About the Devices Page

Tasks You Can Perform

You can perform the following tasks from this page:

Add Devices to Juniper Security Director Cloud.
Delete Devices From Juniper Security Director Cloud.
Resynchronize a Device with Juniper Security Director Cloud
Resolve Out-of-Band Changes.
Manage Configuration Versions.
Reboot a Device.
Enroll SRX Series Firewalls from ATP Cloud to Juniper Security Director Cloud.
Disenroll SRX Series Firewall from ATP Cloud.
Upgrade a Device.
Create a Device Group.
Create a preprovision profile to deploy on devices.
Enable security logging for a device or device cluster.
Manage Device Subscriptions.
Add License to a Device
Import local certificates and CA certificates into your devices.
Select a device, and click More > View Active Configuration to view active configuration on the device.
Click More > Export as CSV to export device information as a CSV file.
Click More > Export Inventory to export the device inventory information as a ZIP file.
Select a device and click More > View Inventory to view the device innventory page. See Table 11.
Select a device and click More > Detail to view device details. See Table 2.

Field Descriptions - Devices Page

Table 1 describes the fields on the Devices page.

Table 1: Fields on the Devices Page
Fields	Description
Host Name	Displays the name of the device, device cluster, or multinode high availability (MNHA) pair. A MNHA pair is named by combining the device names. The MNHA deployment mode is displayed beside the name. For example, MNHA - Routing Mode.
Device Group	Displays the name of the group with which the device is associated.
Inventory Status	The Inventory Status column displays the discovery and synchronization status of the device with Juniper Security Director Cloud after it is added. The possible statuses are: Unknown—If the device is either not connected to Juniper Security Director Cloud or is down. In Sync—If the settings in the device and Juniper Security Director Cloud are synchronized. Out of Sync—If the settings in the device were updated and not synchronized with Juniper Security Director Cloud. Sync in Progress—If the device is synchronizing with Juniper Security Director Cloud after it is added, upgraded, or updated.
Device Config Status	Indicates if differences exist in configurations in a device and in the Junos Detailed Configuration tab for the device in Juniper Security Director Cloud. Click Resolve to view the steps to accept or reject the differences and synchronize the configurations. For more information, see Resolve Out-of-Band Changes.
Management Status	Displays the connectivity status of the device with Juniper Security Director Cloud. You can manage the device from Juniper Security Director Cloud when the Up status is displayed. The possible statuses are: Discovery Not Initiated—The device is not added completely in Juniper Security Director Cloud. To complete the process, click Adopt Device, and follow the instructions in Add Standalone Devices, Device Clusters, or MNHA Pair Devices Using Commands. Discovery Failed—There was an error during the device discovery process or while adding the device to Juniper Security Director Cloud. Hover over the Discovery Failed status to view the reason. To troubleshoot the issue, see Frequently Asked Questions. Up—The device is connected to Juniper Security Director Cloud. Down—The device is not connected to Juniper Security Director Cloud.
Device Health Status	Displays the resources used by the device, such as CPU processing power, memory, and storage. The health status is displayed only for devices with subscriptions. The status of the device is color-coded. Green indicates a healthy device with resource usage below 50%. Orange indicates warnings with resource usage reaching 50% to 80%. Red indicates errors and heavy resource usage above 80%.
Subscriptions	Displays the subscriptions added to the device. Trial Subscription is displayed if you have subscribed the device to a trial subscription. No Subscription is displayed if you have not yet subscribed the device to any subscriptions.
OS Version	Displays the OS firmware version running on the device Unknown status is displayed for devices that are not managed by Juniper Security Director Cloud.
Product Series	Displays the model number of the device. For devices that are not managed by Juniper Security Director Cloud, the product details are discovered through SNMP. If the product details cannot be discovered, Unknown status is displayed.

