Security Management

Hi Experts, I have just integrated the JUNOS Space with SRX. However, post which i am able to do the changes of firewall policies and nat polices. However, whenever, i am changing address-book entries from "shared objects" tab, i am not getting the from where i can publish and update the changes done in "shared objects ----> Addresses".. After doing the changes in space, the device managed status seem to have changed from "managed In Sync" to "SD changed". I wanted to address both of the issues.

Hi Milind,

 

If I am not wrong, you made some changes to address objects which you wants to push to device.

 

Workflow to manage firewall and NAT policy: 

Add device to Space

Import firewall and NAT policy: https://www.juniper.net/documentation/en_US/junos-space17.2/topics/task/operational/junos-space-device-config-security-director-importing.html

Publish and Update Policy from SD > Firewall Policies

Now device status will be in-sync.

 

If you make any changes to FW  or NAT policy then device status will change to "SD Changed",  Check the SD > Firewall Policies or NAT policy if it is showing "Re-publishing required" if so, please re-publish.

 

To view the SD changed configuration: SD > Devices > Right click the device > Preview Configuration.

Once you verified above configuration, You can update the device.

 

About your query of  "shared objects ----> Addresses", When you create or modify any address, you will have to refer it in device policy else it will not be update to device.

(SD cannot Update/Push unused objects)

 

I hope you query has been answered.

 

-PL