Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

end-user-profile

Syntax

Hierarchy Level

Description

Specify the name of the device identity profile, also referred to as the end-user-profile, and either one or more of its attributes or the name of the Active Directory domain to which the device belongs.

The device identity profile is a key component of the SRX Series Firewall identity feature, which enables you to control access to network resources based on the identity of the user’s device, not the identity of the user of the device. The device identity profile includes the domain name and a collection of attributes that characterize the device.

Note:

You cannot configure the device identity profile without specifying either the domain that the device belongs to at least one of its attributes.

Options

  • profile-name profile-name—Name of the device identity profile; for example, marketing-west-coast. The profile is specified in the source-end-user-profile field of a security policy.

  • domain domain-name—Name of the domain to which the device belongs; for example, domain1.

  • attribute device-identity string––Name given to the device, for example, my-device1.

  • attribute device-category string––Category of the device, for example, laptop.

  • attribute device-vendor string—Name of the manufacturer of the device, for example, Lenovo.

  • attribute device-type string––Type of device; for example, ThinkPad.

  • attribute device-os string-—Operating system running on the device; for example, Windows.

  • attribute device-os-version string-—Version of the operating system that is running on the device; for example, 10.1.

Required Privilege Level

services—To view this statement in the configuration.

services-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS 15.1X49-D70.