Field Descriptions - Device Details Pane

The following table describes the fields on the Device Details pane for standalone and cluster devices:

Table 2: Fields on the Device Details Pane for Standalone and Cluster Devices
Fields	Description
Basic Information
Host Name	Displays the name of the device.
OS Version	Displays the OS firmware version running on the device. This field displays Unknown for devices that Juniper Security Director Cloud doesn't manage.
Family	Displays the device family of the selected device. For devices that Juniper Security Director Cloud doesn't manage, the family is the same as the provided vendor name. The field displays Unknown if the vendor name is not available and if SNMP is not used or has failed.
Product Series	Displays the model number of the device. For devices that Juniper Security Director Cloud doesn't manage, the platform details are discovered through SNMP. If the platform details cannot be discovered, the field displays Unknown.
Serial Number	The serial number of the device chassis. This field displays Unknown for devices that Juniper Security Director Cloud doesn't manage.
Status Information
Management Status	Displays the connection status of the device in Juniper Security Director Cloud. Up—The device is connected to Juniper Security Director Cloud. Down—The device is not connected to Juniper Security Director Cloud. Discovery Failed—There was an error during device discovery or adding to Juniper Security Director Cloud. You can see the reason for the failure when you hover your mouse cursor over the Discovery Failed status.
Inventory Status	Displays the current state of the device configuration. Unknown—The device status is unknown to Juniper Security Director Cloud. The device is either not connected to Juniper Security Director Cloud or is down. In Sync—The device is connected to Juniper Security Director Cloud. Out of Sync—The device is not connected to Juniper Security Director Cloud. Sync in Progress—The device is being resynchronized to Juniper Security Director Cloud after the device is added or upgraded.

The following table describes the fields on the Device Details pane for each device in an MNHA pair.

Table 3: Fields on the Device Details Pane for MNHA pair devices
Fields	Description
Status
Node status	Displays the overall status of the node or device.
Cold sync	Displays the cold synchronization process status. The process is initiated to resynchronize control-plane services when the node is active. During this process, SRG state information is exchanged between the nodes.
ICL	Displays the interchassis link (ICL) status. An ICL is a logical IP link established using IP addresses that are routable in the network.
Encrypted	Displays the ICL encryption status.
Local / Peer ID	Identifies the node in the cluster. The local ID of the second node is displayed as the peer ID of the first node. Similarly, the local ID of the first node is displayed as the peer ID of the second node.
BFD	Displays the bidirectional forwarding detection (BFD) protocol configuration such as multiplier and minimum interval. For example, if 3*200 ms is configured, 3 indicates the multiplier and 200 ms indicates the minimum interval.
ICD	Displays the status of the interchassis datapath (ICD) which is an additional link used to handle asymmetric traffic.
Path monitoring SRG0	A method that uses ICMP to verify the reachability of the IP address. The default interval for ICMP ping probes is 1 second.
SRG
SRG0	A unit that manages all control plane stateless services such as firewall, NAT, and ALG. SRG0 is active on all participating nodes and handles symmetric security flows.
Health status	Indicates the health status of the SRG.
System integrity check	Displays the node’s ability to eliminate single points of failure to ensure continuous operations over an extended period.
Local / Peer ID	Identifies the node in the cluster. The local ID of the second node is displayed as the peer ID of the first node. Similarly, the local ID of the first node is displayed as the peer ID of the second node.
At failure	Displays the link status in case of a node failure
SRG x, where x is > 0.	A unit that manages control plane stateful services. For example, IPsec VPN or virtual IPs in hybrid or default gateway mode.
Health status	Displays the health status of the node. The possible statuses are Healthy, Unhealthy, and Unknown.
Control plane status	Displays the state of the control plane services.
Current state	Displays if the device is in active or backup mode.
Failover readiness	Displays the readiness of the node in case of a failover. A failover happens when one node detects a failure (hardware/software and so on) and traffic transitions to the other node in a stateful manner.
Deployment type	Displays the deployment type of the Services Redundancy Group (SRG). The possible values are Cloud (Cloud deployment), Hybrid (Hybrid deployment), Routing (Routing deployment), and Switching (switching/default gateway deployment).
Managed services	Displays the services enabled for the services redundancy group (SRG).
Activeness priority	Displays the priority for the SRG1 in a node to take up the active role if both the nodes initialize at the same time.
Process packet on backup	Displays the packet forward engine status to forward packets on backup node for the corresponding SRG.
Preemption	Displays the preemption status of the node. If preemption is enabled for both nodes, the node with higher activeness priority always remains active after a failover.
BFD path monitoring Note: BFD path monitoring information is not displayed for devices running Junos OS Release 22.4R1 and 22.4R2.	Displays the bidirectional forwarding detection (BFD) protocol configurations and test status.
Signal route Note: Signal route information is not displayed for devices running Junos OS Release 22.4R1 and 22.4R2.	Displays the active and backup signal route configuration and status.
Activeness probe Note: Activeness probe information is not displayed for devices running Junos OS Release 22.4R1 and 22.4R2.	Displays the status and details of the probe configured for activeness determination.

