Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Announcement: Try the Ask AI chatbot for answers to your technical questions about Juniper products and solutions.

Juniper Security Director® is the next generation on-premises security management product for SRX Series Firewalls and vSRX. For more details, visit Juniper Security Director documentation page or contact your sales team.

close

header-navigation

Junos Space Security Director User Guide

keyboard_arrow_up

close

keyboard_arrow_left

Table of Contents Expand all

play_arrow Junos Space Security Director
- play_arrow Overview
play_arrow Dashboard
- play_arrow Overview
  - Dashboard Overview
play_arrow Monitor
- play_arrow Events and Logs-All Events
  - Events and Logs Overview
  - Creating Alerts
  - Creating Reports
  - Creating Filters
  - Grouping Events
  - Using Events and Logs Settings
  - Selecting Events and Logs Table Columns
  - Viewing Threats
  - Viewing Data for Selected Devices
  - Using the Detailed Log View
  - Using the Raw Log View
  - Showing Exact Match
  - Using Filter on Cell Data
  - Using Exclude Cell Data
  - Showing Firewall Policy
  - Showing Source NAT Policy
  - Showing Destination NAT Policy
  - Downloading Packets Captured
  - Showing Attack Details
  - Using Filters
- play_arrow Events and Logs-Firewall
  - Firewall Events and Logs Overview
- play_arrow Events and Logs-Web Filtering
  - Web Filtering Events and Log Overview
- play_arrow Events and Logs-VPN
  - VPN Events and Logs Overview
- play_arrow Events and Logs-Content Filtering
  - Content Filtering Events and Logs Overview
- play_arrow Events and Logs-Antispam
  - Antispam Events and Logs Overview
- play_arrow Events and Logs-Antivirus
  - Antivirus Events and Logs Overview
- play_arrow Events and Logs-IPS
  - IPS Events and Logs Overview
- play_arrow Events and Logs-Screen
  - Screen Events and Logs Overview
- play_arrow Events and Logs-ATP Cloud
  - ATP Cloud Events and Logs Overview
- play_arrow Events and Logs-Apptrack
  - Apptrack Events and Logs Overview
- play_arrow Threat Prevention-Hosts
  - Infected Hosts Overview
  - Infected Host Details
- play_arrow Threat Prevention-C&C Servers
  - Command and Control Servers Overview
  - Command and Control Server Details
- play_arrow Threat Prevention-HTTP File Download
  - HTTP File Download Overview
  - HTTP File Download Details
- play_arrow Threat Prevention-Email Quarantine and Scanning
  - SMTP Quarantine Overview
  - Email Attachments Scanning Overview
  - Email Attachments Scanning Details
- play_arrow Threat Prevention-IMAP Block
  - IMAP Block Overview
- play_arrow Threat Prevention-Manual Upload
  - File Scanning Limits
- play_arrow Threat Prevention-Feed Status
  - Device Feed Status Details
- play_arrow Threat Prevention-All Hosts Status
  - All Hosts Status Details
- play_arrow Threat Prevention-DDoS Feeds Status
  - DDoS Feeds Status Details
- play_arrow Applications
  - About the Application Visibility Page
  - Application Visibility Overview
  - Block Applications
  - Block Users
  - Block Source IP Addresses
- play_arrow Live Threat Map
  - Threat Map Overview
  - Blocking Threat Events
- play_arrow Threat Monitoring
  - Threat Monitoring Overview
- play_arrow Alerts and Alarms - Overview
  - Alerts and Alarms Overview
- play_arrow Alerts and Alarms-Alerts
  - Deleting an Alert
  - Searching Alerts
  - Using Generated Alerts
- play_arrow Alerts and Alarms-Alert Definitions
  - Creating Alert Definitions
  - Editing Alert Definitions
  - Cloning Alert Definition
  - Deleting Alert Definitions
  - Searching Alert Definitions
  - Alert Definitions Main Page Fields
- play_arrow Alerts and Alarms-Alarms
  - Using Device Alarms
  - Device Alarms Main Page Fields
- play_arrow VPN
  - IPsec VPN Monitoring Overview
  - About the Overview Page
  - Managing Monitored and Unmonitored VPNs
  - About the Monitored Tunnels Page
  - About the Devices Page
- play_arrow Insights
  - How to Monitor Incidents
  - How to Monitor Mitigation
- play_arrow Job Management
  - Using Job Management in Security Director
  - Overview of Jobs in Security Director
