SRC-PE 2.0.x Getting Started Guide
-
About This Guide
- Objectives
- Audience
- Documentation Conventions
- Related Juniper Networks Documentation
- Obtaining Documentation
- Documentation Feedback
- Requesting Support
-
SRC Product Overview
- SRC Product Description
- SRC Product Features and Benefits
-
SRC Components
- SRC Component Overview
- SRC Server Components
- Service Activation Engine
- Policy and Service Management
- Accounting Support
- SAE Extensions
- Juniper Policy Server
- Network Information Collector
- Redirect Server
- SRC Repository for Data
- Juniper Networks Database as a Data Repository on C-series Controllers
- Directory as Repository for SRC Data
- LDAP Version 3
- Prepackaged Integration
- Third-Party Directory Servers
- SRC Configuration and Management Tools
- SRC CLI
- C-Web Interface
- Local Configuration Tools
- Policy Editor and Management
- SDX Admin
- SDX SNMP Agent
- SRC Service Management Applications
- SRC SOAP Gateway
- Deep Packet Inspection Integration Application
- Benefits of the DPI Integration
- Enterprise Audit Plug-In
- Enterprise Manager Portal
- Sample Enterprise Service Portal
- Threat Mitigation Portal
- SRC Programming Interfaces
- NETCONF API
- CORBA Plug-In SPI
- CORBA Remote API
- NIC Access API
- SAE Core API
- Script Services
- SRC Authentication and Accounting Applications
- AAA RADIUS Servers
- SRC Admission Control Plug-In
- Flat-File Accounting
- SRC Volume Tracking Application
- Managing Subscriber Accounts with Web Portals
- SRC Demonstration Applications
- IDP Integration Applications
- IPTV Application
- IVE Host Checker Integration Application
- Monitoring Agent Application
- Prepaid Account Administration Application
- Prepaid Service Application
- Residential Service Selection Portals
- Traffic Mirroring Administration Application
- Traffic-Mirroring Application
- SRC Auxiliary Applications
- Application Server
- IP FIlter
- Other Applications
-
Planning a Deployment of C-series Controllers
- Components in an SRC Deployment
- Considerations When Planning a Deployment of C-series Controllers
- Deployment Scenario
-
Configuring a C-series Controller
- Before You Begin Configuring the SRC Software on a C-series Controller
- Related Topics
- Configuring the SRC Software
- Configuring SRC Components
-
Accessing and Starting the SRC CLI
- Overview of Configuration for the SRC CLI
- Related Topics
- Changing the Directory Access Configuration for the SRC CLI
- Configuration Statements for CLI Directory Access
- Changing Directory Access Properties
- Verifying the Configuration for Directory Access
- Starting the SRC CLI
- Starting the CLI on a C-series Controller
- Starting the CLI on a Solaris Platform
- Accessing the Policies, Services, and Subscribers SRC CLI
- Configuring Access to the Policies, Services, and Subscribers CLI
- Starting the Policies, Services, and Subscribers CLI
-
Accessing and Using the C-Web Interface
- C-Web Overview
- Navigating the C-Web Interface
- Layout of the C-Web Interface
- Elements of the C-Web Interface
- Top Pane Elements
- Main Pane Elements
- Side Pane Elements
- Starting the C-Web Interface
- Accessing Policies, Services, and Subscribers with the C-Web Interface
- Configuring Access to Policies, Services, and Subscribers with the C-Web Interface
- Starting Policies, Services, and Subscribers
- Getting Help in the C-Web Interface
- Enabling Help
- Disabling Help
- Changing a Username or Password for the C-Web Interface
- Enabling Remote Users to Access the C-Web Interface
- Accessing the C-Web Interface Through Secure HTTP
- Accessing the C-Web Interface Through HTTP
- Configuration Statements for Accessing the C-Web Interface Through Secure HTTP
- Configuration Statements for Accessing the C-Web Interface Through HTTP
- Modifying the Editing Level in the C-Web Interface
- Displaying Icons for Objects in the C-Web Interface
- Enabling Icons for Objects
- Disabling Icons for Objects
- Editing SRC Configurations with the C-Web Interface
- Loading Configuration Values in the C-Web Interface
- Committing a Configuration
- Reverting to a Previous Configuration
- Updating the Configuration Data
- Modifying Objects in the C-Web Interface
- Renaming an Object
- Moving an Object
