Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1 Administration Manual page 80

Network and Security Manager Administration Guide
30
as ticket number, vendor contact, and so on, for each rule in the rulebase. NSM provides
a shared object to store these custom details while the table contains a column that
corresponds to these custom details.
AV objects—Represent the AV servers, software, and profiles available to devices
managed by NSM.
ICAP objects—Represents the Internet Content Adaptation Protocol (ICAP) servers
and server groups used in ICAP AV objects.
GTP objects—Represent GTP client connections.
Authentication Servers—Represent external authentication servers, such as RADIUS
and SecurID servers. You can use an authentication server object to authenticate NSM
administrators (RADIUS only), XAuth users, IKE RAS users, and L2TP users.
Certificate Authority objects—Represent the certificate authority's certificate.
CRL objects—Represent the certificate authority's certificate revocation list.
Group Expressions—These logical expressions include OR, AND, and NOT statements
that set conditions for authentication requirements.
IP Pools—Represent a range of IP addresses. You use IP pools when you configure a
DHCP Server for your managed devices.
NAT objects—Represent MIPs, VIPs, and DIPs.
Remote Settings—Represent DNS and WINS servers. You use a remote settings object
when configuring XAuth or L2TP authentication in a VPN.
Routing instance objects— A routing instance is a collection of routing tables, interfaces
contained in these routing tables, and routing option configurations. A routing instance
object configured in Object Manager can be included in the RADIUS server and LDAP
server configurations within the access profile object. A routing instance object is a
polymorphic object (similar to zone objects) that maintains the mapping between the
actual routing instance and the device in which it is created.
Regional Servers—Represent NSM servers managed by a Central Manager.
Zone objects—Represent zones in a Central Manager or Regional Server.
Schedule objects—Represent specific dates and times. You can use schedule objects
in firewall rules to specify a time or time period that the rule is in effect.
Web filtering objects (Web Profiles)—Define the URLs, the Web categories, and the
action you want a security device to take against matching traffic.
Service objects—Represent services running on your network, such as FTP, HTTP, and
Telnet. NSM contains a database of service objects for well-known services; you can
also create new service objects to represent the custom services you run on your
network.
User objects—Represent the remote users that access the network protected by the
security device. To provide remote users with access, create a user object for each
user, and then create a VPN that includes those user objects.
VLAN objects—Limit rule matching to packets within a particular VLAN.
Copyright © 2010, Juniper Networks, Inc.