  - Archiving and Purging Jobs in Security Director
  - Viewing the Details of a Job in Security Director
  - Canceling Jobs in Security Director
  - Reassigning Jobs in Security Director
  - Rescheduling and Modifying the Recurrence of Jobs in Security Director
  - Retrying a Failed Job on Devices in Security Director
  - Exporting the Details of a Job in Security Director
  - Job Management Main Page Fields
- play_arrow Audit Logs
  - Using Audit Logs in Security Director
  - Understanding Audit Logs in Security Director
  - Purging or Archiving and Purging Audit Logs in Security Director
  - Exporting Audit Logs in Security Director
  - Viewing the Details of an Audit Log in Security Director
  - Audit Logs Main Page Fields
- play_arrow Packet Capture
  - Packet Capture Overview
  - About the Packets Captured Page
  - Setting the Purge Policy
- play_arrow NSX Inventory-Security Groups
  - About the Security Groups Page
  - View Members of a Security Group
- play_arrow vCenter Server Inventory-Virtual Machines
  - About the Virtual Machines Page
  - View Network Details of a Virtual Machine
  - View Security Groups of a Virtual Machine
- play_arrow Data Plane Packet Capture
  - About the Data Plane Packet Capture Page
  - Capture Data Plane Packets
play_arrow Devices
play_arrow Configure
- play_arrow Firewall Policy-Standard Policies
  - Firewall Policies Overview
  - Policy Ordering Overview
  - Creating Firewall Policies
  - Firewall Policies Best Practices
  - Creating Firewall Policy Rules
  - Rule Base Overview
  - Firewall Policy Locking Modes
  - Rule Operations on Filtered Rules Overview
  - Create and Manage Policy Versions
  - Assigning Devices to Policies
  - Comparing Policies
  - Export Policies
  - Creating Custom Columns
  - Promoting to Group Policy
  - Converting Standard Policy to Unified Policy
  - Probe Latest Policy Hits
  - Disable Firewall Policy Rules Based on Hits Over a Specified Duration
  - Viewing and Synchronizing Out-of-Band Firewall Policy Changes Manually
  - Importing Policies
  - Delete and Replace Policies and Objects
  - Unassigning Devices from Policies
  - Edit and Clone Policies and Objects
  - Publishing Policies
  - Showing Duplicate Policies and Objects
  - Show and Delete Unused Policies and Objects
  - Updating Policies on Devices
  - Firewall Policies Main Page Fields
  - Firewall Policy Rules Main Page Fields
- play_arrow Firewall Policy-Unified Policies
  - About the Unified Policies Page
  - Unified Policy Overview
  - Creating Unified Firewall Policies
  - Creating Unified Firewall Policy Rules
  - Configuring a Default SSL Proxy Profile
  - Configure a Default IDP Policy
- play_arrow Firewall Policy-Devices
  - Devices with Firewall Policies Main Page Fields
- play_arrow Firewall Policy-Schedules
  - Schedules Overview
  - Creating Schedules
  - Schedules Main Page Fields
- play_arrow Firewall Policy-Profiles
  - Understanding Firewall Policy Profiles
  - Understanding Captive Portal Support for Unauthenticated Browser Users
  - Creating Firewall Policy Profiles
  - Edit and Clone Policies and Objects
  - Delete and Replace Policies and Objects
  - Assigning Policies and Profiles to Domains
  - Firewall Policy Profiles Main Page Fields
- play_arrow Firewall Policy-Templates
  - Understanding Firewall Policy Templates
  - Creating Firewall Policy Templates
  - Edit and Clone Policies and Objects
  - Delete and Replace Policies and Objects
  - Firewall Policy Templates Main Page Fields
- play_arrow Firewall Policy-Secure Web Proxy
  - About the Secure Web Proxy Page
  - Create a Secure Web Proxy Profile
  - Edit, Clone, and Delete a Secure Web Proxy Profile
  - Assign Secure Web Proxy Profile to a Domain
  - Find Secure Web Proxy Profile Usage Details
- play_arrow Firewall Policy-DNS Security & ETI Profile
  - DNS Security and Encrypted Traffic Insights Overview
  - About the DNS Security and ETI Profile Page
  - Create a DNS Security and ETI Profile
  - Clone, Edit, and Delete DNS Security and ETI Profile
- play_arrow Firewall Policy-DNS Security & ETI Policy