- Deleting an Object
- Configuring Logging Properties in the C-Web Interface
- Configuring File Properties
- Configuring Syslog Properties
- Configuration Statements for Logging for the C-Web Interface
- Logging Out of the C-Web Interface
-
Configuring Remote Access to a C-series Controller with the SRC CLI
- Configuring External Interfaces on a C-series Controller
- Configuring Gigabit Ethernet Interfaces for IPv4 with the SRC CLI
- Configuring Gigabit Ethernet Interfaces for IPv6 with the SRC CLI
- Configuring Tunnel Interfaces with the SRC CLI
- Configuring a Static Route to Devices on Other Networks with the SRC CLI
- Securing Connections Between a C-series Controller and Remote Hosts
- Configuring a C-series Controller to Accept SSH Connections with the SRC CLI
- Configuring a C-series Controller to Accept Telnet Connections with the SRC CLI
- Configuring a C-series Controller to Accept NETCONF Connections with the SRC CLI
-
Overview of SRC Licenses
- Types of SRC Licenses
- Obtaining an SRC License
- Pilot License
- Server License
-
Overview of the SRC License Server
- Overview of the SRC License Server
- Server License
- License Server Errors
- License Requests
- Example: License Allocation
- Example: License Release Example
- Lease Renewal
- Directory Location and Access
- Unsuccessful Connections from the SAE to the SRC License Server
- SRC License Server Redundancy
-
Installing Licenses for C-series Controllers
- Installing a Pilot License from the SRC CLI
- Related Topics
- Installing Server Licenses for C-series Controllers
- Related Topics
- Configuring License Manager for an SAE on a C-series Controller
-
Setting Up the SRC License Server
- Configuring Initial Settings for the SRC License Server on Solaris Platforms
- Related Topics
- Directory Fields for License Server
- Miscellaneous Fields for License Server
- Starting the SRC License Server on Solaris Platforms
- Monitoring the SRC License Server on Solaris Platforms
- Stopping the SRC License Server on Solaris Platforms
-
Installing Licenses for SRC Software on Solaris Platforms
- Before You Install an SRC License on a Solaris Platform
- Installing an SRC Pilot License on a Solaris Platform
- Installing a Pilot License by Using the instlic Command
- Installing a Pilot License by Using SDX Admin
- Installing an SRC Server License on a Solaris Platform
- Verifying a License
- Command Options for the SRC instlic and licchk Commands
-
Managing the SRC License Server on Solaris Platforms
- Managing Log Files for the SRC License Server on Solaris Platforms
- Related Topics
- Troubleshooting SRC License Server Problems on Solaris Platforms
-
Configuring System Time on C-Series Controllers with the SRC CLI
- Setting the Time Zone with the SRC CLI
- Related Topics
- Setting the System Date with the SRC CLI
- Related Topics
-
Configuring NTP for C-Series Controllers
- NTP Support on C-series Controllers
- Related Topics
- Configuring NTP on a C-series Controller
- Related Topics
-
Configuring NTP on C-Series Controllers with the SRC CLI
- Configuration Statements for NTP on C-series Controllers
- Related Topics
- Specifying Which NTP Server a C-series Controller Contacts on Startup
- Related Topics
- Configuring NTP Client Mode for a C-series Controller with the SRC CLI
- Related Topics
- Configuring an NTP Peer on a C-series Controller with the SRC CLI
- Related Topics
- Configuring NTP Broadcast Mode on a C-series Controller with the SRC CLI
- Related Topics
- Configuring NTP Authentication on a C-series Controller with the SRC CLI
- Related Topics
- Configuring NTP as a Broadcast Client on a C-series Controller with the SRC CLI
- Related Topics
- Configuring NTP as a Multicast Client on a C-series Controller with the SRC CLI
- Related Topics
- Verifying NTP Configuration on a C-series Controller
- Related Topics
-
Configuring System Logging for a C-series Controller with the SRC CLI
- Overview of the C-series Controller Log Server
- Message Groups
- Severity Levels
- Before You Configure System Logging with the SRC CLI
- Configuration Statements for System Logging on a C-series Controller
- Saving System Log Messages to a File with the SRC CLI
- Sending System Log Messages to Other Servers with the SRC CLI
