SRX - How to convert zone-based address books to a global one

Zone-based vs Global When dealing with address objects on an SRX running older versions of Junos, they typically would employ a zone-based address-book for it's configuration. When using a zone-based address-book, the address objects referenced in the security policies are created per zone, which means that every zone will have an address-book configuration, and could potentially have duplicate objects. Newer Junos versions use a global address-book configuration. The global address-book reduces complexity in your configuration by managing all address objects in one spot, and if you need to reference the…

Keep reading

NXTWORK 2015: The Recap

A couple of weeks ago I attended the inaugural customer summit that Juniper Networks put on called NXTWORK. I was excited to see that Juniper finally put on something like this here in the 'states, and it was well worth the wait! Being part of their Ambassador program, I got to travel to their Sunnyvale HQ each year with the rest of the Ambassadors. This is awesome in itself, as we get a lot of private sessions with many different PLM's and people from all aspects of Juniper. But this…

Keep reading

Go BIG(-IP) or Go Home

I really love leveraging API's to get more out of some of the tasks that I do, and to interact with a lot of the systems that I work on. One of my favorites is the F5 LTM load-balancer. It's quite the platform, and if any of you have ever worked with/on one...I'm sure you can relate. Newer in version 11.4+, is the ability to manage your F5 using a REST API. This is a framework that sits atop of tmsh. Using this API makes it extremely…

Keep reading

go-junos & Windows Azure IPs

In a previous blog post, I gave an example of how I use the go-junos library to help automate creating and modifying address objects and variables in Junos Space. Here's another good, time saving example of creating multiple address groups to be used within a policy. Background: Windows Azure We have multiple development teams here that need to publish their work/apps to the Azure cloud. Without totally circumventing the firewall and allowing full access out, it was a bit of a challenge to allow them to publish to a…

Keep reading

Automation & Go(lang): Real World Use Case

Over the past month-and-a-half, I've shared some articles with you about the go-junos library, mostly regarding how it works. With most things in this industry, I like to see them in action, and how others, as well as myself, might use them on a day-to-day basis. This post is about just that. I'll show you an example of how I use this library to help simplify and save lots of time when deploying new SRX installations. A Little Background I work for a large retailer, with a lot of remote…

Keep reading