  - About the DNS Security and ETI Policy Page
  - Create a DNS Security and ETI Policy
  - Edit and Delete DNS Security and ETI Policy
- play_arrow Firewall Policy-DNS Sinkhole
  - About the DNS Sinkhole Page
  - Create a Sinkhole
  - Assign Devices to a Sinkhole
  - Unassign Devices from a Sinkhole
  - Clone a Sinkhole
  - Assign a Sinkhole to a Domain
  - Publish a DNS Sinkhole Policy
  - Update a DNS Sinkhole Policy
  - Edit and Delete a Sinkhole
- play_arrow Environment
  - Environment Variables and Conditions Overview
  - About the Environment Page
  - Creating a New Environment Variable
  - Editing and Deleting Environment Variables
  - Creating a New Environment Condition
  - Editing and Deleting Environment Conditions
- play_arrow Application Firewall Policy-Policies
  - Understanding Application Firewall Policies
  - Creating Application Firewall Policies
  - Delete and Replace Policies and Objects
  - Edit and Clone Policies and Objects
  - Show and Delete Unused Policies and Objects
  - Finding Usages for Policies and Objects
  - Application Firewall Policies Main Page Fields
- play_arrow Application Firewall Policy-Signatures
  - Understanding Custom Application Signatures
  - Creating Application Signatures
  - Editing, Cloning, and Deleting Custom Application Signatures
  - Creating Application Signature Groups
  - Application Signatures Main Page Fields
- play_arrow Application Firewall Policy-Redirect Profiles
  - About the Redirect Profiles Page
  - Adding a Redirect Profile
  - Cloning, Editing, and Deleting Redirect Profiles
- play_arrow SSL Profiles
  - SSL Forward Proxy Overview
  - Creating SSL Forward Proxy Profiles
  - SSL Forward Proxy Profile Main Page Fields
  - SSL Reverse Proxy Overview
  - Creating SSL Reverse Proxy Profiles
- play_arrow User Firewall Management-Active Directory
  - About the Active Directory Profile Page
  - Creating Active Directory Profiles
  - Deploying the Active Directory Profile to SRX Series Devices
  - Editing and Deleting Active Directory Profiles
- play_arrow User Firewall Management-Access Profile
  - Access Profile Overview
  - About the Access Profile Page
  - Creating Access Profiles
  - Deploying the Access Profile to SRX Series Devices
  - Editing and Deleting Access Profiles
- play_arrow User Firewall Management-Address Pools
  - About the Address Pool Page
  - Create Address Pool
  - Edit and Delete Address Pool
- play_arrow User Firewall Management-Identity Management
  - Juniper Identity Management Service Overview
  - About the Identity Management Profile Page
  - Creating Identity Management Profiles
  - Editing, Cloning, and Deleting Identity Management Profiles
  - Updating the Identity Management Profile to SRX Series Devices
- play_arrow User Firewall Management-End User Profile
  - End User Profile Overview
  - About the End User Profile Page
  - Creating an End User Profile
  - Edit and Delete End User Profile
  - End User Profile Operations
- play_arrow IPS Policy-Policies
  - Understanding IPS Policies
  - Creating IPS Policies
  - Creating IPS Policy Rules
  - Publishing Policies
  - Updating Policies on Devices
  - Assigning Devices to Policies
  - Create and Manage Policy Versions
  - Creating Rule Name Template
  - Export Policies
  - Unassigning Devices to Policies
  - Viewing and Synchronizing Out-of-Band IPS Policy Changes Manually
  - Edit and Clone Policies and Objects
  - Delete and Replace Policies and Objects
  - Assigning Policies and Profiles to Domains
  - IPS Policies Main Page Fields
- play_arrow IPS Policy-Devices
  - Understanding IPS Policies
  - Devices with IPS Policies Main Page Fields
- play_arrow IPS Policy-Signatures
  - Understanding IPS Signatures
  - Creating IPS Signatures
  - Creating IPS Signature Static Groups
  - Creating IPS Signature Dynamic Groups
  - Edit and Clone Policies and Objects
  - Delete and Replace Policies and Objects
  - IPS Policy Signatures Main Page Fields
- play_arrow IPS Policy-Templates
  - Understanding IPS Policy Templates
  - Creating IPS Policy Templates
  - Edit and Clone Policies and Objects
  - Delete and Replace Policies and Objects
