Create an Organization
Ensure that you have the required subscriptions to create an organization. See Subscriptions Overview.
-
Click the organization name on the top right corner, then click Create New
Organization.
The Create New Organization page is displayed.
-
Complete the configuration according to the guidelines in Table 1.
Table 1: Fields on the Organization—Details Page Field
Description
Organization name
Enter a name containing maximum 32 alphanumeric characters. The name can contain hyphens (-) and underscores (_).
Home PoP
Select your home region. The home region is usually the geographical area where your SRX Series Firewalls are located. Technically, you can select any region, but we recommend that you select the region that is closest to your geographical location.
Note:The Juniper Security Director Cloud FQDN of each home region is different. You must configure your network firewall to allow access to the FQDN.
Ensure that each SRX Series Firewall port can communicate with a Juniper Security Director Cloud FQDN. The FQDN of each region is different.
Table 2: Region to FQDN Mapping Region Purpose Port FQDN North Virginia, US
ZTP
443
jsec2-virginia.juniperclouds.net
Outbound SSH
7804
srx.sdcloud.juniperclouds.net
Syslog TLS
6514
srx.sdcloud.juniperclouds.net
Ohio, US
ZTP
443
jsec2-ohio.juniperclouds.net
Outbound SSH
7804
srx.jsec2-ohio.juniperclouds.net
Syslog TLS
6514
srx.jsec2-ohio.juniperclouds.net
Montreal, Canada
ZTP
443
jsec-montreal2.juniperclouds.net
Outbound SSH
7804
srx.jsec-montreal2.juniperclouds.net
Syslog TLS
6514
srx.jsec-montreal2.juniperclouds.net
Frankfurt, Germany
ZTP
443
jsec-frankfurt.juniperclouds.net
Outbound SSH
7804
srx.jsec-frankfurt.juniperclouds.net
Syslog TLS
6514
srx.jsec-frankfurt.juniperclouds.net
-
Click OK to save the changes.
An account creation confirmation message is displayed, and you are navigated to the new Organization page.
-
Customize your organization according to the guidelines in Fields on the Organization-Settings Page.
Table 3: Fields on the Organization—Settings Page Field Description Details
Backup logging PoP
Select the cloud-based location where your Secure Edge and SRX Series Firewall logs will be backed up. You cannot change the location after saving the configuration.
This is an optional setting, and you must have a Juniper Security Director Cloud, a Juniper Secure Edge, or a storage license to use this feature.
Note:When you change your trial subscription to a paid subscription, a message to select a backup logging PoP is displayed.
Organization ID
The auto-generated universally unique identifier (UUID) for an organization.
This unique ID is used to identify organizations that have identical names.
Settings
Allow Juniper support to debug
Enable this option to allow Juniper Networks support team to remotely troubleshoot and resolve issues.
Auto-import device after device discovery
Enable this option to automatically import devices after the device discovery process.
This option is enabled by default.
Update disabled rules to device
Enable this option to automatically delete rules on the device when the rules are disabled in Juniper Security Directory Cloud.
This option is enabled by default.
Hit count
Enable this option to track the number of times a policy is used based on traffic flow. The hit count is the number of hits since the last reset. By default, this option is enabled.
In a large policy set, the hit count helps check the usage frequency of rules. If a rule is unused, you can verify whether the rule is shadowed by other policies. You can then manage the device without having to generate traffic manually.
Hit count start time
Set the time to start tracking the policy use.
Juniper Security Directory Cloud collects and updates the policy use statistics every 24 hours. The default start time is 0200 hours.
Save rule option
Enable this option to allow users to create or to edit a policy rule at a zone or global level.
This option is applicable when you select only one source and destination zone.
Unnumbered tunnels
Enable this option to import unnumbered, matching tunnels in a Site-to-Site topology. If this option is disabled, the tunnels are imported in a Hub-and-Spoke topology.
This option is disabled by default.
Snapshots per policy
Set the number of configuration snapshots to store for each device. You can use the snapshots to revert to a previous configuration of a device.
Juniper Security Director Cloud stores the last 10 snapshots.
Confirmed commit timeout Enter the timeout value after which, if there's no response from the device, the committed configuration changes are not deployed on the device. The device rolls back to the previously committed configuration.
The default value is 60 seconds.
Automatic signature install to devices
Enable automatic installation of signature bundles to devices.
Approve/reject device onboarding requests
Enable to prompt you to approve or reject requests to onboard devices through ZTP.
- Click Save.