Staying Grounded with Junos Space

By scottdware posted 10-28-2013 11:24


A little while ago, I wrote a blog about how we recently deployed a large amount of SRXs. I’m sure this is a common thing for a lot of businesses. The SRX is one of Juniper’s most robust and stable platforms, and it’s really one of the better firewalls in the industry. So, as you can probably imagine, the more you grow, the more that managing policies efficiently for every single SRX in your environment can seem like a pretty monumental task, especially when the policies might vary based on location, etc.


To keep all of this in check (and to contradict gravity), Juniper has created a wonderful single-pane-of-glass management platform that will keep you in the cosmos–Junos Space Security Director (cue the Star Trek music).


There have been a few great blog posts about Junos Space Security Director out there (see this example), and I’m here to share my experiences with the platform, and how it has helped us be a lot more efficient when it comes to our ever-changing security policies.


In our company, we have a lot of remote/satellite locations. Most of the security policies tend to be the same at every location, with a few “one-offs.” With Junos Space Security Director, keeping all of these policies in sync with one another is very easy, thanks to one of my favorite features: Variable objects! Variable objects let you assign many devices/addresses to them, and when building your policy, you just reference that variable object, instead of one-by-one assignment of an address object to every SRX. Pretty cool, huh?


The ability to make changes in a sort of “fire-and-forget” way is very nice. No more micro-managing jobs to make sure everything pushed out ok. Or waiting until one job ran before you could then move on to another one. When we make changes that affect every location, it literally is a couple of clicks…publish and submit…BOOM! On to the next task!


BB.jpgI’ve used a lot of management platforms/tools before, but nothing I have seen compares to the maturity and stability of Junos Space Security Director. And the thing is…Space is only a couple of years old! It’s the real-life, tech version of Benjamin Button…"The Real Life Case of Junos Space" – kind of catchy, don’t you think?


With Junos Space Network Director, which lets you manage every piece of your EX, QFX, and Wireless infrastructure, all the way to Junos Space Security Director, which will allow you to spend less time managing your security policies, VPNs, NATs, etc., you’ll get back more time for reading awesome articles like this one here on Juniper’s website!


If you haven’t seen Junos Space yet, I highly suggest you take a good look at it. I guarantee that you won’t be disappointed. There’s a lot to it, way more to cover than in a short fan boy rant, so I recommend that you check out the excellent documentation, and feel free to contact me with any questions (@scottdware on Twitter)!