  - IPS Policy Templates Main Page Fields
- play_arrow NAT Policy-Policies
  - NAT Overview
  - NAT Global Address Book Overview
  - Creating NAT Policies
  - Publishing Policies
  - NAT Policy Rules Main Page Field
  - Creating NAT Rules
  - Updating Policies on Devices
  - Edit and Clone Policies and Objects
  - Delete and Replace Policies and Objects
  - Assigning Policies and Profiles to Domains
  - Comparing Policies
  - Create and Manage Policy Versions
  - Export Policies
  - Assigning Devices to Policies
  - Unassigning Devices to Policies
  - Creating Rule Name Template
  - Viewing and Synchronizing Out-of-Band NAT Policy Changes Manually
  - Configuring NAT Rule Sets
  - Auto Grouping
  - NAT Policies Main Page Fields
- play_arrow NAT Policy-Devices
  - Devices with NAT Policies Main Page Fields
- play_arrow NAT Policy-Pools
  - Creating NAT Pools
  - Edit and Clone Policies and Objects
  - Delete and Replace Policies and Objects
  - Show and Delete Unused Policies and Objects
  - Showing Duplicate Policies and Objects
  - Assigning Policies and Profiles to Domains
  - NAT Pools Main Page Fields
- play_arrow NAT Policy-Port Sets
  - Creating Port Sets
  - Delete and Replace Policies and Objects
  - Edit and Clone Policies and Objects
  - Show and Delete Unused Policies and Objects
  - Showing Duplicate Policies and Objects
  - Assigning Policies and Profiles to Domains
  - Port Sets Main Page Fields
- play_arrow Content Security Policy-Policies
  - Content Security Overview
  - Creating Content Security Policies
  - Comparing Policies
  - Delete and Replace Policies and Objects
  - Viewing Policy and Shared Object Details
  - Assigning Policies and Profiles to Domains
  - Showing Duplicate Policies and Objects
  - Edit and Clone Policies and Objects
  - Show and Delete Unused Policies and Objects
  - Content Security Policies Main Page Fields
- play_arrow Content Security Policy-Web Filtering Profiles
  - Creating Web Filtering Profiles
  - Selecting a Web Filtering Solution
  - Web Filtering Profile Main Page Fields
- play_arrow Content Security Policy-Category Update
  - About the Category Update Page
  - Configuring the Download URL Settings
  - Downloading and Installing URL Categories
  - Uploading and Installing URL Categories
  - Installing URL Categories on SRX Series Devices
- play_arrow Content Security Policy-Antivirus Profiles
  - Creating Antivirus Profiles
  - Antivirus Profile Main Page Fields
- play_arrow Content Security Policy-Antispam Profiles
  - Creating Antispam Profiles
  - Antispam Profile Main Page Fields
- play_arrow Content Security Policy-Content Filtering Profiles
  - Creating Content Filtering Profiles
  - Content Filtering Profile Main Page Fields
- play_arrow Content Security Policy-Global Device Profiles
  - Creating Device Profiles
  - Device Profiles Main Page Fields
- play_arrow Content Security Policy-Default Configuration
  - About the Default Configuration Page
  - Create a Default Content Security Configuration
  - Edit and Clone the Default Configuration
  - View and Delete Unused Default Configuration
- play_arrow Content Security Policy-URL Patterns
  - Creating URL Patterns
- play_arrow Content Security Policy-Custom URL Categories
  - Creating Custom URL Category Lists
- play_arrow Application Routing Policies
  - Understanding Application-Based Routing
  - About the Application Routing Policies Page
  - Configuring Advanced Policy-Based Routing Policy
  - About the Rules Page (Advanced Policy-Based Routing)
  - Creating Advanced Policy-Based Routing Rules
  - About the App Based Routing Page
  - Edit and Clone Policies and Objects
  - Assigning Devices to Policies
  - Customizing Profile Names
  - Publishing Policies
  - Updating Policies on Devices
- play_arrow Threat Prevention - Policies
  - Creating Threat Prevention Policies
  - Threat Prevention Policy Overview
  - Threat Policy Analysis Overview
  - Implementing Threat Policy on VMWare NSX
- play_arrow Threat Prevention - Feed Sources
  - About the Feed Sources Page
  - Juniper ATP Cloud Realm Overview
