Juniper Identity Management Service Overview
Juniper Identity Management Service (JIMS) provides a robust and scalable user identification and IP address mapping implementation that includes endpoint context and machine ID. JIMS collects user identity information from different authentication sources, such as Active Directory or from different syslog clients such as NAC or VPN gateways. This information is used in SRX Series Firewalls to define identity aware security policies, also known as user firewall.
After you have deployed JIMS, you can configure CSO to obtain user identity information from JIMS, and use CSO and JIMS to manage user-based firewall policy intents on SRX Series Firewalls and vSRX Virtual Firewall instances.
The SRX Series Firewalls communicate with JIMS through an HTTPS connection. SRX Series Firewalls have a primary and a secondary JIMS configuration. The SRX devices always query the primary JIMS application. When the primary JIMS application is unavailable, the secondary JIMS is available as a fall back option. SRX Series Firewalls constantly monitor the failed primary JIMS and revert to the primary JIMS, once it is up and running.
For more information, see JIMS Introduction.