Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Juniper Security Director Cloud Overview

Juniper Security Director Cloud is your portal to Secure Access Service Edge (SASE), bridging your current security deployments with your future SASE rollout. Juniper Security Director Cloud helps organizations migrate securely to SASE architecture. Using Juniper Security Director Cloud, organizations can create unified policies once and deploy the policies wherever their users are using the applications. Unified policy management ensures seamless security across all users, applications, or devices wherever they are.

Juniper Security Director Cloud empowers both traditional security roles and network roles by automating tier I and tier II security tasks and by supplementing network visibility with security insights. Additionally, Juniper Security Director Cloud provides value for enterprise and service providers by shifting from monolithic centralized data center architectures to SASE-based, decentralized architectures that bring services closer to end users.

Juniper Security Director Cloud provides a user-friendly and security-focused GUI interface that allows an administrator to perform specific tasks. Table 1.

When you log in to application, the main menu (left sidebar) that is displayed and the actions that you can perform depend on your access privileges. Table 1 lists the main menu that is available in the Juniper Security Director Cloud, a brief description of each menu item, and a link to the relevant topic in the Juniper Security Director Cloud User Guide.

Table 1: GUI Menu and Description
Menu Description

Dashboard

The dashboard displays information such as top events, top denials, top applications, top source and destination IP addresses, top traffic, and top infected hosts. Graphical security widgets that can be added, removed, and rearranged per user. These widgets offer each user a customized view of network security. See About the Dashboard.

Monitor

You can view following information from Monitor menu:

  • Alerts—Alerts are used to notify about significant events within the system. You can define alert criteria based on a set of predefined filters. See Alerts Overview
  • Logs—You can view details of the traffic logs that are generated by managed devices. You can view information about security events based on IPS policies, Web filtering policies, and IPSec VPN policies. You can also view an overall, high‐level view of your network environment. You can view abnormal events, attacks, viruses, or worms when log data is correlated and analyzed. See About the Session Page
  • Maps and Charts—The threat map provides a visualization of the geographic regions for incoming and outgoing traffic. You can view blocked and allowed threat events based on feeds from IPS, antivirus, and antispam engines. See Threat Map Overview
  • Reports—Reports are generated based on a summary of network activity and overall network status. These generated reports can help you to perform a trend analysis of your network's activities to study changes in traffic patterns. You can use the predefined reports, or you can build custom reports that meet specific needs. See Reports Overview

SRX>Device Management

  • Devices—Discover and manage devices. See About the Devices Page.

  • Configuration Templates—Provision configurations, both during onboarding and throughout the device life cycle, for Juniper Networks and other third-party devices. By using configuration templates, you can deploy customized configurations on devices. See Configuration Templates Overview.

  • Software Images—A software image is a software installation package used to upgrade or downgrade the operating system running on a network device. Juniper Security Director Cloud helps you to manage (add, stage, deploy, and delete) the entire lifecycle of software images of all managed network devices. See About the Images Page.

  • Security Packages—Security package consists of IPS Signatures, Application Signatures, and URL Categories. Use the Security Packages page. You can view the list of latest security packages available on Juniper Security Director Cloud, view the list of currently installed security packages on the device, and install the latest security packages on the device. See About the Security Packages Page.

SRX>Security Policies

  • Security Policies— Security policies provide security functionality by enforcing rules on traffic that passes through a device. Traffic is permitted or denied based on the action defined in the security policy rules. You can create, modify, and delete security policy and associate the devices with a security policy. See Security Policy Overview.

  • Device View—Provides an overall, high-level view of your security policy device settings. You can also use this page to view detailed information on the number of rules and policies assigned per device. See Devices with Security Policies Main Page Fields.

SRX>NAT

  • NAT Policies— Create, modify, clone, and delete NAT policies and policy rules. You can filter and sort this information to get a better understanding of what you want to configure. See About the NAT Policies Page.

  • NAT Pools—A NAT pool is a set of IP addresses that you can define and use for address translation. NAT policies perform address translation by translating internal IP addresses to the addresses in these pools. See About the NAT Pools Page.

