos Space StoreJunos Space Store
  3. Select Security Director.

    The details of the application such as the compatible versions, version release date, and release highlights are displayed.

    Note:

    Click Show only compatible version option to display only the Security Director versions supported on the current platform version.

  4. Select a version to be installed or upgraded and click Next.
    Note:

    If the selected version is not compatible with the Junos Space Network Management Platform version, a warning message is displayed.

  5. Select the components, which you want to configure and complete the configuration according to the guidelines given in Table 1.
    Note:

    Junos Space store allows the component configuration while installing Security Director. Upgrade of components is not handled by Junos Space Store.

  6. Click Next.

    The Security Director terms and conditions and the license agreement are displayed. Review the license agreement.

  7. Click Accept and Install.

    The job status is displayed as shown in Figure 2.

    Figure 2: Job StatusJob Status
  8. Click Go to Junos Space Store.

    The installed or upgraded version of Security Director is displayed in the Junos Space store as shown in Figure 3.

    Figure 3: Verifying the Installed or Upgraded VersionVerifying the Installed or Upgraded Version
Table 1: Security Director Components Description

Fields

Description

Log Collector

Deployment Mode

  • Integrated—The integrated Log Collector is installed on Junos Space node (virtual appliance).

    Integrated Log Collector on a Junos Space virtual appliance supports only 500 eps.

    Note:

    For Integrated Log Collector, OpenNMS must be disabled. On the Junos Space Network Management Platform, the disk space must be greater than 500GB.

Node Type

Select one of the following:

  • Security Director Log Collector

  • Juniper Secure Analytics

Node Name

Enter the Node name.

IP Address

Enter the IPv4 or IPv6 address.

Username and Password

For Security Director Log Collector, provide the default credentials; username is admin and password is juniper123. Change the default password using the Log Collector CLI configureNode.sh command.

For JSA, provide the admin credentials that is used to login to the JSA console.

Policy Enforcer

Deployment Mode

Select Standalone.

Note:

For Policy Enforcer, only Standalone option is available.

IP Address

Specify the IP address of the Policy Enforcer virtual machine.

Password

Enter the password to login to the virtual machine with the root credentials.

ATP Cloud Configuration Type

Select one of the following configuration types:

  • ATP Cloud—Includes all threat prevention types, but does not include the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer. All enforcement is done through SRX Series Firewall policies.

  • Cloud Feeds Only—The prevention types available are command and control server, infections hosts, and Geo IP feeds. Policy Enforcer Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies are also available. All enforcement is done through SRX Series Firewall policies.

  • ATP Cloud with Juniper Connected Security —A full version of the product. All Policy Enforcer features and threat prevention types are available.

  • None—There are no feeds available from ATP Cloud, but the benefits of Secure Fabric, Policy Enforcement Groups, and Threat Prevention policies provided by Policy Enforcer are available. Infected hosts is the only prevention type available.

Network End Point

Polling timers affect how often the system polls to discover endpoints. The timer polls infected endpoints moving within the sites that are a part of Secure fabric. You can set this range from 2 minutes to 60 minutes. The default is 5 minutes.

PollSite End Point

Polling timers affect how often the system polls to discover endpoints. The timer polls all endpoints added to the secure fabric. You can set this range between 1 to 48 hours. The default is 24 hours.