Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Devices Overview

The Devices page displays your devices that are managed by Juniper Security Director Cloud. You can view device information, such as the software release version, the platform, and various status indicators. You can also view the device inventory details, rollback to a configuration version, resynchronize or reboot a device, and upgrade a device.

To access this page, click SRX > Device Management > Devices.

Field Descriptions - Devices Page

Table 1 describes the fields on the Devices page.

Table 1: Fields on the Devices Page

Fields

Description

Host Name

Displays the name of the device, device cluster, or multinode high availability (MNHA) pair. A MNHA pair is named by combining the device names. The MNHA deployment mode is displayed beside the name. For example, MNHA - Routing Mode.

Device Group

Displays the name of the group with which the device is associated.

Inventory Status

The Inventory Status column displays the discovery and synchronization status of the device with Juniper Security Director Cloud after it is added.

The possible statuses are:

  • Unknown—If the device is either not connected to Juniper Security Director Cloud or is down.
  • In Sync—If the settings in the device and Juniper Security Director Cloud are synchronized.
  • Out of Sync—If the settings in the device were updated and not synchronized with Juniper Security Director Cloud.
  • Sync in Progress—If the device is synchronizing with Juniper Security Director Cloud after it is added, upgraded, or updated.

Device Config Status

Indicates if differences exist in configurations in a device and in the Junos Detailed Configuration tab for the device in Juniper Security Director Cloud.

Click Resolve to view the steps to accept or reject the differences and synchronize the configurations.

For more information, see Resolve Out-of-Band Changes.

Management Status

Displays the connectivity status of the device with Juniper Security Director Cloud. You can manage the device from Juniper Security Director Cloud when the Up status is displayed.

The possible statuses are:

  • Discovery Not Initiated—The device is not added completely in Juniper Security Director Cloud. To complete the process, click Adopt Device, and follow the instructions in Add Standalone Devices, Device Clusters, or MNHA Pair Devices Using Commands.

  • Discovery Failed—There was an error during the device discovery process or while adding the device to Juniper Security Director Cloud. Hover over the Discovery Failed status to view the reason. To troubleshoot the issue, see Frequently Asked Questions.

  • Up—The device is connected to Juniper Security Director Cloud.

  • Down—The device is not connected to Juniper Security Director Cloud.

Device Health Status

Displays the resources used by the device, such as CPU processing power, memory, and storage.

The health status is displayed only for devices with subscriptions. The status of the device is color-coded.

  • Green indicates a healthy device with resource usage below 50%.

  • Orange indicates warnings with resource usage reaching 50% to 80%.

  • Red indicates errors and heavy resource usage above 80%.

Subscriptions

Displays the subscriptions added to the device.

  • Trial Subscription is displayed if you have subscribed the device to a trial subscription.
  • No Subscription is displayed if you have not yet subscribed the device to any subscriptions.

OS Version

Displays the OS firmware version running on the device

Unknown status is displayed for devices that are not managed by Juniper Security Director Cloud.

Product Series

Displays the model number of the device.

For devices that are not managed by Juniper Security Director Cloud, the product details are discovered through SNMP.

If the product details cannot be discovered, Unknown status is displayed.

Field Descriptions - Device Details Pane

The following table describes the fields on the Device Details pane for standalone and cluster devices:

Table 2: Fields on the Device Details Pane for Standalone and Cluster Devices

Fields

Description

Basic Information

Host Name

Displays the name of the device.

OS Version

Displays the OS firmware version running on the device.

This field displays Unknown for devices that Juniper Security Director Cloud doesn't manage.

Family

Displays the device family of the selected device.

For devices that Juniper Security Director Cloud doesn't manage, the family is the same as the provided vendor name. The field displays Unknown if the vendor name is not available and if SNMP is not used or has failed.

Product Series

Displays the model number of the device.

For devices that Juniper Security Director Cloud doesn't manage, the platform details are discovered through SNMP. If the platform details cannot be discovered, the field displays Unknown.

