Table of Contents
Advertisement
Best Practices
Maintaining the NSM GUI Server
Creating a Self-Signed TLS Certificate Between the NSM Client and the NSM Server
Copyright © 2010, Juniper Networks, Inc.
<nsm:path>/ive-sa:configuration/system/network
/network-connect/network-ip-filter</nsm:path>
<nsm:path>/ive-sa:configuration/system/clustering/properties/
configuration-settings/collection-of-network-settings</nsm:path>
<nsm:path>/ive-sa:configuration/users/resource-policies/network-connect-policies/
network-connect-node-specific-configuration</nsm:path>
<nsm:path>/ive-sa:configuration/authentication/auth-servers/collection-of-auth-server/
union-of-ace/active-directory-winnt/
settings/advanced/computer-names/ive-name</nsm:path>
Node-Local (NL) Configuration:
/ive-sa:configuration/system/configuration/dmi-agent/enabled
/ive-sa:configuration/system/configuration/dmi-agent/deviceid
/ive-sa:configuration/system/configuration/dmi-agent/hmac-key
/ive-sa:configuration/system/maintenance/push-config/acceptpush
This section contains information about recommended practices when using NSM.
For optimal NSM server performance, follow these maintenance procedures every few
months.
On the NSM GUI client:
Delete old entries from the Job Manager in each domain.
Purge old database versions using
If the size of the NSM database in
considerably despite the recommended practices, you can manually remove all domain
versions using the procedure documented in KB11731. For details, see
http://kb.juniper.net/KB11731
A self-signed certificate is a certificate that has not been signed by a third party, such as,
a well-known Certificate Authority (CA).
To create a self-signed certificate between an NSM server and an NSM client:
Download the file
CreateCerts.zip
1.
http://kb.juniper.net/library/CUSTOMERSERVICE/GLOBAL_JTAC/BK14949/C
reateCerts.zip
Copy the file to the NSM server and unzip it.
2.
#unzip createCerts.zip
Tool > Database Versions
/usr/netscreen/GuiSvr/var/xdb
.
from
Best Practices
.
continues to increase
9
Advertisement
Table of Contents
