Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Creating Secure Fabric and Sites

You can create sites within your secure fabric from the secure fabric page.

Before You Begin

  • Plan out your sites in advance. A site is a grouping of network devices, including firewalls and switches, that contribute to threat prevention.

  • Keep in mind that when you create a site, you must identify the perimeter firewalls so you can enroll them with Juniper ATP Cloud/JATP.

  • If you want to enforce an infected host policy within the network, you must assign a switch to the site.

  • SRX Series devices cannot belong to multiple sites.

  • MX Series devices associated with tenants can belong to multiple sites.

  • Sites that are associated with tenants do not need switches as enforcement points.

  • Switches and connectors cannot be added to the same site.

To create a site within your secure fabric:

  1. Select Devices>Secure Fabric.
  2. Click the + icon.
  3. Complete the configuration by using the guidelines in Table 1 below.
  4. Click OK.
  5. Create a new site and add an enforcement point to a site.
Table 1: Create Site Page Fields

Field

Description

Site

Enter a unique string that must begin with an alphanumeric character and can include underscores; no spaces allowed; 63-characters maximum.

Tenant

Select a tenant.

Description

Enter a description; maximum length is 1024 characters. You should make this description as useful as possible for all administrators.
Warning:

If you add certain SRX Series Firewalls to your Secure Fabric as enforcement points, you may see a warning that the device(s) must be reconfigured in enhanced mode and require a reboot. Here is a list of SRX models that may require rebooting for enhanced mode after being registered with Policy Enforcer/Juniper ATP Cloud/JATP.

  • SRX340

  • SRX345

  • SRX650

  • SRX240h2

  • SRX320

  • SRX300

  • SRX550

Related Documentation