- Sending Notifications for System Log Messages to Users with the SRC CLI
-
Configuring Static Host Mapping with the SRC CLI
- Overview of Static Host Mapping
- Configuring Static Host Mapping with the SRC CLI
-
Overview of the Juniper Networks Database
- Overview of the Juniper Networks Database
- Redundancy for a Juniper Networks Database
- Security for a Juniper Networks Database
- Related Topics
-
Managing the Juniper Networks Database with the SRC CLI
- Configuration Statements for the Juniper Networks Database with the SRC CLI
- Related Topics
- Enabling the Juniper Networks Database to Run in Standalone Mode with the SRC CLI
- Related Topics
- Enabling the Juniper Networks Database to Run in Community Mode with the SRC CLI
- Related Topics
- Securing the Juniper Networks Database with the SRC CLI
- Related Topics
- Changing the Mode of a Juniper Networks Database with the SRC CLI
- Related Topics
- Adding a Juniper Networks Database to an Established Community with the SRC CLI
- Related Topics
- Promoting a Secondary Database to a Primary Role in a Configuration with One Primary Database with the SRC CLI
- Related Topics
- Updating Data on a Juniper Networks Database with the SRC CLI
- Related Topics
- Synchronizing Data on a Juniper Networks Database with the SRC CLI
- Related Topics
- Loading Sample Data in to a Juniper Networks Database with the SRC CLI
- Related Topics
- Securing Communications Between the Juniper Networks Database and SRC Components with the SRC CLI
- Related Topics
- Verifying Configuration for a Juniper Networks Database with the SRC CLI
- Related Topics
- Getting Information About Operations in a Juniper Networks Database with the SRC CLI
- Related Topics
- Example: Configuration for a Database Community
- Requirements
- Software
- Hardware
- Overview and Sample Topology
- Configuration
- Configuring C1
- Configuring C2
- Configuring C3
- Related Topics
- Troubleshooting Data Synchronization for Juniper Networks Databases with the SRC CLI
- Related Topics
- Recovering Data in a Community with One Primary Database and One Secondary Database with the SRC CLI
- Related Topics
-
Setting Up an SAE with the SRC CLI
- Initially Configuring the SAE
- Creating Grouped Configurations for the SAE with the SRC CLI
- Configuring an SAE Group
- Configuring Local Properties for the SAE with the SRC CLI
- Configuring the RADIUS Local IP Address and NAS ID with the SRC CLI
- Starting and Stopping the SAE with the SRC CLI
-
Managing System Software on a C-series Controller
- Overview of Software Management on a C-series Controller
- Before You Upgrade the Software on a C-series Controller
- Creating a Snapshot of Files on a C-series Controller
- Upgrading the System Software on a C-series Controller
- Upgrading SRC Software for a Component
- Installing SRC Software for a Component
- Removing an Installed Component
- Restoring the Files in a Snapshot
-
Using the Embedded Web Server for Testing on a C-series Controller
- Overview of Java Web Server on C-series Controllers
- Deploying a Web Application in the Web Server
- Starting the Web Server on a C-series Controller
- Restarting the Web Server on a C-series Controller
- Stopping the Web Server on a C-series Controller
-
Configuring User Access with the SRC CLI
- Overview of SRC User Accounts
- Login Classes for User Accounts with the SRC CLI
- Access Privilege Level
- Predefined Login Classes
- Access to Individual Commands and Configuration Statements with the SRC CLI
- Regular Expressions for Allow and Deny Statements
- Guidelines for Using Regular Expressions
- Timeout Value for Idle Login Sessions
- Configuring Login Classes with the SRC CLI
- Configuration Statements for Login Classes
- Configuring a Login Class
- Examples: Configuring Access Privileges for Operational Mode Commands
- Examples: Defining Access Privileges for Configuration Mode Commands
- Configuring User Accounts with the SRC CLI
- Configuration Statements for User Accounts
- Configuring a User Account
- Configuring Authentication for User Accounts
- Configuring a Plain Text Password
- Configuring SSH Authentication
- Changing the root Password
- Example: User Accounts
- Configuring a System Login Announcement with the SRC CLI
-