Serial Number

The serial number of the device chassis.

This field displays Unknown for devices that Juniper Security Director Cloud doesn't manage.

Status Information

Management Status

Displays the connection status of the device in Juniper Security Director Cloud.

  • Up—The device is connected to Juniper Security Director Cloud.

  • Down—The device is not connected to Juniper Security Director Cloud.

  • Discovery Failed—There was an error during device discovery or adding to Juniper Security Director Cloud. You can see the reason for the failure when you hover your mouse cursor over the Discovery Failed status.

Inventory Status

Displays the current state of the device configuration.

  • Unknown—The device status is unknown to Juniper Security Director Cloud. The device is either not connected to Juniper Security Director Cloud or is down.
  • In Sync—The device is connected to Juniper Security Director Cloud.
  • Out of Sync—The device is not connected to Juniper Security Director Cloud.
  • Sync in Progress—The device is being resynchronized to Juniper Security Director Cloud after the device is added or upgraded.

The following table describes the fields on the Device Details pane for each device in an MNHA pair.

Table 3: Fields on the Device Details Pane for MNHA pair devices

Fields

Description

Status

Node status

Displays the overall status of the node or device.

Cold sync

Displays the cold synchronization process status. The process is initiated to resynchronize control-plane services when the node is active. During this process, SRG state information is exchanged between the nodes.

ICL

Displays the interchassis link (ICL) status. An ICL is a logical IP link established using IP addresses that are routable in the network.

Encrypted

Displays the ICL encryption status.

Local / Peer ID

Identifies the node in the cluster. The local ID of the second node is displayed as the peer ID of the first node. Similarly, the local ID of the first node is displayed as the peer ID of the second node.

BFD

Displays the bidirectional forwarding detection (BFD) protocol configuration such as multiplier and minimum interval. For example, if 3*200 ms is configured, 3 indicates the multiplier and 200 ms indicates the minimum interval.

ICD

Displays the status of the interchassis datapath (ICD) which is an additional link used to handle asymmetric traffic.

Path monitoring SRG0

A method that uses ICMP to verify the reachability of the IP address. The default interval for ICMP ping probes is 1 second.

SRG

SRG0

A unit that manages all control plane stateless services such as firewall, NAT, and ALG. SRG0 is active on all participating nodes and handles symmetric security flows.

Health status

Indicates the health status of the SRG.

System integrity check

Displays the node’s ability to eliminate single points of failure to ensure continuous operations over an extended period.

Local / Peer ID

Identifies the node in the cluster. The local ID of the second node is displayed as the peer ID of the first node. Similarly, the local ID of the first node is displayed as the peer ID of the second node.

At failure

Displays the link status in case of a node failure

SRG x, where x is > 0.

A unit that manages control plane stateful services. For example, IPsec VPN or virtual IPs in hybrid or default gateway mode.

Health status

Displays the health status of the node. The possible statuses are Healthy, Unhealthy, and Unknown.

Control plane status

Displays the state of the control plane services.

Current state

Displays if the device is in active or backup mode.

Failover readiness

Displays the readiness of the node in case of a failover. A failover happens when one node detects a failure (hardware/software and so on) and traffic transitions to the other node in a stateful manner.

Deployment type

Displays the deployment type of the Services Redundancy Group (SRG). The possible values are Cloud (Cloud deployment), Hybrid (Hybrid deployment), Routing (Routing deployment), and Switching (switching/default gateway deployment).

Managed services

Displays the services enabled for the services redundancy group (SRG).

Activeness priority

Displays the priority for the SRG1 in a node to take up the active role if both the nodes initialize at the same time.

Process packet on backup

Displays the packet forward engine status to forward packets on backup node for the corresponding SRG.

Preemption

Displays the preemption status of the node. If preemption is enabled for both nodes, the node with higher activeness priority always remains active after a failover.

