Table of Contents
Advertisement
Creating Subdomains
Viewing Current Domain Detail
Example: Configuring Role-Based Administration
Copyright © 2010, Juniper Networks, Inc.
Server resources such as the GUI Server connection to a client and a port are freed.
In a central or a regional server setup, forced logout applies only to a server. The
administrator is not logged out form other servers.
To create a subdomain, in the Subdomains tab, add a new subdomain and click OK. The
new subdomain appears in the subdomain list.
NOTE: You cannot create VPNs between devices in different domains,
You can add unlimited subdomains in the global domain. However, you cannot create
subdomains within a subdomain. When you view the Manage Administrators and Domains
dialog box from within a subdomain, the Subdomains tab does not appear. To view a
subdomain in the main display area, select it from the list at the top of the navigation
tree.
NOTE: Objects and groups defined in the global domain are not visible in
subdomains.
The domain detail displays the subdomains, administrators, their roles, and authentication
server for the currently selected domain (subdomains appear only when you view the
global domain).
You can designate a default RADIUS authentication server for the global domain and for
each subdomain. The default authentication server is used:
To authenticate administrators when they log into the NSM system
To authenticate RAS users in VPNs
For step-by-step instructions on configuring a RADIUS authentication server to
authenticate administrators and users, see the Network and Security Manager Online Help
topic "Editing the Domain Contact."
In this example, you configure a domain structure for an Internet service provider (ISP)
with a co-location facility in New York that handles customers across four states. The
company uses a two-letter state postal code combined with the customer name. That
ISP's goal is to manage all devices and policies from the co-location facility and provide
read-only permission for customers to view log entries and generate reports. No VPNs
are used.
To configure this domain structure, use the following process:
Chapter 3: Configuring Role-Based Administration
91
Advertisement
Table of Contents
Need help?
Do you have a question about the NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 and is the answer not in the manual?
Questions and answers