Shared Objects>Objects

Mange the following objects:

  • Addresses—Create, edit, and delete addresses and address groups. Addresses and address groups are used in security and NAT services. See About the Addresses Page.
  • Services—Manage applications across devices. A service refers to an application on a device, such as Domain Name Service (DNS). See About the Services Page.
  • Applications—Create, modify, clone, and delete application signature groups. You can also view the details of predefined application signatures that are already downloaded. See About the Application Signatures Page.
  • Schedules—A schedule allows a policy to be active for a specified duration. If you want a policy to be active during a scheduled time, you must first create a schedule for that policy or link the policy to an existing schedule. See Security Policy Schedules Overview.

Shared Objects>Firewall Profiles

Perform security-related management tasks related to:

  • Redirect Profiles—You can create a redirect profile and provide a reason for the policy action or to redirect the user request to an informative webpage. See About the Redirect Profiles Page.
  • Rule Options—You can create an object to specify redirect options, authentication, TCP-options, and action for destination-address translated or untranslated packets. When a rule options is created, the Juniper Security Director Cloud creates an object in the database to represent the rule options. See About Rule Options Page.
Shared Objects>Identity
  • JIMS—Use the Identity Management Profile page to obtain advanced user identity from different authentication sources for SRX Series devices. You can create, edit, clone, delete and deploy identity management profiles. See About the Identity Management Profile Page.
  • Active Directory—Active Directory configuration is used by the SRX series devices to contact the Active Directory server. You can view, create, modify, clone, and delete Active Directory profile. See About the Active Directory Profile Page.
  • Access Profiles—Access profiles enable access configuration on the network—this consists of authentication configuration. Juniper Security Director Cloud supports RADIUS, Lightweight Directory Access Protocol (LDAP), and local authentication as authentication methods. See About the Access Profile Page.
  • Address Pools—An address pool is a set of Internet Protocol (IP) addresses available for allocation to users, such as in host configurations with the DHCP. You can create centralized IPv4 address pools independent of the client applications that use the pools. See About the Address Pool Page.

Security Subscriptions

Advanced Security management related to:
  • IPS— The intrusion prevention system (IPS) profile is deployed on a device by associating the profile with a security policy rule, which is deployed on the device. You can associate IPS rules and exempt rules with an IPS profile. See About the IPS Profiles Page.
  • UTM—Unified threat management (UTM) is a term used to describe the consolidation of several security features to protect against multiple threat types. You can enable antispam, antivirus, content filtering, and web filtering. See About the UTM Profiles Page.
  • Decrypt—You can view and manage SSL proxy profiles. See About the Decrypt Profiles Page.
  • VPN—You can view and manage the IPsec VPN profiles that provide a means to securely communicate with remote computers across a public WAN, such as the Internet. See IPsec VPN Overview.

Administration

Perform administrative tasks including:

  • Subscriptions—Add and manage your Juniper Security Director Cloud subscriptions. SeeAbout the Juniper Security Director Cloud Subscriptions
  • Users and Roles—Juniper Security Director Cloud supports authentication and role-based access control (RBAC) to its resources and services. See About the Users Page
  • Jobs—The Jobs page lets you monitor the status of jobs that have run or are scheduled to run in Juniper Security Director Cloud. Jobs can be scheduled to run immediately or in the future. See Jobs Management in Juniper Security Director Cloud
  • Audit logs—An audit log is a record of a sequence of activities that have affected a specific operation or procedure. Audit logs are useful for tracing events and for maintaining historical data. See About the Audit Logs Page
  • Data Management—The Data Management page displays device logs related to security and data traffic. You can export or delete these logs. See About the Data Management Page
  • Organization—An organization account helps you to add devices, subscribe your devices, and start managing the devices. An administrator, operator, or user with read-only access of organization can create multiple organization accounts in Juniper Security Director Cloud. See About the Organization Page

When you log in to Portal, the main menu (left sidebar) that is displayed and the actions that you can perform depend on your access privileges. Table 1 displays the main menu available in the Juniper Security Director Cloud Portal, a brief description of each menu item, and a link to the relevant topic in the Juniper Security Director Cloud User Guide.