  - Juniper ATP Cloud Malware Management Overview
  - Juniper ATP Cloud Email Management Overview
  - File Inspection Profiles Overview
  - Juniper ATP Cloud Email Management: SMTP Settings
  - Configure IMAP Settings
  - Creating Juniper ATP Cloud Realms and Enrolling Devices or Associating Sites
  - Modifying Juniper ATP Cloud Realm
  - Creating File Inspection Profiles
  - Creating Allowlist for Juniper ATP Cloud Email and Malware Management
  - Creating Blocklists for Juniper ATP Cloud Email and Malware Management
  - Add ATP Appliance Server
  - Edit or Delete a ATP Appliance Server
  - Custom Feed Sources Overview
  - Creating Custom Feeds
  - Example: Creating a Dynamic Address Custom Feed and Firewall Policy
  - Configuring Settings for Custom Feeds
- play_arrow IPsec VPN-VPNs
  - IPsec VPN Overview
  - Create a Site-to-Site VPN
  - Create a Hub-and-Spoke (Establishment All Peers) VPN
  - Create a Hub-and-Spoke (Establishment by Spokes) VPN
  - Create a Hub-and-Spoke Auto Discovery VPN
  - Create a Full Mesh VPN
  - Create a Remote Access VPN—Juniper Secure Connect
  - Create a Remote Access VPN—NCP Exclusive Client
  - IPsec VPN Global Settings
  - Understanding IPsec VPN Modes
  - Comparison of Policy-Based VPNs and Route-Based VPNs
  - Understanding IPsec VPN Routing
  - Understanding IKE Authentication
  - Publishing IPsec VPNs
  - Updating IPSec VPN
  - Modify IPsec VPN Settings
  - Viewing Tunnels
  - Importing IPsec VPNs
  - Deleting IPSec VPN
  - IPsec VPN Main Page Fields
- play_arrow IPsec VPN-Extranet Devices
  - Creating Extranet Devices
  - Find Usage for Extranet Devices
  - Extranet Devices Main Page Fields
- play_arrow IPsec VPN-Profiles
  - VPN Profiles Overview
  - Creating VPN Profiles
  - Edit and Clone IPsec VPN profiles
  - Assigning Policies and Profiles to Domains
  - VPN Profiles Main Page Fields
- play_arrow Insights
  - About the Log Parsers Page
  - Create a New Log Parser
  - Edit and Delete a Log Parser
  - About the Log Sources Page
  - Add a Log Source
  - Edit and Delete a Log Source
  - View Log Statistics
  - About the Event Scoring Rules Page
  - Create an Event Scoring Rule
  - Edit and Delete Event Scoring Rules
  - About the Incident Scoring Rules Page
  - Create an Incident Scoring Rule
  - Edit and Delete Incident Scoring Rules
- play_arrow Shared Objects-Geo IP
  - Creating Geo IP Policies
  - Geo IP Overview
  - Delete and Replace Policies and Objects
- play_arrow Shared Objects-Policy Enforcement Groups
  - Creating Policy Enforcement Groups
  - Policy Enforcement Groups Overview
- play_arrow Shared Objects-Addresses
  - Addresses and Address Groups Overview
  - Creating Addresses and Address Groups
  - Import and Export CSV Files
  - Assigning Addresses and Address Groups to Domains
  - Showing Duplicate Policies and Objects
  - Delete and Replace Policies and Objects
  - Addresses Main Page Fields
- play_arrow Shared Objects-Services
  - Services and Service Groups Overview
  - Creating Services and Service Groups
  - Import and Export CSV Files
  - Delete and Replace Policies and Objects
  - Showing Duplicate Policies and Objects
- play_arrow Shared Objects-Variables
  - Variables Overview
  - Creating Variables
  - Editing Variables
  - Import and Export CSV Files
  - Showing Duplicate Policies and Objects
- play_arrow Shared Objects-Zone Sets
  - Understanding Zone Sets
  - Creating Zone Sets
  - Edit and Clone Policies and Objects
  - Delete and Replace Policies and Objects
  - Finding Usages for Policies and Objects
  - Show and Delete Unused Policies and Objects
  - Showing Duplicate Policies and Objects
  - Viewing Policy and Shared Object Details
  - Zone Sets Main Page Fields
- play_arrow Shared Objects-Metadata
  - Metadata-Based Policy Enforcement Overview
  - About the Metadata Page
  - Creating a Metadata
- play_arrow Change Management-Change Requests
  - Change Control Workflow Overview
  - Creating a Firewall or NAT Policy Change Request
  - About the Changes Submitted Page
  - Approving and Updating Changes Submitted
  - Creating and Updating a Firewall Policy Using Change Control Workflow