Field Descriptions - Device Inventory Page > Overview Tab

Table 4 describes the fields on the Overview tab in the Device Inventory page.

Table 4: Fields on the Overview Tab
Field	Description
Chassis	Displays the port usage and health status of the hardware devices.
System Information	Displays the following details of the devices: Model name Host name Serial number—This field displays Unknown for devices that Juniper Security Director Cloud doesn't manage. Software version—This field displays Unknown for devices that Juniper Security Director Cloud doesn't manage. System time System up time Active users
Subscriptions	Displays the subscriptions attached to the device and the status of the subscriptions.
Rules	Displays the number of rules configured for the device along with the number of used and unused rules.
Memory	Displays the storage resources used by the device.
Security Packages	Displays the name of the installed security packages.
CPU	Displays the CPU processing power used by the device.
Licenses	Displays the number of times an item is licensed.
Chassis	Displays the port usage and health status of the hardware devices.

Field Descriptions - Device Inventory Page > Chassis Tab

Table 5 describes the fields on the Chassis tab in the Device Inventory page.

Table 5: Fields on the Chassis Tab
Field	Description
Model	Displays the model of the selected module.
Serial number	Displays the serial number of the selected module.
Module	Displays the module of the device.
Type	Displays the type of the device.
Model	Displays the model of the device.
Version	Displays the version of the device software.
Part Number	Displays the part number of the device.
Serial Number	Displays the serial number of the device.
Physical Interfaces	Displays standard information about physical interfaces connected to the device in the type-/fpc/pic/port format where type indicates the media type that identifies the network device. For example, ge-0/0/6. Click View to go to the Interfaces tab.
Description	Displays an optional description for this interface configured on the device. The description can be a text string that contains up to 512 characters. Longer strings are truncated to 512 characters. If there is no information, the column is empty.

Field Descriptions - Device Inventory Page > Interfaces Tab

Table 6 describes the fields in the Interfaces tab.

Table 6: Fields on the Interfaces Tab
Field	Description
Interface Name	Displays the interface that is used to connect to Juniper Security Director Cloud.
IPv4 Address	Displays the IPv4 address assigned to the logical interface. If you do not add a logical interface to a physical interface, this column will be blank.
IPv6 Address	Displays the IPv6 address assigned to the logical interface. The IPv6 address is displayed only if the device has an IPv6 address. If you do not add a logical interface to a physical interface, this column will be blank.
IfIndex	Displays the unique identifying number associated with a physical or logical interface.
Admin Status	Displays the administrative status of the physical interface, which can be Up or Down.
Operational Status	Displays the link status of the interface, which can be Up or Down.
VLAN ID	Displays the VLAN ID assigned to the logical interface. If you do not add a logical interface to a physical interface, this column will be blank.
MTU	Displays the maximum transmission unit (MTU) size on the physical interface.
Speed	Displays the speed (MBps) at which the interface is running.
Duplex Mode	Displays the connection characteristic. Automatic-If the connection mode is negotiated. Full-Duplex-If the connection is full duplex. Half-Duplex-If the connection is half duplex.
Link Type	Displays the link level type of the physical interface.
Linecard	Displays the number of interface slots.

