Table of Contents
Advertisement
Network and Security Manager Administration Guide
Verifying Device Configuration
Managing the Device
Before You Begin Adding Devices
100
name and version, IP address, and device administrator name, and then uses that
information to detect the device. You can then choose to modify the displayed name of
the device and assign a color to the device. If the host name is not unique within NSM or
is undetected, the Add Device wizard generates a validation error, forcing you to add a
valid device name in order to proceed with adding the physical device to the Device
Server.
After the physical device connects, it is considered to be a managed device, meaning it
is now under the control of NSM.
For managed devices that use imported device configurations, you should verify that all
device information was imported correctly. To identify any discrepancies, you can generate
a summary of the differences between the physical device configuration and the NSM
device configuration. This summary is known as a Delta Config summary. It is also a good
idea to check your imported security policies, objects, and VPNs to become familiar with
how the NSM UI displays them. The Delta Config summary is available for all devices
supported by NSM except IDP devices.
For managed devices that use modeled device configurations, you should verify that all
device information was pushed to the physical device correctly. To identify discrepancies,
generate a summary of the device configuration running on the physical device. This
summary is known as a Get Running Config summary.
After adding a device, you can manage its configuration, objects, and security policies in
the UI. You can also view traffic log entries for your device in the Log Viewer, view
administrative log entries in the Audit Log Viewer, and monitor the status of your devices
in the Realtime Monitor.
You can also delete devices from NSM, and reimport them if necessary. Deleting a device
removes all device configuration information from the management system, but might
be the best solution if you need to perform extensive troubleshooting or reconfigure the
device locally. After you have made the necessary changes locally, you can then reimport
that device into NSM. However, during reimport, NSM imports all device configuration
data—not just the data that was changed; any changes that exist in the modeled
configuration are lost during reimport. Additionally, after reimporting a device
configuration, you must reassign the imported policy to the device.
If you delete a device that was added using Rapid Deployment (see "Using Rapid
Deployment (ScreenOS Only)" on page 139), you must also re-create the configlet and
install it again on the device.
Before adding a device to NSM, decide the following:
Will you import or model the device?
Will the device reside in the global domain or a subdomain?
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