Authenticating Users on a C-series Controller with the SRC CLI
- Configuring RADIUS and TACACS+ Authentication on a C-series Controller
- Configuring RADIUS Authentication with the SRC CLI
- Configuring TACACS+ Authentication with the SRC CLI
- Configuring More Than One Authentication Method with the SRC CLI
- Configuring Authentication Order
- Configuring TACACS+ or RADIUS Authentication
- Configuring TACACS+ and RADIUS Authentication
- Removing an Authentication Method from the Authentication Order
- Configuring Template Accounts for RADIUS and TACACS+ Authentication with the SRC CLI
- Using Named Template Accounts
- Using Remote Template Accounts
- Configuring a Local User Template
- Example: Configuring System Authentication
-
Managing Security Digital Certificates
- Overview of Digital Certificates
- Before You Use Digital Certificates
- Commands to Manage Digital Certificates
- Manually Obtaining Digital Certificates
- Obtaining Digital Certificates through SCEP
- Removing a Certificate Request
- Removing a Certificate
-
Connecting to Remote Hosts from the SRC Software
- Connecting to a Remote Host Through SSH
- Connecting to a Remote Host Through Telnet
-
Configuring and Starting the SNMP Agent with the SRC CLI
- Configuration Statements for the SDX SNMP Agent
- Configuring the SDX SNMP Agent
- Configuring General Properties for the SDX SNMP Agent
- Configuring Initial Properties for the SDX SNMP Agent
- Configuring Directory Connection Properties for the SDX SNMP Agent
- Configuring Directory Monitoring Properties for the SDX SNMP Agent
- Configuring Logging Destinations for the SDX SNMP Agent
- Configuring JRE Properties
- Configuration Statements for the SNMP Agent
- Configuring the SNMP Agent
- Configuring System Information for the SNMP Agent
- Configuring Access Control for SNMPv3 Users
- Configuring Authentication
- Configuring Encryption
- Configuring Access Control for Communities
- Configuring Access Control for the VACM
- Associating Security Names with a Community
- Defining Named Views
- Defining Access Privileges for an SNMP Group
- Assigning Security Names to Groups
- Configuring Notification Targets
- Operating the SNMP Agent
- Starting the SDX SNMP Agent
- Stopping the SDX SNMP Agent
- Monitoring the SDX SNMP Agent
-
Distributing Directory Changes to SRC Components
- Overview of the Directory Eventing System
- Managing Directory Communication
-
Configuring Local Properties with the SRC CLI
- Local Properties for SRC Components
- Configuration Statements for Local Configuration
- Configuring Basic Local Properties
- Changing the Location of Data in the Directory
- Configuring Directory Connection Properties
- Configuring Initial Directory Eventing Properties for SRC Components
- Verifying the Local Configuration for a Component
-
Planning an SRC Installation on a Solaris Platform
- SRC Installation Options and Configurations for Solaris Platforms
- SRC Component Distribution Scenarios on Solaris Platforms
- Distributed SRC Installation on Solaris Platforms
- Master Directory and Directory Shadows
- Scalability
- Reliability
- Simplified Management and Security
- Regionalized Installation
- Consolidated SRC Installation on Solaris Platforms
- Redundancy Schemes
- RADIUS
- NIC Hosts
- COPS Connection
- Adding or Replacing Hardware
- Single-Host SRC Installation for Demonstration
-
Before You Install the SRC Software on a Solaris Platform
- Requirements to Install the SRC Software
- Required User Privileges to Install the SRC Software
- SRC Software Distribution
- System Requirements for Installing the SRC Software
- Verifying System Resources with the SRC CLI
- Network Requirements for the SRC Software
- SNMP Master Agent Requirements
- Data Repository
- RADIUS Choices
- X-Window Server Software Recommendations
- Installing Solaris Patches for the UNIX Host
- Related Topics
-
Installing the SRC Software on a Solaris Platform
- Information About Installing IP Filter, Python Libraries, and the SNMP Agent
- IP Filter
- Python Libraries
- SNMP Agent
- Overview of Steps to Install the SRC Software
- Logging the Installation Session
- Installation Feature Sets, Components, and Packages
- Installation Choices
- Installing the SRC Software on a Solaris Platform in Silent Mode