Field Descriptions - Device Inventory Page > Device Administration Tab

Table 7 describes the fields on the Licenses tab.

Table 7: Fields on the Licenses Tab
Field	Description
Name	Displays the name of the license associated with the device.
Status	Displays the status of the license, which can be: Active: When the license validity is less than 30 days, the status also indicates the number of days left until expiry. Expired Only valid licenses are included in the license count calculation.
Expiry Date	Displays the expiry date of the licensed feature.
Total Licenses	Displays the total licenses available for the feature.
Used Licenses	Displays the total licenses used for the feature.
Required Licenses	Displays the total licenses required for the feature.
Install License	The option to add licenses to the device. See Add License to a Device.

Table 8 describes the fields on the Certificates tab.

Table 8: Fields on the Certificates Tab
Field	Description
Certificate ID	Displays the unique identification of the certificate.
Issuer Organization	Displays the details of the organization that issued the certificate.
Status	Displays the expiration status of the certificate: If you set the certificate to be renewed automatically, the status displayed depends on the renewal period selected from the Edit Certificate Settings page. For example, if you select the renewal period as 1 month, the Status field displays Less than 1 month before expiry. If you set the certificate to be manually renewed, the status displayed depends on the expiration notification time for the certificate. For example, Less than 2 weeks before expiry. If the expiration date of the certificate does not meet the expiration notification time yet, the Status field displays –. If the certificate has expired, the Status field displays Expired.
Expiry Date	Displays the date and time when the certificate expires.
Encryption Type	Displays the type of the certificate: Root certificate Trusted certificate
Import	The option to import certificates into the device. See Import a Device Certificate.
Generate Default Trusted CAs	The option to generate default trusted CA profiles. See Import a Device Certificate.

Table 9 describes the fields on the Software tab.

Table 9: Fields on the Software Tab
Field	Description
Software Name	Displays the name of the installed software package.
State Type	State Type
Software Description	Displays the description of the software package.
Version	Displays the version number of the installed software package.

Table 10 describes the fields on the Security Packages tab.

Table 10: Fields on the Security Packages Tab
Field	Description
Version	Displays the currently installed security package version.
License	Displays the number of licenses associated with the security package. Click the link to see the details of the licenses.
Name	Displays the name of the currently installed security package.

Field Descriptions - Device Inventory Page > Configuration Template Tab

Table 11 describes the fields on the Configuration Template tab on the Device Inventory page.

Table 11: Fields on the Configuration Template Tab
Field	Description
Name	Displays the name of the configuration template.
Deployment Status	Displays the deployment status of the configuration template, which can be No configuration, Ready to deploy, or Deployed.
Last Deployed	Displays the date when the configuration template was deployed.
Description	Displays the description of the configuration template.
Validation	Displays the status of the configuration templates validation job, which can be Success, Failed, or Inprogress. This field is temporarily populated when you click Validate on the Configuration Template page.

Field Descriptions - Device Inventory Page > Junos Detailed Configurations Tab

The Junos Detailed Configuration tab enables you to configure Junos OS for an SRX Series Firewall. You can configure interfaces, general routing information, routing protocols, user access, and system hardware properties.

The left pane lists the Junos OS components. The Quick Links to Sections in the right pane provides links to sections in a particular component. You can click the required link to navigate directly to the corresponding section.

Table 12 desribes the icons, Call To Action (CTA) buttons, and different statuses displayed on the Junos Detailed Configuration tab.

Table 12: Icons, CTA Buttons, and Statuses on Junos Detailed Configuration Tab
Icon, CTA Buttons, or Status Displayed	Description
Deploy successful	Displayed when all the configuration(s) are deployed successfully on the device.
Deployment in progress	Displayed when the configuration(s) deployment is in-progress.
Deploy pending	Displayed when configuration(s) are pending deployment.
Last deployed	Displays the number of hours or days since the last deployment and the email address of the user who deployed the configuration(s).
Preview	Click to preview the configuration(s) that are pending deployment on the device.
Deploy	Click to deploy the configuration(s) on the device. When you click, Deploy, the options to modify the configurations are disabled.
	Use to search and to navigate to a specific component, section, or parameter.
	Displayed if a Junos component has configuration(s) that is pending deployment.
Restore To Last Deployed State	Click to restore the configured parameter, section, or component to its earlier state.

