Page 2
Products made or sold by Juniper Networks or components thereof might be covered by one or more of the following patents that are owned by or licensed to Juniper Networks: U.S. Patent Nos. 5,473,599, 5,905,725, 5,909,440, 6,192,051, 6,333,650, 6,359,479, 6,406,312, 6,429,706, 6,459,579, 6,493,347, 6,538,518, 6,538,899, 6,552,918, 6,567,902, 6,578,186, and 6,590,785.
Page 3
REGARDING LICENSE TERMS. 1. The Parties. The parties to this Agreement are (i) Juniper Networks, Inc. (if the Customer’s principal office is located in the Americas) or Juniper Networks (Cayman) Limited (if the Customer’s principal office is located outside the Americas) (such applicable entity being referred to herein as “Juniper”), and (ii) the person or organization that originally purchased from Juniper or an authorized Juniper reseller the applicable...
Page 5
(including Juniper modifications, as appropriate) available upon request for a period of up to three years from the date of distribution. Such request can be made in writing to Juniper Networks, Inc., 1194 N. Mathilda Ave., Sunnyvale, CA http://www.gnu.org/licenses/gpl.html...
Objectives Network and Security Manager (NSM) is a software application that centralizes control and management of your Juniper Networks devices. With NSM, Juniper Networks delivers integrated, policy-based security and network management for all security devices. Unified Access Control (UAC) solution is an IP-based enterprise infrastructure that...
7 days a week, 365 days a year. Self-Help Online Tools and Resources For quick and easy problem resolution, Juniper Networks has designed an online self-service portal called the Customer Support Center (CSC) that provides you with the following features: Find CSC offerings: http://www.juniper.net/customers/support/...
The Infranet Controller and the NSM application communicate through the Device Management Interface (DMI). DMI is a collection of schema-driven protocols that run on a common transport (that is, TCP). DMI is designed to work with Juniper Networks platforms to make device management consistent across all administrative realms.
Page 22
To allow NSM to manage the Infranet Controller using the DMI protocol, NSM must import the schema and metadata files from the Juniper Networks Schema Repository, a publicly accessible resource that is updated with each device release. In addition to downloading the Infranet Controller’s current schema, NSM may also download upgraded software.
Configure an SSL connection between the Infranet Controller appliance and your Infranet Enforcer appliances and/or 802.1X switches. See the Juniper Networks Unified Access Control Quick Start Guide or Part 1, “Getting Started,” of the Juniper Networks Unified Access Control Administration Guide.
NSM Installation Overview NSM is a software application that enables you to integrate and centralize management of your Juniper Networks environment. You need to install two main software components to run NSM: the NSM management system and the NSM user interface (UI).
DMI agent role or realms. For complete details on installing and configuring Infranet Controller devices, see the Juniper Networks Unified Access Control Administration Guide. Adding the Infranet Controller Device Through NSM To add the Infranet Controller device through the NSM UI: From the left pane of the NSM UI, click Configure.
Controllers are deployed on your network but also on the device family. Juniper Networks provides CSV templates in Microsoft Excel format for each type of CSV file. These templates are located in the utils subdirectory where you have stored the program files for the UI client.
Before you can add a cluster member in NSM, the device administrator must have already created the cluster and added, configured, and enabled the physical cluster member. See the Juniper Networks Unified Access Control Administration Guide for details on creating and configuring clusters.
To reuse an existing expression, select the expression and click the Insert Expression button. NOTE: Refer to the Juniper Networks Unified Access Control Administration Guide for more information on variables and writing custom expressions. Enter a name for the custom expression.
To configure the Infranet Controller to automatically import the current virus signature version monitoring and patch management version from the Juniper Networks staging site: In the NSM navigation tree, select Device Manager > Devices.
Page 177
Download Path Specifies the URL of the The default url of the Juniper Networks staging sites. staging site is displayed. Download Interval Specifies how often you Select the interval.
Page 178
Select this option to automatically Management data is automatically updated. update the patch management data. Download Path Specifies the URL of the The default url of the Juniper Networks staging sites. staging site is displayed. Download Interval Specifies how often you Select the interval.
You can configure the Infranet Controller to automatically install Host Checker on client computers only for agentless access deployments. NOTE: To install Host Checker, users must have appropriate privileges, as described in the Client-Side Changes Guide on the Juniper Networks Support site. To automatically install Host Checker on client computers: In the NSM navigation tree, select Device Manager >...
Page 207
Monitoring about critical software patches and updates. notifications of critical To do this, it reports to Juniper Networks the software patches and updates. following data: your company name, an MD5 hash of your license settings, and information describing the current software version.
You can specify system settings that the Infranet Controller uses to establish a connection to a Juniper Networks Intrusion Detection and Prevention (IDP) device. The sensor settings allow you to perform a number of tasks related to configuring and managing interaction between the Infranet Controller and an IDP device.
Page 217
Juniper IDP variable to display its description and example usage. Click the Juniper IDP variable example displayed to insert it in the Expression area. NOTE: Refer to the Juniper Networks Unified Access Control Administration Guide for more information on variables and writing custom expressions.
The Infranet Controller supports Simple Network Management Protocol version 2 (SNMPv2), implements a private MIB, and defines its own traps. To enable your network management station to process these traps, you need to download the Juniper Networks MIB file and specify the appropriate information to receive the traps.