Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add Devices to Juniper Security Director Cloud

Add devices to Juniper Security Director Cloud, after which you can manage your network security using these devices. There are multiple ways to add devices to Juniper Security Director Cloud. Choose the method that's right for you:

  • Add Devices Using Commands. Juniper Security Director Cloud generates commands for adding a device or device cluster. You can copy the commands and paste them into the device console. When you commit the commands to the device, Juniper Security Director Cloud discovers and adds the device or device cluster to the cloud. See Add Devices or Device Clusters Using Commands for details.

  • Add Devices With Zero Touch Provisioning. With Zero Touch Provisioning (ZTP) you can configure and provision devices automatically. You can use ZTP to add devices for Junos OS Release 18.4R3 on SRX300, SRX320, SRX340, SRX345, SRX550 HM SRX Series devices, Junos OS Release 20.2R1 on the SRX1500 SRX device, and Junos OS Release 20.1R1 on SRX380 devices. See Add Devices Using Zero Touch Provisioning for details.

  • Add Devices Using J-Web. This feature is supported from J-Web Release 21.3R1 and later. See Add an SRX Series Device to Juniper Security Director Cloud in the J-Web User Guide for SRX Series Devices for details.

  • Add Devices from Security Director. This feature is supported from Security Director Release 21.3R1 and later. See Add Devices to Security Director Cloud in the Security Director User Guide for details.

Note:

Ensure that your network firewall is configured in the following manner:

  • Allows access to the srx.sdcloud.juniperclouds.net FQDN.

  • Port TCP/443 (HTTPS) is opened for Juniper Security Director Cloud portal and Redirect server

  • Port TCP/7804 (NETCONF) is opened for SRX Series device outbound access to Juniper Security Director Cloud portal.

  • Port TCP/6514 (TLS Syslog) is opened for monitoring and sending security logs to Juniper Security Director Cloud.

  • Port TCP/53 (DNS) - (IP: 8.8.8.8) is opened to allow to google DNS server.

  • Port UDP/53 (DNS) - (IP: 8.8.4.4) is opened to allow to google DNS server.

  • Port 2050 is opened to use PACAP monitoring in Juniper Security Director Cloud.

Add Devices or Device Clusters Using Commands

Juniper Security Director Cloud generates commands for adding a device or a device cluster. You can copy the commands and paste them into the device console. When you commit the commands to the device, Juniper Security Director Cloud discovers and adds the device or the device cluster to the cloud.

  1. Select SRX > Device Management > Devices.

    The Device page opens.

  2. Click Add Devices.

    The Add Devices page opens.

  3. Click Adopt SRX Devices.
  4. Select one of the following options:
    • Devices to add individual devices.
    • Clusters to add device clusters.
  5. Enter the number of devices or device clusters to add to Juniper Security Director Cloud in the Number of SRX devices to be adopted field, and click OK.

    You can add a maximum of 50 devices or device clusters at one time.

    A message confirming that the new device or device cluster is added is displayed. The Devices page opens with the newly added device or device cluster listed in the table.

    Note:

    At this point, Juniper Security Director Cloud has not yet completely added the device or device cluster, so the Connection Status displays Discovery Not Initiated.

  6. On the Devices page, in the Connection Status column for the new device, click one of the following options:
    • Adopt Device to add a device.

    • Adopt Cluster to add a device cluster.

    The Adopt Devices page opens with the commands that you need to commit to the device.

  7. Copy the commands and paste it to your device edit prompt, and press Enter to run the commands.

    If you are adding a device cluster, paste these commands to the CLI of the primary device of the cluster.

  8. Type Commit, and press Enter to commit the changes to the device.

    You can view the status of the process, by going to the Administration > Jobs page.

    When you commit the commands to the device, the device discovery process starts in Juniper Security Director Cloud. You can refresh the Devices page and see the status Discovery in progress in the Connection Status column.

When Juniper Security Director Cloud discovers and adds a device or a device cluster, the Connection Status changes to Up. If the process fails, the Connection Status changes to Discovery failed.

Hover your mouse cursor over the Discovery failed message to see the reason for the failure.

Add Devices Using Zero Touch Provisioning

Zero Touch Provisioning (ZTP) enables you to configure and provision devices automatically, which reduces the manual intervention required for adding devices to a network.

Devices Supported

Adding devices using ZTP is supported for Junos OS Release 18.4R3 on SRX300, SRX320, SRX340, SRX345, SRX550 HM SRX Series devices, Junos OS Release 20.2R1 on the SRX1500 SRX device, and Junos OS Release 20.1R1 on SRX380 devices.

Note:

To add other devices models, configure the basic device settings and connectivity, and add the device using Add Devices or Device Clusters Using Commands.

Power on the devices to add to Juniper Security Director Cloud.

  1. Select SRX >Device Management > Devices.

    The Devices page opens.

  2. Click Add Devices.

    The Add Devices page opens.

  3. To manually enter the device details, click Register SRX Devices for ZTP, and do the following:
    1. Enter the serial number of the device.
    2. Set a root password for the device.

      The password must contain at least six characters and can consist of alphanumeric and special characters without spaces.

    3. To add multiple devices, click + and enter the device details.
    4. To add multiple devices and use the same root password for all devices, select Use this password for all devices for Device 1.
    5. Click OK.
  4. To upload device information as a CSV file, click Register Devices for ZTP > Upload CSV File, and do the following:
    1. Click Download sample CSV file to download the sample CSV file.
    2. Open the CSV file and add the serial number and root password details of the devices that you want to add and save the changes.
    3. Browse for the CSV file and click OK.

    The CSV file must be in a specific format for the devices to be added. You use the sample CSV file to enter the device details in the correct format and upload the file.

The devices are added to Juniper Security Director Cloud. You can view the devices at Device Management > Devices.