Table 13 describes the Junos OS components that you can configure from the Junos Detailed Configuration tab.

Table 13: Junos OS Components
Component	Description
Access	Use this section to configure essential user access and authentication features. Essential user access features include login classes, user accounts, access privilege levels, and user authentication methods. For more information, see the User Access and Authentication Administration Guide for Junos OS.
Accounting Options	Use this section to configure collection interval, file to contain accounting data, specific fields and counter names on which statistics must be collected. For more information, see the Network Management and Monitoring Guide.
Bridge Domains	Use this section to configure Layer 2 bridging on your SRX Series Firewall. For more information, see the Layer 2 Bridging, Address Learning, and Forwarding User Guide.
Class of Service	Use this section to configure class of service (CoS) to define service levels that provide different delay, jitter, and packet loss characteristics to applications served by specific traffic flows. Applying CoS features to each device in your network ensures quality of service (QoS) for traffic throughout your entire network. For more information, see the Class of Service User Guide (Security Devices).
Dynamic Profiles	Use this section to create dynamic profiles to use with DHCP or PPP client access. For more information, see the Broadband Subscriber Sessions User Guide.
Firewall	Use this section to configure firewall filters and policers. For more information, see the Routing Policies, Firewall Filters, and Traffic Policers User Guide.
Forwarding Options	Use this section to configure traffic forwarding options. For more information, see the Broadband Subscriber Management Wholesale User Guide.
Interfaces	Use this section to provide information about interfaces, interfaces set, and interface range used on the device. For more information, see the Interfaces User Guide for Security Devices.
Junos ES Root configuration	Use this section to configure JSRC to interact with a SAE in an SRC environment to authorize and to provision subscribers. For more information, see the Broadband Subscriber Sessions User Guide.
Multi-Chassis	Use this section to configure consistency check parameters for a multichassis link aggregation group.
PoE	Use this section to configure PoE interfaces, FPC configurations, and corresponding notifications. For more information, see the Interfaces User Guide for Security Devices.
Policy Options	Use this section to configure routing policies. For more information, see the Routing Policies, Firewall Filters, And Traffic Policers User Guide.
Protocols	Use this section to configure the protocols for a routing instance.
Routing Instances	Use this section to configure IPv4 and IPv6 routing protocols and settings. For more information, see the Routing Protocols Overview.
Security	Use this section to configure the following: Security policies Security zones Security screens Cloud Internet Key Exchange (IKE) configurations Application Layer Gateway (ALG) Security logging
Services	Use this section to configure the router or switch settings to connect to the local router or switch. For more information, see the Broadband Subscriber Sessions User Guide.
Session Limit Group	Use this section to configure the maximum allowed number of concurrent web management sessions. For more information, see the Flow-Based and Packet-Based Processing User Guide for Security Devices.
SMTP	Use this section to configure SMTP server settings for the SRX Series Firewall.
SNMP	Use this section to configure SNMP implementation in Junos OS.
Switch Options	Use this section to configure Layer 2 learning and forwarding properties for a VLAN or a virtual switch. For more information, see the Ethernet Switching User Guide.
System	Use this section to configure and to monitor the system log messages. For more information, see the Network Management and Monitoring Guide.
VLANs	Use this section to configure the VLAN properties on the device. For more information, see the Ethernet Switching User Guide.
VMHost	Use this section to configure VM host management properties. For more information, see the Junos OS Software Installation and Upgrade Guide.
WLAN	Use this section to configure WLAN properties on the device. For more information, see the Interfaces User Guide for Security Devices.

ON THIS PAGE