Security Integration; Device Configuration; Network Organization; Role-Based Administration - Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1 Administration Manual

Network and Security Manager Administration Guide

Security Integration

4
Error Prevention, Recovery, and Auditing on page 7
Complete System Management on page 8
True security integration occurs when you can control every device on your network and
see every security event in real time from one location. In NSM, this location is the NSM
UI, a graphical user interface that contains a virtual representation of every device on
your network. You use this console to view your network, the devices running on it, the
policies controlling access to it, and the traffic that is flowing through it.

Device Configuration

You can create and manage device configurations for devices or systems in your network.
NSM provides support for device configuration commands, so you can retain complete
control over your devices when using system-level management features like VPNs.

Network Organization

Use domains to segment your network functionally or geographically to define specific
network areas that multiple administrators can manage easily.
A domain logically groups devices, their policies, and their access privileges. Use a single
domain for small networks with a few security administrators, or use multiple domains
for enterprise networks to separate large, geographically distant or functionally distinct
systems, or to control administrative access to individual systems.
With multiple domains, you can create objects, policies, and templates in the global
domain, and then create subdomains that automatically inherit these definitions from
the global domain.

Role-Based Administration

Control access to management with NSM. Define strategic roles for your administrators,
delegate management tasks, and enhance existing permission structures by enabling
permissions for particular tasks.
Use NSM to create a security environment that reflects your current offline administrator
roles and responsibilities. You can configure multiple administrators for multiple domains.
By specifying the exact tasks your NSM administrators can perform within a domain, you
minimize the chance of errors and security violations, and enable a clear audit trail for
every management event.
Initially, when you log in to NSM as the super administrator, you have full access to all
functionality within the global domain. From the global domain, you can add NSM
administrators, configure their roles, and specify the subdomains to which they have
access:
Activities and Roles—An activity is a predefined task performed in the NSM system. A
role is a collection of activities that defines an administrative function. Use activities
to create custom roles for your NSM administrators.
Copyright © 2010, Juniper Networks, Inc.