Introducing Mist Access Assurance
We are excited to announce Mist Access Assurance
The Juniper Mist Access Assurance service provides secure wired and wireless network access control based on user and device identities. The service enforces zero-trust network access policies for guest, IoT, BYOD, and corporate devices. Cloud-hosted, microservices-based authentication eases IT operations by delivering a full suite of access controls within a flexible yet simple authorization policy framework.
If you are interested in trying Access Assurance or simply would like more information, please reach out to your Juniper account team.
Access Assurance extends Juniper Mist IoT Assurance, which simplifies the onboarding of headless IoT and BYOD devices, to wired and wireless business devices using 802.1X authentication or MAC Authentication Bypass (MAB) methods for non-802.1X clients. Its features include:
- Client-first experience
- Granular identity fingerprinting
- Network policy enforcement
- High availability and geo-affinity
- Single-pane-of-glass management
- Automatic software updates
- API-driven architecture
Example policy set
View Access Assurance events inline with Wired and Wireless client events
Simplified Operations
AP Uplink Monitoring
A configuration option is introduced to control the monitoring of an AP’s uplink port. Starting from 0.10 firmware, APs monitor their uplink ethernet port for link status and automatically disable their WLANs upon loss of link. Now, with the introduction of this configuration option, uplink monitoring can be disabled. This is useful for when you expect the AP to have power, but no ethernet link. Such as during an AP survey when powered by a battery pack.
By default uplink monitoring is enabled. To disable it navigate to Organization->Site Configuration and uncheck the AP Uplink Monitoring check box.
Please note: Uplink monitoring is automatically disabled for Mesh Relay APs.
WAN Assurance
DHCP Server Options – SRX
DHCP server options can now be configured from the Mist UI for SRX. DHCP options are additional settings that a DHCP server passes to DHCP clients. When a DHCP client requests an IP address from a DHCP server, the server sends the client at least an IP address and a subnet mask value. Additional information can be sent to clients if you configure various DHCP options.
Replace Standalone – SRX/SSR
The “Replace” function is now supported for a standalone SRX/SSR from the Mist UI by selecting Replace WAN Edge under utilities and selecting an unassigned device from the inventory page. All the configuration generated by Mist will be copied onto the new replaced SRX/SSR.
Configured Apps – SSR
A specific tab has been added for Configured Apps under WAN Edge -> Applications section
Mist Edge
Enhancements to Mist Edges
We have made the following enhancements to the Mist Edges view:
-
Added the following new columns to the Mist Edge Clusters section: Tunterm IPs (Tunnel Termination IPs), Tunnel Host Selection (shows Shuffle or Shuffle by site method), and Radsec Proxy (indicates if Radius Proxy is enabled).
- Added the following new columns to the Mist Tunnels section: Anchor Mist Tunnel and Auto Preemption Enabled (indicates if the Auto Preemption feature is enabled or not).
- Renamed the RadSec Proxy tile to Radius Proxy in the Mist Edge Clusters section.