Table of Contents
Advertisement
Network and Security Manager Administration Guide
Merging Policies
Using a Naming Convention
56
You can create new policies for all your managed devices from the central NSM UI and
deploy them with a single click. Alternatively, NSM can import all existing policies from
your device. You can import all security and access policies from your devices, and import
all VPN tunnels (route-based and policy-based) from your devices.
Each time you import a policy from a managed device, that policy appears in NSM as a
separate, individual policy in the Security Policies list. To simplify policy management
and maintenance, you can merge two policies into a single policy. For details on merging
policies, see "Configuring Security Policies" on page 425.
A naming convention is a method for assigning names to your network devices (firewalls,
servers, workstations, and so on) that enables you to quickly identify where the device
is and what its purpose is.
If your network is small, you might choose a simple naming convention, such as planet
names, car models, or mountain names. When using this type of informal method to
name your network components, be sure to choose a theme that is easily understood
by your users and administrators, and that still has room to grow. For example, you might
use the naming convention. <city><name>, with a naming theme of Greek mythology
figures; some sample device names might be la_ns5gt_Athena, sf_ns5XT_Zeus, or
oak_ns204_Hermes.
If your network is larger, however, you need a more formal naming schema that is more
descriptive of the network component's location and purpose. Having a logical and
standardized naming convention can help you quickly identify the appropriate
administrator for the component, as well as quickly identify the component location
without having to review subnet tables.
A typical naming convention for large, distributed networks consists of a standardized
location identification code, followed by the department code, a description of function,
and a numerical sequence.
Example: Using a Naming Convention for Devices
You use the naming convention: nation_state_platform_name for your security devices.
Your devices use names similar to the following:
us_ca_ns5gt_01
us_co_ns204_05
us_tx_ns5200_10
Example: Using a Naming Convention for Address Objects
For address objects that represent networks or hosts, use the following naming convention.
state_function_service_00:
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