  - Editing, Denying, and Deleting Change Requests
  - About the Changes Not Submitted Page
  - Discarding Policy Changes
  - Viewing Submitted and Unsubmitted Policy Changes
- play_arrow Change Management-Change Request History
  - About the Change Request History Page
- play_arrow Overview of Policy Enforcer and Juniper ATP Cloud
  - Policy Enforcer Overview
  - Benefits of Policy Enforcer
  - Juniper ATP Cloud Overview
- play_arrow Concepts and Configuration Types to Understand Before You Begin (Policy Enforcer and Juniper ATP Cloud)
  - Policy Enforcer Components and Dependencies
  - Policy Enforcer Configuration Concepts
  - Juniper ATP Cloud Configuration Type Overview
  - Features By Juniper ATP Cloud Configuration Type
  - Available UI Pages by Juniper ATP Cloud Configuration Type
  - Comparing the Juniper Connected Security and non-Juniper Connected Security Configuration Steps
- play_arrow Installing Policy Enforcer
  - Policy Enforcer Installation Overview
  - Deploying and Configuring the Policy Enforcer with OVA files
  - Installing Policy Enforcer with KVM
  - Policy Enforcer Ports
  - Identifying the Policy Enforcer Virtual Machine In Security Director
  - Obtaining a Juniper ATP Cloud License
  - Creating a Juniper ATP Cloud Web Portal Login Account
  - Loading a Root CA
  - Upgrading Your Policy Enforcer Software
- play_arrow Configuring Policy Enforcer Settings and Connectors
  - Policy Enforcer Settings
  - Policy Enforcer Connector Overview
  - Creating a Policy Enforcer Connector for Public and Private Clouds
  - Creating a Policy Enforcer Connector for Third-Party Switches
  - Editing and Deleting a Connector
  - Viewing VPC or Projects Details
  - Integrating ForeScout CounterACT with Juniper Networks Connected Security
  - ClearPass Configuration for Third-Party Plug-in
  - Cisco ISE Configuration for Third-Party Plug-in
  - Integrating Pulse Policy Secure with Juniper Networks Connected Security
  - Policy Enforcer Backup and Restore
- play_arrow Guided Setup-ATP Cloud with SDSN
  - Using Guided Setup for Juniper ATP Cloud with Juniper Connected Security
- play_arrow Guided Setup-ATP Cloud
  - Using Guided Setup for Juniper ATP Cloud
- play_arrow Guided Setup for No ATP Cloud (No Selection)
  - Using Guided Setup for No Juniper ATP Cloud (No Selection)
- play_arrow Manual Configuration- ATP Cloud with SDSN
  - Configuring Juniper ATP Cloud with Juniper Connected Security (Without Guided Setup) Overview
- play_arrow Manual Configuration-ATP Cloud
  - Configuring Juniper ATP Cloud (No Juniper Connected Security and No Guided Setup) Overview
  - Creating Juniper ATP Cloud Realms and Enrolling Devices or Associating Sites
- play_arrow Cloud Feeds Only Threat Prevention
  - Configuring Cloud Feeds Only
- play_arrow Configuring No ATP Cloud (No Selection) (without Guided Setup)
  - Configuring No ATP Cloud (No Selection) (without Guided Setup) Overview
- play_arrow Migration Instructions for Spotlight Secure Customers
  - Moving From Spotlight Secure to Policy Enforcer
play_arrow Reports
- play_arrow Reports
play_arrow Administration
- play_arrow My Profile
  - Modifying Your User Profile in Security Director
- play_arrow Users and Roles-Users
- play_arrow Users and Roles-Roles
- play_arrow Users and Roles-Domains
- play_arrow Users and Roles-Remote Profiles
- play_arrow Logging Management
  - Logging and Reporting Overview
- play_arrow Logging Management-Logging Nodes
- play_arrow Logging Management-Statistics & Troubleshooting
  - Using the Log Statistics and Troubleshooting
- play_arrow Logging Management-Logging Devices
  - Logging Devices Main Page Fields
  - Creating Security Logs
- play_arrow Monitor Settings
  - About the Monitor Settings Page
  - Monitor Settings Overview
- play_arrow Signature Database
- play_arrow License Management
  - About the License Notification Settings Page
  - Notification Settings
- play_arrow Migrating Content from NSM to Security Director
  - NSM Migration
- play_arrow Policy Sync Settings
  - About the Policy Sync Settings Page
  - Out-of-Band Changes Overview
- play_arrow Insights Management