BFD path monitoring

Note:

BFD path monitoring information is not displayed for devices running Junos OS Release 22.4R1 and 22.4R2.

Displays the bidirectional forwarding detection (BFD) protocol configurations and test status.

Signal route

Note:

Signal route information is not displayed for devices running Junos OS Release 22.4R1 and 22.4R2.

Displays the active and backup signal route configuration and status.

Activeness probe

Note:

Activeness probe information is not displayed for devices running Junos OS Release 22.4R1 and 22.4R2.

Displays the status and details of the probe configured for activeness determination.

Field Descriptions - Device Inventory Page > Overview Tab

Table 4 describes the fields on the Overview tab in the Device Inventory page.

Table 4: Fields on the Overview Tab
Field Description

Chassis

Displays the port usage and health status of the hardware devices.

System Information

Displays the following details of the devices:

  • Model name

  • Host name

  • Serial number—This field displays Unknown for devices that Juniper Security Director Cloud doesn't manage.

  • Software version—This field displays Unknown for devices that Juniper Security Director Cloud doesn't manage.

  • System time

  • System up time

  • Active users

Subscriptions

Displays the subscriptions attached to the device and the status of the subscriptions.

Rules

Displays the number of rules configured for the device along with the number of used and unused rules.

Memory

Displays the storage resources used by the device.

Security Packages

Displays the name of the installed security packages.

CPU

Displays the CPU processing power used by the device.

Licenses

Displays the number of times an item is licensed.

Chassis

Displays the port usage and health status of the hardware devices.

Field Descriptions - Device Inventory Page > Chassis Tab

Table 5 describes the fields on the Chassis tab in the Device Inventory page.

Table 5: Fields on the Chassis Tab
Field Description

Model

Displays the model of the selected module.

Serial number

Displays the serial number of the selected module.

Module

Displays the module of the device.

Type

Displays the type of the device.

Model

Displays the model of the device.

Version

Displays the version of the device software.

Part Number

Displays the part number of the device.

Serial Number

Displays the serial number of the device.

Physical Interfaces

Displays standard information about physical interfaces connected to the device in the type-/fpc/pic/port format where type indicates the media type that identifies the network device. For example, ge-0/0/6.

Click View to go to the Interfaces tab.

Description

Displays an optional description for this interface configured on the device.

The description can be a text string that contains up to 512 characters. Longer strings are truncated to 512 characters. If there is no information, the column is empty.

Field Descriptions - Device Inventory Page > Interfaces Tab

Table 6 describes the fields in the Interfaces tab.

Table 6: Fields on the Interfaces Tab
Field Description

Interface Name

Displays the interface that is used to connect to Juniper Security Director Cloud.

IPv4 Address

Displays the IPv4 address assigned to the logical interface.

If you do not add a logical interface to a physical interface, this column will be blank.

IPv6 Address

Displays the IPv6 address assigned to the logical interface.

The IPv6 address is displayed only if the device has an IPv6 address. If you do not add a logical interface to a physical interface, this column will be blank.

IfIndex

Displays the unique identifying number associated with a physical or logical interface.

Admin Status

Displays the administrative status of the physical interface, which can be Up or Down.

Operational Status

Displays the link status of the interface, which can be Up or Down.

VLAN ID

Displays the VLAN ID assigned to the logical interface.

If you do not add a logical interface to a physical interface, this column will be blank.

MTU

Displays the maximum transmission unit (MTU) size on the physical interface.

Speed

Displays the speed (MBps) at which the interface is running.

Duplex Mode

Displays the connection characteristic.

  • Automatic-If the connection mode is negotiated.
  • Full-Duplex-If the connection is full duplex.

  • Half-Duplex-If the connection is half duplex.

Link Type

Displays the link level type of the physical interface.

Linecard

Displays the number of interface slots.

Field Descriptions - Device Inventory Page > Device Administration Tab

Table 7 describes the fields on the Licenses tab.

