Before You Begin
Before You Begin
-
Ensure that each SRX Series Firewall port can communicate with a Juniper Security Director Cloud FQDN. The FQDN of each region is different.
Table 1: Region to FQDN Mapping Region Purpose Port FQDN for IPv4/IPv6 North Virginia, US
ZTP
443
IPv4: srx.sdcloud.juniperclouds.net
IPv6: srx-v6.sdcloud.juniperclouds.net
Outbound SSH
7804
IPv4: srx.sdcloud.juniperclouds.net
IPv6: srx-v6.sdcloud.juniperclouds.net
Syslog TLS
6514
IPv4: srx.sdcloud.juniperclouds.net
IPv6: srx-v6.sdcloud.juniperclouds.net
Ohio, US
ZTP
443
IPv4: srx.jsec2-ohio.juniperclouds.net
IPv6: srx-v6.jsec2-ohio.juniperclouds.net
Outbound SSH
7804
IPv4: srx.jsec2-ohio.juniperclouds.net
IPv6: srx-v6.jsec2-ohio.juniperclouds.net
Syslog TLS
6514
IPv4: srx.jsec2-ohio.juniperclouds.net
IPv6: srx-v6.jsec2-ohio.juniperclouds.net
Montreal, Canada
ZTP
443
IPv4: srx.jsec-montreal2.juniperclouds.net
IPv6: srx-v6.jsec-montreal2.juniperclouds.net
Outbound SSH
7804
IPv4: srx.jsec-montreal2.juniperclouds.net
IPv6: srx-v6.jsec-montreal2.juniperclouds.net
Syslog TLS
6514
IPv4: srx.jsec-montreal2.juniperclouds.net
IPv6: srx-v6.jsec-montreal2.juniperclouds.net
Frankfurt, Germany
ZTP
443
IPv4: srx.jsec-frankfurt.juniperclouds.net
IPv6: srx-v6.jsec-frankfurt.juniperclouds.net
Outbound SSH
7804
IPv4: srx.jsec-frankfurt.juniperclouds.net
IPv6: srx-v6.jsec-frankfurt.juniperclouds.net
Syslog TLS
6514
IPv4: srx.jsec-frankfurt.juniperclouds.net
IPv6: srx-v6.jsec-frankfurt.juniperclouds.net
-
Use TCP port 53 and UDP port 53 to connect to Google DNS servers (IP addresses—8.8.8.8 and 8.8.4.4). The Google DNS servers are specified as the default servers in the factory settings of the SRX Series Firewalls. You must use these default DNS servers when you use ZTP to onboard the firewalls. You can use private DNS servers when you use other methods to onboard the firewalls. Note that you must make sure that the private DNS servers can resolve the Juniper Security Director Cloud FQDNs.
-
If you use a custom routing instance to connect to Juniper Security Director Cloud, run the following CLI commands to download and install the IDP security package from Juniper Security Director Cloud to a device:
Standalone Devices Device Clusters MNHA Pair Devices set security idp security-package routing-instance <custom routing-instance>-
set groups node0 security idp security-package routing-instance <custom routing-instance> -
set groups node1 security idp security-package routing-instance <custom routing-instance>
For each device in an MNHA pair:
set security idp security-package routing-instance <custom routing-instance> -
Supported Junos OS Releases
Juniper Security Director Cloud supports Junos OS release 20.2 and later.
Juniper Security Director Cloud Supported Firewalls
You can manage the firewalls listed on this page through Juniper Security Director Cloud. To onboard SRX Series Firewalls to Juniper Security Director Cloud, see Quick Start Guide.
Cloud-ready SRX Series Firewalls have a QR or claim code on the chassis for quick onboarding to Juniper Security Director Cloud. You can also onboard SRX Series Firewalls to Juniper Security Director Cloud using Zero Touch Provisioning (ZTP), which reduces the manual intervention for adding devices to a network.
For JTAC suggested releases, and detailed firmware notes, see Junos Software Versions – Suggested Releases to Consider and Evaluate.
Additional Resources
|
If you want to |
See |
|---|---|
|
Know about the subscriptions available for Juniper Security Director Cloud |
|
|
Find the list of supported transceivers, line cards, and interface modules for Juniper Networks products |
|
|
Know the End of Life dates for the Juniper Security Director Cloud supported devices |
|
|
Know the frequently asked questions about Juniper Security Director Cloud |
Supported Browsers
Juniper Security Director Cloud is best viewed on the following browsers:
-
Google Chrome version 88 and later
-
Mozilla Firefox version 83 and later
-
Safari version 14 and later