Table of Contents
Advertisement
Modeling New Devices
Copyright © 2010, Juniper Networks, Inc.
Correct any validation errors, if found, and check for duplicate objects (such as address
3.
objects, custom service objects). Be sure to consolidate any duplicate objects before
importing another device.
You can also delete devices from NSM, and reimport them if necessary. Deleting a device
removes all device configuration information from the management system, but might
be the best solution if you need to perform extensive troubleshooting or reconfigure the
device locally. After you have made the necessary changes locally, you can then reimport
that device into the NSM system.
For details on adding devices, see "Adding Devices" on page 97.
For new networks or networks that do not use a previously deployed Juniper Networks
device, you should review your network topology thoroughly and design a security system
that works for your organization.
When creating a new security network using NSM:
Create the domain structure that best suits your network topology and access
1.
requirements.
Create NSM administrators and set their permission level by creating and assigning
2.
roles. See "Configuring Role-Based Administration" on page 61 for details.
Add your devices and model their device configurations in NSM.
3.
Use templates to configure multiple devices. Templates help you reuse common
information to quickly create configurations for similar devices.
For ScreenOS 5.x and later devices, you can use Rapid Deployment (RD) to deploy
multiple devices in nontechnical locations. Use RD to stage and configure devices
quickly, and then simultaneously update all devices with policies to control traffic
as desired in multiple locations.
NOTE: Secure Access and Infranet Controller devices must be imported
into NSM.
Create the objects used in your security policies. These objects might include:
4.
NAT objects for policy-based network address translation
Address objects for your network components
Service objects for your custom network services (NSM includes an object database
of common transport and application-level services)
AV objects for detecting viruses in your network traffic
GTP objects for inspecting GTP packets
For details about creating objects, see "Configuring Objects" on page 321.
Chapter 2: Planning Your Virtual Network
43
Advertisement
Table of Contents