Table 7: Fields on the Licenses Tab
Field Description

Name

Displays the name of the license associated with the device.

Status

Displays the status of the license, which can be:

  • Active: When the license validity is less than 30 days, the status also indicates the number of days left until expiry.

  • Expired

Only valid licenses are included in the license count calculation.

Expiry Date

Displays the expiry date of the licensed feature.

Total Licenses

Displays the total licenses available for the feature.

Used Licenses

Displays the total licenses used for the feature.

Required Licenses

Displays the total licenses required for the feature.

Install License

The option to add licenses to the device.

See Add Licenses.

Table 8 describes the fields on the Certificates tab.

Table 8: Fields on the Certificates Tab
Field Description

Certificate ID

Displays the unique identification of the certificate.

Issuer Organization

Displays the details of the organization that issued the certificate.

Status

Displays the expiration status of the certificate:

  • If you set the certificate to be renewed automatically, the status displayed depends on the renewal period selected from the Edit Certificate Settings page.

    For example, if you select the renewal period as 1 month, the Status field displays Less than 1 month before expiry.

  • If you set the certificate to be manually renewed, the status displayed depends on the expiration notification time for the certificate. For example, Less than 2 weeks before expiry.

  • If the expiration date of the certificate does not meet the expiration notification time yet, the Status field displays .

  • If the certificate has expired, the Status field displays Expired.

Expiry Date

Displays the date and time when the certificate expires.

Encryption Type

Displays the type of the certificate:

  • Root certificate
  • Trusted certificate

Import

The option to import certificates into the device. See Import Device Certificates.

Generate Default Trusted CAs

The option to generate default trusted CA profiles. See Import Device Certificates.

Table 9 describes the fields on the Software tab.

Table 9: Fields on the Software Tab
Field Description

Software Name

Displays the name of the installed software package.

State Type

State Type

Software Description

Displays the description of the software package.

Version

Displays the version number of the installed software package.

Table 10 describes the fields on the Security Packages tab.

Table 10: Fields on the Security Packages Tab
Field Description

Version

Displays the currently installed security package version.

License

Displays the number of licenses associated with the security package.

Click the link to see the details of the licenses.

Name

Displays the name of the currently installed security package.

Field Descriptions - Device Inventory Page > Configuration Template Tab

Table 11 describes the fields on the Configuration Template tab on the Device Inventory page.

Table 11: Fields on the Configuration Template Tab
Field Description

Name

Displays the name of the configuration template.

Deployment Status

Displays the deployment status of the configuration template, which can be No configuration, Ready to deploy, or Deployed.

Last Deployed

Displays the date when the configuration template was deployed.

Description

Displays the description of the configuration template.

Validation

Displays the status of the configuration templates validation job, which can be Success, Failed, or Inprogress.

This field is temporarily populated when you click Validate on the Configuration Template page.

Field Descriptions - Device Inventory Page > Junos Detailed Configurations Tab

The Junos Detailed Configuration tab enables you to configure Junos OS for an SRX Series Firewall. You can configure interfaces, general routing information, routing protocols, user access, and system hardware properties.

The left pane lists the Junos OS components. The Quick Links to Sections in the right pane provides links to sections in a particular component. You can click the required link to navigate directly to the corresponding section.

Table 12 desribes the icons, Call To Action (CTA) buttons, and different statuses displayed on the Junos Detailed Configuration tab.

Table 12: Icons, CTA Buttons, and Statuses on Junos Detailed Configuration Tab
Icon, CTA Buttons, or Status Displayed Description
Deploy successful Displayed when all the configuration(s) are deployed successfully on the device.
Deployment in progress Displayed when the configuration(s) deployment is in-progress.
Deploy pending Displayed when configuration(s) are pending deployment.
Last deployed Displays the number of hours or days since the last deployment and the email address of the user who deployed the configuration(s).
Preview Click to preview the configuration(s) that are pending deployment on the device.
Deploy Click to deploy the configuration(s) on the device. When you click, Deploy, the options to modify the configurations are disabled.
Use to search and to navigate to a specific component, section, or parameter.
Displayed if a Junos component has configuration(s) that is pending deployment.
Restore To Last Deployed State Click to restore the configured parameter, section, or component to its earlier state.

