How to install Junos Space and Security Director

In this post we will install Junos Space Network Management Platform virtual appliance for VMware ESX and Security Director. As you might know Space platform is the ground application holding other applications such as Security Director which manages SRX firewalls. Hence it is necessary to install Space platform first and Security Director on top of it. Make sure you have 8GB RAM available in your ESX server. Let’s start the installation:

1) Download the ova image here We are downloading the latest release space-14.1R2.9 at the time of this post.

junos_space_network_platform_download_image_esx

2) Download the security director here
Latest one available is 14.1R2.6 release which is compatible with the platform release we have downloaded.

junos_space_security_director

3) Then deploy the Space Platform OVA file as usual like any other VM to your ESX platform.

deploy_junos_space_platform

After deployment, you will see that 8GB RAM is assigned to the VM.

space_installed_vm_details

4) Now power on the VM and get into the console. You will be asked to enter user and password which are admin and abc123 respectively.

junos_space_installation_password_default

Once you entered these, you will be asked to change the password. Choose your new password according to the instructions. Otherwise you may fail to set a proper password.
install_selection_space

Then accept the default installation type Space Platform by enter.

5) Now it is time to configure network settings. eth0 is the first interface that you see in VM properties of ESX and this IP I am using will be set to eth0 interface in the linux platform and it provides management access.

space_ip_set_initial

space_dns_set

Space pings the default gateway, DNS and NTP server you enter. They don’t have to be pingable but make sure you assign your eth0 interface on ESX properties to the correct VLAN and IP can be reached.

6) Now set the GUI IP address and NTP server. It is better you set the NTP here. GUI address is the one you type in your browser to access the management platform.

space_gui_address

Then you type the display name. This is used as the fabric node name.

space_display_name

7) Set maintenance password which is used for some upgrade and other maintenance operations. It is different than admin password. It must be minimum 8 characters and apply the settings as shown.

space_final_confirmation

Once you apply the changes, deamons will be restarted and it will take some time for you to see the following screen. By choosing option 7 and providing admin password you set at the beginning, you will drop to the Linux shell.

space_final_login

Now I can connect to the box via SSH at its ip 100.100.100.117

[root@space-000c29cb6706 ~]# ip -4 addr
1: lo:  mtu 16436 qdisc noqueue 
    inet 127.0.0.1/8 scope host lo
2: eth0:  mtu 1500 qdisc pfifo_fast qlen 1000
    inet 100.100.100.117/24 brd 100.100.100.255 scope global eth0             <---Primary IP
    inet 100.100.100.118/24 brd 100.100.100.255 scope global secondary eth0:0 <---Secondary GUI IP Address

Now it is time to login to the web UI. Web admin user is different than admin and maintenance. Web user is super and initial default password is juniper123 After login, you should change this one.

space_super_login

Below is a screenshot after the first login to space platform.

space_gui

Now we are very close to finish this post as we will just deploy the security director.

Go to Adminitration->Applications->Add Application
1 - space_add_application

Then select "Upload via HTTP" and upload the security director image you downloaded.
2 - upload_security_director

A job will be created and application name (Security Director) will appear in the list after a while. Once it appears, click install

3 - install-security-director

It will take a while for the application to be installed. To see the job status, you can click the upper right corner CHECK icon.

4 - Space-Job-Status Once it finishes, you will see 3 new applications.

5 - Space-Application-List

From the left drop down list, by selecting Security Director you can switch to SD's screen.

6 - Security-Director-screen

and here we are! we have installed both space platform and security director. Last but not least I need to recap usernames we have configured so far to avoid any confusion.

1) admin user: We set this for the Linux shell and default password during the installation is abc123
2) maintenance user: we also set password for this but it is used for special operations. No default password for this. It must be set.
3) super user: this user is used for WEB UI and initial default password is juniper123

I think I have completed this long post now. If you see any mistake, please do let me know.

About: rtoodtoo

Worked for more than 10 years as a Network/Support Engineer and also interested in Python, Linux, Security and SD-WAN // JNCIE-SEC #223 / RHCE / PCNSE


10 thoughts on “How to install Junos Space and Security Director”

  1. Hi there
    Great blog – many in-depth question lead me here!
    Found this article too late when just doing the same; I think it would be worthy of adding a few lines about setting up the virtual log collector appliance and making devices use em

  2. Hey Guy, I am trying do it with junos space 15 or 14 on vmware ESXi 6, and I am facing problems, startup freeze on line saying “selinux disabled at run time” and restart itself. have some another config to do on vmware to get compatibility?

    thanks in advance!

  3. Hi Rtodto,

    First of all, I would say that this is an extremely good article and I am a beginner.
    I have configured exactly the same way as you have in a windows server using Vsphere client. I have configured the same IPs.I am able to ping 100.100.100.118 and 100.100.100.117 from the shell but I am not able to launch the web GUI using the URL. Could you please help me on what could be the possible issue. I shall be thankful.

    1. Hi Rahul,
      If you can ping, IP must have been assigned properly. If you installed a newer version, things might have changed a little bit. I can’t really say. You may try to restart junos space and wait for a while to see if it helps. If not, you need to look into log files of junos space to see what is going on. It isn’t easy to say what might be the problem.

  4. hello – so which of the IP’s that are configured is the one that is actually used to reach out to the SRX gateways that would be imported into Space? And also can you tell me which ports space uses to communicate with them? I know NSM was 7800/7804 after an initial ssh 22 communication

Leave a Reply to H JCancel reply

Discover more from RtoDto.net

Subscribe now to keep reading and get access to the full archive.

Continue reading