- Installing the SRC Software on a Solaris Platform in Graphical Mode
- Overview of Installing SRC Components as Solaris Packages
- Solaris IP Filter Software Installation Notes
- Installing SRC Components as Solaris Packages
- Related Topics
- Transferring SRC Packages to Other Hosts
- Example: Transferring and Installing Packages
- Uninstalling the SRC Software on a Solaris Platform
- Related Topics
-
Defining an Initial Configuration on a Solaris Platform
- Configuring Initial SRC Component Settings and Starting Components
- Saving Logging Information for an SRC Component
- Starting and Operating the SAE
- Starting the SAE for the First Time
- Starting the SAE After Initial Startup
- Monitoring the SAE
- Stopping the SAE
- Reviewing Port Settings for SRC Components
- Enabling Display of Help Topics for SRC Configuration Tools
- Upgrading the SRC Software from a Previous Release
-
Setting Up an SAE on a Solaris Platform
- Configuring SAE Initial Settings
- Directory Fields
- RADIUS and Portal Address Fields
- JRE, SNMP, and Port Offset Fields
- Configuring SAE Attributes in Property Files
-
Configuring and Starting the SDX SNMP Agent on a Solaris Platform
- Configuring the SDX SNMP Agent
- Directory Connection Parameters
- SNMP Agent Logging Fields
- Severity Levels
- Communication with the Master Agent
- Other SDX SNMP Agent Parameters
- Operating the SDX SNMP Agent
- Starting the SDX SNMP Agent
- Stopping the SDX SNMP Agent
- Monitoring the SDX SNMP Agent
- Cleaning SNMP Agent Logs and Process Files
- Commands for the Master Agent
- Reading the SNMP Agent MIBs
- Installing and Using the Net-SNMP Agent in an SRC Environment
- Installing the Net-SNMP Agent
- Configuring the Net-SNMP Agent
- Starting the Net-SNMP Agent
- Stopping the Net-SNMP Agent
- Monitoring the Net-SNMP Agent
- Locating the Log File
-
Distributing Directory Changes to SRC Components on a Solaris Platform
- Configuring JNDI Properties for the Directory Eventing System
- Variables to Customize JNDI Properties for an SRC Component
- Extending the Directory Eventing System for SRC Components
- Variables to Configure DES Properties for SRC Components
- Example
- Identifying the Type of Directory
- Enabling Blacklisting for an Unresponsive Directory
- Blacklist Property
- Reestablishing a Connection to a Directory
-
Installing Web Applications
- Installing Web Applications
- Installing Web Applications Inside JBoss on a Solaris Platform
- Stopping JBoss
- Removing Web Applications
- Session Timeouts for Web Applications
- Access Controls
-
Upgrading the SRC Software on a Solaris Platform
- Upgrading the SRC Software on Solaris Platforms
- Overview of Directory Data on Solaris Platforms
- Overview of the Migration Script
- Script Tasks Without Directory Server Upgrade
- Script Tasks With Directory Server Upgrade
- Migrating the Directory Data
- Managing Shadowed Directories When Migrating Directory Data
- DirX Deployment
- Updating DirX Secondary Directories
- Sun ONE Deployment
- Preparing the Migration Host
- Cloning the Directory Server
- Cloning the DirX Directory Server
- Cloning Sun ONE Directory Server (iPlanet)
- Installing the UMCmig Migration Package
- Customizing Migration
- Running the Migration Script
- Completing the Migration
- DirX
- Sun ONE (iPlanet)
- Updating the Original Host
-
Setting Up Your SRC Environment on a Solaris Platform
-
Using SRC Tools
-
Configuring Local Properties
- Overview of SDX Local Configuration Tool
- Starting the SDX Local Configuration Tool
- Using GUI Elements in the SDX Local Configuration Tool
-
Using SDX Admin
- Overview of SDX Admin
- Starting SDX Admin
- LDAP Connection Fields
- SDX Admin Main Window
- Using the Menu Bar
- Options Menu: Configure
- Using the Toolbar
- Using the Navigation Pane
- Navigation Pane Icons
- Using the Content Pane
- General Procedures for Using SDX Admin
- Using Pop-Up Menus
- Modifying an Entry
- Saving an Entry
- Reverting an Entry
- Deleting an Entry
- Searching Text
- SDX Admin Limitations
- Unique User IDs Only
- Consistency
- Interdependence
- Internationalization with SDX Admin
- Locale
- Localization of Data Storage
-
SRC-Related Abbreviations
-
SRC-Related References
- RFCs
- Draft RFCs
- Other Software Standards
- URLs
-
Index