Table 13 describes the Junos OS components that you can configure from the Junos Detailed Configuration tab.

Table 13: Junos OS Components
Component Description
Access Use this section to configure essential user access and authentication features. Essential user access features include login classes, user accounts, access privilege levels, and user authentication methods. For more information, see the User Access and Authentication Administration Guide for Junos OS.
Accounting Options Use this section to configure collection interval, file to contain accounting data, specific fields and counter names on which statistics must be collected. For more information, see the Network Management and Monitoring Guide.
Bridge Domains Use this section to configure Layer 2 bridging on your SRX Series Firewall. For more information, see the Layer 2 Bridging, Address Learning, and Forwarding User Guide.
Class of Service Use this section to configure class of service (CoS) to define service levels that provide different delay, jitter, and packet loss characteristics to applications served by specific traffic flows. Applying CoS features to each device in your network ensures quality of service (QoS) for traffic throughout your entire network. For more information, see the Class of Service User Guide (Security Devices).
Dynamic Profiles Use this section to create dynamic profiles to use with DHCP or PPP client access. For more information, see the Broadband Subscriber Sessions User Guide.
Firewall Use this section to configure firewall filters and policers. For more information, see the Routing Policies, Firewall Filters, and Traffic Policers User Guide.
Forwarding Options Use this section to configure traffic forwarding options. For more information, see the Broadband Subscriber Management Wholesale User Guide.
Interfaces Use this section to provide information about interfaces, interfaces set, and interface range used on the device. For more information, see the Interfaces User Guide for Security Devices.
Junos ES Root configuration Use this section to configure JSRC to interact with a SAE in an SRC environment to authorize and to provision subscribers. For more information, see the Broadband Subscriber Sessions User Guide.
Multi-Chassis Use this section to configure consistency check parameters for a multichassis link aggregation group.
PoE Use this section to configure PoE interfaces, FPC configurations, and corresponding notifications. For more information, see the Interfaces User Guide for Security Devices.
Policy Options Use this section to configure routing policies. For more information, see the Routing Policies, Firewall Filters, And Traffic Policers User Guide.
Protocols Use this section to configure the protocols for a routing instance.
Routing Instances Use this section to configure IPv4 and IPv6 routing protocols and settings. For more information, see the Routing Protocols Overview.
Security Use this section to configure the following:
  • Security policies
  • Security zones
  • Security screens
  • Cloud
  • Internet Key Exchange (IKE) configurations
  • Application Layer Gateway (ALG)
  • Security logging
Services Use this section to configure the router or switch settings to connect to the local router or switch. For more information, see the Broadband Subscriber Services User Guide.
Session Limit Group Use this section to configure the maximum allowed number of concurrent web management sessions. For more information, see the Flow-Based and Packet-Based Processing User Guide for Security Devices.
SMTP Use this section to configure SMTP server settings for the SRX Series Firewall.
SNMP Use this section to configure SNMP implementation in Junos OS.
Switch Options Use this section to configure Layer 2 learning and forwarding properties for a VLAN or a virtual switch. For more information, see the Ethernet Switching User Guide.
System Use this section to configure and to monitor the system log messages. For more information, see the Network Management and Monitoring Guide.
VLANs Use this section to configure the VLAN properties on the device. For more information, see the Ethernet Switching User Guide.
VMHost Use this section to configure VM host management properties. For more information, see the Junos OS Software Installation and Upgrade Guide.
WLAN Use this section to configure WLAN properties on the device. For more information, see the Interfaces User Guide for Security Devices.