Table of Contents
Advertisement
Network and Security Manager Administration Guide
Editing a Device Configuration
44
Create security policies.
5.
NSM integrates policy management, linking multiple devices to one security policy
that defines the type of traffic permitted on the network and how that traffic is treated
inside the network.
NOTE: You can use the NSM Policy Manager to centralize policy
management for certain devices. Devices that support central policy
management include ScreenOS and IDP devices and any J Series routers
or SRX Series gateways configured for central policy management.
Add a policy, and then create firewall rules that specify source, destination, service,
and action. You can also create multicast rules to handle multicast control traffic.
Verify each policy using the Policy Validation tool.
For details of configuring policies, see "Configuring Security Policies" on page 435.
Update devices after they are deployed. This action pushes the modeled configuration
6.
to the deployed device.
Resolve any validation issues with the device configuration.
View a summary of the device configuration to ensure that all device parameters
are correct.
Check progress in Job Manager.
For details about pushing a configuration to a device, see "Updating Devices" on
page 243.
Create VPN rules.
7.
Create Protected Resources.
Create user objects and User Groups for RAS VPNs.
Use VPN Manager to select VPN members, and then automatically generate the
rules for each member.
For details about configuring VPNs, see "Configuring VPNs" on page 551
For details on adding devices, see "Adding Devices" on page 97. For details on configuring
devices, see "Configuring Devices" on page 187.
After importing or modeling a device configuration in NSM, you can edit that configuration
in NSM. For configuration changes to become effective, however, you must update the
device by pushing the edited configuration to it. For details about pushing a configuration
to a device, see "Updating Devices" on page 243.
Conversely, the device configuration can be edited by the device administrator using the
device's native GUI or CLI. To synchronize the device object configuration in NSM with
the actual device, you must then reimport the device.
Copyright © 2010, Juniper Networks, Inc.
Advertisement
Table of Contents