Benefits of Juniper Security Director Cloud

  • Manages all security deployments—physical, virtual, and containerized SRX for traditional deployments— and helps the smooth transition to a SASE architecture.
  • Offers fully integrated security with unified policies at every point of connection. With unified policy management, you can create a policy once and apply it anywhere. You don't need to copy over or recreate rule sets.
  • Provides a single centralized management interface that enables administrators to manage all phases of the security policy life cycle by using customizable dashboards and reports.
  • Offers protection from attacks against the client and from the server-side exploits, malware, and C2 traffic, regardless of where the users and applications are located.
  • Enables easy deployment and configuration for new sites using zero-touch provisioning (ZTP), auto-rule placement, and policy-based routing.
  • Enables security for on-premise and cloud-based environments simultaneously and at scale, with validated efficacy against data center threats.

Access Juniper Security Director Cloud

To access Juniper Security Director Cloud portal:

  1. If you are logging in to Juniper Security Director Cloud for the first time, click Create an organization account link. If you already created an organization account, skip to Step 5.
  2. Set your login credentials, contact details, and the organization account details according to the guidelines provided in table Table 2.
    Table 2: Fields to Create an Organization Account

    Field

    Description

    Login Credentials

    Email

    Enter a valid e-mail ID.

    Password

    Enter a password that contains at least one number, one uppercase letter and one special character. The password length should be between 8 to 20 characters.

    Contact Details

    Contact Details

    Enter the following contact details:

    • Name—Enter you name. Only alphabets with spaces are allowed. The maximum length is 32 characters.
    • Company name—Enter your company name. Only alphanumeric characters, spaces, `-` (hyphen) and `_` (underscore) are allowed. The maximum length is 64 characters.
    • Country—Select the country from the dropdown list.
    • Phone number—Enter a valid phone number that can contain numbers and +, -, or () symbols. The total length of phone number must be 7 (including hyphen) through 18 characters. Example phone formats:
      • +91-9590951194
      • +918087677876
      • 408-111-1111
      • 1(234)56789011234
      • (+351)282435050
      • 90191919908
      • 555-89097896

    Organization account details

    Enter a name for organization account for which you would be managing the security devices and services.

  3. Click Create Organization Account. You will receive an email verification link.
  4. Click on the Verify Email button in your e-mail to complete the organization account creation process.
  5. Log in to Juniper Security Director Cloud.
    Note:

    We recommend that you use Google Chrome (Version 85 or later) or Firefox (Version 85 or later) to access the Juniper Security Director Cloud GUI.

  6. Enter your username (e-mail ID) and password.

    The Welcome page appears, listing the key features of your version of Juniper Security Director Cloud.

  7. (Optional) If you want to hide the Welcome page when you log in next, select the Hide this on next login check box.
  8. Click Go to Dashboard. You can access different tasks easily using the menu bar on the left of each page. The top-level menu items are listed in Table 1.

Using Navigational Elements

For a more personal and customizable user experience, Juniper Networks provides some navigational aids within the GUI. Table 3 shows the sample of navigation, customization, and help icons.

Table 3: Navigational Elements
Element Icon Location
Breadcrumbs—Trace your location in the UI. The breadcrumbs provide a path back to one of the seven starting tabs: Dashboard, Monitor, Device Management, NAT & Objects, Firewall, Advanced Security, and Administration.

The upper left part of the main screen below the Monitor tab. Not visible on the Dashboard.
Info Tips—Position your mouse over any available question mark icon for quick pop-up guidance. Various places around the GUI.
Show and Hide Left-Nav—Click the hamburger icon to show or hide the left-navigation section. Left side of the tab bar.
Show/Hide Columns—In tabular displays, you can choose which columns are visible by clicking the icon, and then selecting the check boxes in the menu. Upper-right corner of some tabular display windows such as the Monitor tab and the Device Management tab.
Table Search—

In large tabular views, you can search for specific text within any of the visible fields in the display.

Upper-right corner of tabular views. Next to the Show Hide Columns icon.