list Table of Contents

English

keyboard_arrow_right

VPN Profiles Overview

date_range 10-Jul-23

arrow_backward

arrow_forward

You can use the VPN Profile page to create an object that specifies the parameters used in a IPsec VPN. You can configure the Internet Key Exchange (IKE) and IPsec settings in VPN profile.

When a VPN profile is created, Junos Space creates an object in the Junos Space database to represent the VPN profile. You can use this object to create a route-based or policy-based IPsec VPN.

SRX Series devices support the following authentication methods in IKE negotiations for IPsec VPN:

Pre-shared key
RSA signature
DSA signature
ECDSA signature 256
ECDSA signature 384

The predefined VPN profile is available for both RSA and DSA certificates-based authentication. The PKI certificate list from the device is automatically retrieved during the device discovery.

SRX Series devices support pre-shared key and PKI certificate-based authentication methods in IKE negotiation for IPsec VPNs. The RSA certificate and DSA certicate-based authentication are supported for IKE negotiation. The predefined VPN profile is available with both RSA and DSA certificates-based authentication. The PKI certificate list from the device is automatically retrieved during the device discovery and update-based syslog notifications.

arrow_backward PREVIOUS Extranet Devices Main Page Fields

NEXT arrow_forward Creating VPN Profiles

footer-navigation