I’ll be walking you through a series of videos in the form of detailed configuration guides for our Mist AI driven SD1 solution supporting the SRX platforms. Okay, So I have divided these guides into two main parts. Part one is going to be an overview. We’re going to look at the network topology and...
- Getting Started
- Wireless
- Wired Switching
- WAN Edge
- Mist Access Assurance
- Location Based Services
- Premium Analytics
- Security and Cloud Administration
- MSP
- Automation
- Product Updates
- Marvis
- Security Alerts
- FAQ
Configuration
Go to Organization -> Site Configuration. We will configure 5 sites with the names depicted below. Make sure that in each Site you configure the root password for Switch and WAN-Router Management! Be sure to populated the root password for WAN Edges and Switches in the Site. The moment you activate a device to be...
Applications For users to access applications, we will first define the Applications and then use Application Policies to permit or deny access. Let’s now have a look how we can define Applications. Go to Organization -> Applications. In Mist WAN Assurance, we can define Applications in 3 ways: Custom...
During our WAN Design, we will create Networks that can later be used in Application Policies to access applications. A Network is defined with: a unique Network Name Subnet IP/Prefix VLAN (optional) plus a list of options The Subnet IP/Prefix and VLAN can be defined with absolute values (e.g. 192.168.50.0/24, VLAN 50) or more...
Application Policies (aka Security Policies) define who can access the Applications. Once we have created the Networks, Applications and Steering Profiles, we can combine all this in the Application Policies to define who has access to the Applications (or who has not), the selected paths for the traffic in Overlay and Underlay and...
Create configuration for the two Hubs Warning It is mandatory (and a good practice anyway) that you create the configuration for all Hubs BEFORE the Spoke Templates. Create Hub Profile for first Hub Go to Organization -> Hub Profiles Note You can avoid the work creating this Profile if you simply import the shared JSON,...
Go to Organization -> WAN Edge Templates. Note You can avoid the work creating this Template if you simply import the shared JSON discussed in other reference documentation. Remember you must do the Site assignments after this. Create your entire Spoke Template via GUI. Click on “Create Template” We create the Template for our Spokes....
We go back to the Spoke Template and “Assign to Sites”. Then select only the three “spokeX-site” and “Apply”. The result should indicate 3 Sites (the wan edges change when devices get assigned the these) Onboard your Devices Now it’s time to use the Claim or Adopt Method to onboard the devices and see them...
The AI Driven SD-WAN Secure Edge Connector (SEC) can provide connectivity to many SASE providers. This provides a simple augmentation of on-box IDS and URL filtering services. The SEC provides simplified workflows for Juniper SASE, Zscaler as well as additional providers though the custom option. Juniper Secure Edge is an advanced Security Scanner...
Before you start you will see IDP not activated independently if you already have the license deployed on it or not. Mist Cloud will handle downloading of signatures and enabling the IDP features. Intrusion detection is the process of monitoring the events occurring in your network and analyzing them for signs of possible incidents, violations,...
This article explains how to enable or disable the App Visibility features at the gateway level and site level. Prerequisites to Enable App Visibility 1. Ensure that the SRX has the AppSecure license installed This information can be obtained from the SRX front panel on the Mist UI Use of Log Source IP address/Interface...
Feature Overview With the help of this feature you can monitor the service status of following in any of the SRX: EWF IDP App_Secure The following services on an SRX – showcase if configured: Whether the licenses are present Status of Service Status of all the features will look like following : "service_status": { "idp_status":...
WAN Edge devices connected to Mist can be upgraded from the cloud. To schedule a device to download and upgrade to a specified version, navigate to your WAN Edge device page. From the utilities menu, select ‘Upgrade Firmware’ to initiate the upgrade operation. In the ‘Upgrade device firmware’ screen, there are several options for upgrading...