Add Juniper Netscreen Firewall
You can add Juniper Netscreen Firewall entities using the Add Entity UI or using the cloud agent command line interface (omcli) with the appropriate JSON files.
Step 1: Prepare Juniper Netscreen Firewall for monitoring.
| Prerequisites |
|---|
|
SNMPv1/v2 or SNMPv3 credentials are needed for monitoring. If SNMPv1/v2 is used, you must provide the SNMP community string that was entered during firewall configuration along with IP address of the Cloud Agent which will be used for Juniper firewall monitoring. If SNMPv3 is used, you must provide the SNMPv3 user, plus authentication method (SHA or MD5) and password if authorization is used, plus the privilege method (only DES is supported) and privilege password if privilege is used. All of this needs to be manually configured beforehand in the firewall.. Read-only access is adequate for Juniper firewall monitoring. |
Step 2: Decide how you want to add the Juniper Netscreen Firewall.
You can add Juniper Netscreen Firewall entities using one of two ways:
- Add them from UI
- Use the agent's
omcli add_entitycommand with the appropriate JSON files
Adding Entities from the UI
- From the Management Cloud main menu, select Administration, Discovery, and then Add Entity. The Add Entity page displays.
- Select the Juniper Netscreen Firewall Entity Type.
- Enter the following UI properties.
Juniper Netscreen Firewall UI Fields - Entity Name: Name of this entity displayed in the Oracle Management Cloud console.
- Dispatch URL:
snmp://<Fully qualified host name or IP address of Juniper Netscreen Firewall> - SNMP Port: Port where Juniper Netscreen Firewall listens for SNMP requests - 161 by default (optional)
- SNMP Timeout: Timeout for SNMP requests in seconds - 30 seconds by default (optional)
- Cloud Agent: Cloud agent monitoring the host where Juniper Netscreen Firewall is installed.
Monitoring Credentials
SNMP V1/V2
- Community String: Community String for SNMP communication
SNMP V3
- Username: SNMPv3 username.
- Authorization Password: Password used for authentication
- Authorization Protocol: Protocol used for authentication. (MD5 or SHA)
- Privacy Password: password used for encryption
See Add Entities from the Console for detailed instructions on using the Add Entity UI.
Using omcli and the Appropriate JSON Files
- Download and extract the required JSON file(s) from the master JSON zip file. See the table below for the specific JSON files you'll need.
- Edit the file(s) and specify the requisite properties shown below.
Juniper Netscreen Firewall JSON Files and Properties Definition File: omc_juniper_netscreen_sample.json
- omc_dispatch_url: snmp://<Fully qualified host name or IP address of Juniper Netscreen Firewall>
- omc_snmp_port: Port where Juniper Netscreen Firewall listens for SNMP requests - 161 by default (optional)
- omc_snmp_timeout: Timeout for SNMP requests in seconds - 30 seconds by default (optional)
- omc_snmp_version: SNMP version used to monitor Juniper Netscreen Firewall (2c or 3) - 2c by default (optional)
Credential Files
omc_juniper_netscreen_snmpv2_sample_creds.json
SNMP v2c
- COMMUNITY: SNMPv2c community string
omc_juniper_netscreen_snmpv3_sample_creds.json
SNMP v3
- authUser: SNMPv3 username
- authPwd: Password used for authentication
- authProtocol: Protocol used for authentication - supply either MD5 or SHA
- privPwd: password used for encryption
- Add the entity using
omcli.omcli add_entity agent DEFINITION_FILE [-credential_file CREDENTIAL_FILE [-encryption_method_gpg]] - Verify the status of the newly added entity.
omcli status_entity agent DEFINITION_FILE
See step 4. Adding Entities to Your Service of Add Entities Using JSON Files for more information.
Step 3: (Optional but recommended) Set up alerts.
To enable lights-out monitoring, you can set up alert rules to generate alerts and send notifications if your entities have performance issues.
See Set Up Alert Rules and Set Up Alert Thresholds and Notifications.Troubleshooting
If you run into any issues regarding discovery or monitoring of Juniper Netscreen Firewall, see the following: