Commit Confirm now supported in OneConfig

One of the (many) things engineers love about Junos is the 'commit confirmed' feature that provides them with a safety net for risky configuration changes. The last thing you want when configuring a remote device is to cut off communication between you and the device by mistake.

Using 'commit confirm' the traditional way allows engineers to set a timer on a change that automatically rolls back the change after a set time (typically 5-10 minutes). If the change is successful the engineer can cancel the roll-back by confirming the commit before the timer expires, thus making the change permanent. Really, really useful!

OneConfig now supports 'Commit Confirm', however we've done so in an automated way. With our approach you turn on commit confirm for all changes and OneConfig takes care of it from there. You activate "Commit Confirm' on your OneConfig environment by ticking the box in the Settings tab and selecting a timer value. OneConfig then uses 'commit confirmed' on all commits to all your devices, but with automation that you don't see.

This is how OneConfig Commit Confirm works:

1. Using OneConfig's UI, engineer makes a configuration change to a device.

2. OneConfig applies the commit to the device using the commit confirm option.

3. OneConfig listens for a commit response, when one is received OneConfig automatically issues a further commit, thereby cancelling the timer and making the change permanent. The OneConfig user gets an on-screen notification.

4. If OneConfig does not receive a commit response the commit is not confirmed and the configuration rollback is activated by the device when the timer expires. The previous configuration is restored and any lost access is regained.

So, with OneConfig, using Commit Confirmed is seamless to the user while still providing the safety net that made it famous.

Thanks,

Andrew (andrew@oneconfig.net)

Managed Security Service Provider Drives Sales with Amazing Customer Experience

As businesses face ever-increasing cyberthreats, it becomes harder for them to deal with targeted assaults on their infrastructure. To minimize their business risks, they need more sophisticated software and equipment, plus the skilled resources to operate them. As a result, companies are turning in increasing numbers to Managed Security Service Providers (MSSPs) who have the know-how and solutions that offer them protection and peace of mind.
 
In Australia, the market leader in telecommunications, Telstra, delivers a range of managed services. Telstra recently developed a number of next-generation firewall offerings, including one based on the Juniper Networks® SRX Series Services Gateways with AppSecure capabilities. With Juniper’s quality hardware, high performance, and advanced features such as intrusion detection and prevention (IDP), AppTrack, and unified threat management (UTM), managed services that deliver SRX Series capabilities provide attractive solutions to customers.

How to demonstrate SRX Series value in real time?

Telstra’s product manager was looking for a way to add value to customers by giving them deep insights into the benefits that the SRX Series services were providing on an ongoing basis.

To meet this challenge, Telstra incorporated OneConfig’s Customer Portal as a default addition to the offering. OneConfig is a cloud-based management and reporting solution for devices running Juniper Networks Junos® operating system. As Telstra deploys each new SRX Series service, the customer is given a login to the OneConfig portal. There they are able to view, in real time, their device and see details including security policies, zones, Network Address Translation (NAT), interfaces, performance graphs, configuration audit, and much more.

Their read-only accounts limit them from making any configuration changes, but allow them to share access with the Telstra engineers. Importantly, customers don’t need Junos OS skills to use the intuitive OneConfig portal.

The key feature OneConfig delivers for Telstra—in addition to real-time visibility—is detailed AppSecure reports. Customers are e-mailed a monthly report from OneConfig, and they can also login and generate on-demand reports at any time. These reports give them deep visibility into their applications, Web filtering, and intrusion prevention and detection.
 
Now customers can see first-hand the ongoing benefits that they are experiencing from their SRX Series services and the Telstra Managed Security team. This visibility provides Telstra with powerful proof-points of value, greatly enhancing the overall customer experience. It helps differentiate Telstra’s managed security services from other MSSPs—and also helps Juniper capabilities stand out from other security vendor offerings.

Thanks for reading,

Andrew (andrew@oneconfig.com)

This post also appeared on the Juniper Partner Watch blog: http://forums.juniper.net/t5/Partner-Watch/Managed-Security-Services-Provider-Drives-Sales-with-Amazing/ba-p/294222

 

Multi Tenant Firewall

Over the last 6 - 9 months, as our platform has matured, we've been working with more and more managed service providers (and some really big telcos!). They like the fact that we simplify operations, lower costs and help them improve their customer service on Juniper-based offerings. We like the fact that they manage 100s and 1,000s of devices and buy loads of licenses :)

One thing we kept hearing from them was, "When are you going to support virtual router firewall instances on SRX?". Using SRX VR firewalls to deliver customer services is really useful e.g. Internet gateways hosted in a data centre. This works well when there are small numbers of VRs on a host. But when those numbers grow the configuration on the host becomes very complex and hard to manage, making business scalability expensive. That's why they wanted us to support this capability.

So this week we launched our Multi Tenant Firewall feature set. Now Service Providers can not only manage the host SRX through OneConfig, they can now provision and manage VR instances using our intuitive portal. Services can be assigned to tenants and viewed as a simple, logical service. Engineers can edit the VR zones, policies and NAT as if it were a stand-alone device.

[Here's a link to a 2 minute video

Now Service Providers can scale their business by simplifying management to lower costs with a reduced reliance on senior engineers with CLI skills.

What's more, OneConfig's web-based portal also allows Service Providers to offer their customers a self manage option - no Junos skills required.

Get in touch if you want more information.

Bye,

Andrew (andrew@oneconfig.com)

Space or OneConfig - what's best for me?

Depending on the size and complexity of your Juniper network you might opt for a system to help you manage your infrastructure. Having a central tool to manage your firewalls and switches has many advantages, but it also adds complexity and cost. 

If you're running Juniper equipment, then one option is to use Junos Space, either on an appliance or running software on a virtual machine (VM). An alternative solution is to use OneConfig's SaaS-based management platform. So which is the better option? Let's consider a few aspects.

Features and usability:

Space is a fully featured platform that is necessarily complex and has various add-on components. To become proficient requires training and it is suited to engineers with good Juniper skills. It's ideal for complex, single environment networks.

OneConfig is simple and intuitively easy to use. It requires no training and can be used by engineers with no prior Juniper experience. It has a smaller feature set that focuses on providing the common day-to-day functions a network administrator is required to perform.

 

operations, training and Maintenance

To run Space you need to host it somewhere. If you purchase the appliance then you will need to rack mount it in a datacentre. Alternatively, you can use the VM option and host it on virtual servers. In addition to on-going costs for hardware, power, VM licenses and datacentre rent, you'll also have to account for time for training, installation, maintenance and regular updates to the Space platform. 

OneConfig on the other hand is software as a service. There are no hardware or VM costs, no maintenance or patching, and no datacentre power or rent costs. You simply use the platform and OneConfig takes care of the rest. In addition, if you understand basic networking terms you can start using it right away, no training required.

 

flexibility and multi-tenancy

Space is typically installed in a private network so access is via a LAN, WAN or VPN connection. OneConfig is a cloud-based solution and is accessed using a secure browser connection. That means OneConfig can be used from anywhere there is an Internet connection - you can manage your network from your desk or from the other side of the world.

OneConfig is a multi-tenancy platform. You can separate and manage multiple environments (or customers) from a single interface. You can also setup administrators, users and read only users, either within one environment or across all.

 

What to choose?

When it comes to selecting the right management platform for your Juniper environment, there is no right or wrong answer - it depends on your specific needs. However, you may want to ask yourself a few simple questions first:

  • Do I have power, rack-space, VM licenses available?
  • Do I have skilled engineers to install, maintain, upgrade and operate a Space solution?
  • Do I need a management tool with hundreds and hundreds of features?
  • Do I have skilled Juniper engineers available to use the tool?

If you answered 'no' to one or more of these questions, OneConfig may be the solution that's best for you. Take a look at our case studies for examples of how OneConfig has helped other Juniper customers.

If you'd like a free trial or a product demonstration please contact me.

Thanks,

Andrew (andrew@oneconfig.com)

Usage and Billing Report for Switch Ports

OneConfig has created a new feature aimed at simplifying the management of bandwidth usage and billing in large switch port environments. This new feature delivers a regular report (daily/weekly/monthly) containing detailed bandwidth usage across all switch ports in a managed Juniper environment. 

The background to this solution: A OneConfig customer running ISP services in multi-tenant dwellings needed a way to report on bandwidth usage of their network. With Juniper EXs on every floor of multi level buildings, each apartment is connected to the network via a dedicated switch port. The challenge the customer faced was identifying which apartments were consuming excessive bandwidth and thereby causing quality issues for other users.

They wanted a simple way to report on the usage so they could identify these heavy consumers, and restrict them or bill them for excess usage.

OneConfig's bandwidth utilisation report delivers visibility of usage across all their switch ports within their Juniper EX and SRX fleet, with daily and weekly reports. Reports are delivered automatically via email as CSV files. The ISP Administrators can easily scan and search the files, then take action to warn the users, or use the data for input into their billing system.

If you need a simple way to track and bill for switch port usage on your Juniper network, please contact me for details.

Bye for now,

Andrew (andrew@oneconfig.com)

 

 

Effective SRX Demonstrations in a Competitive Market

If your job involves selling Juniper SRX Gateways in the Enterprise market then you already know some fundamental truths about Next Generation firewall sales:

  • The SRX is a great piece of technology; equal or better than its competitors.

  • Demonstrating the advanced capabilities of the SRX to customers is really difficult.

  • Competitors usually do a better job of selling their equipment.

Why is it hard to demonstrate the SRX in a customer’s network? The main problem is providing the customer with detailed reporting that describes just how effective the SRX is at detecting and mitigating threats. While competitors equipment have built in mechanisms to collect and report on their devices’ performance, the Juniper SRX does not. In order to generate equivalent reporting of AppSecure features, Sales Engineers need to bring in a host of tools - Space, Log Collector, Spotlight Connector, Sky ATP.

FIrewall Evaluation Cartoon.png

Some of the team at OneConfig previously worked at Juniper and experienced this problem first hand. That’s why we developed our cloud-based Application and Network Risk (ANR) Report - it solves this problem.

Simply install the demonstration SRX into the customer network, connect it to OneConfig’s remote platform and leave it in place for a week or two. The SRX can be placed L2 inline (secure-wire), L2 with switch mirror/span ports, or even L3 inline. (Click here for more details about our ANR Report service.)

At the end of the evaluation OneConfig generates a compelling, colorful report that you can use to help win the deal. (Click here for a sample ANR Report.)

For more information, please contact me.

Thanks,

Andrew (andrew@oneconfig.com)

 

 

 

Multi device configuration update

From time to time it is necessary to make the same configuration change to many devices in your network. If you run a fleet of EX Switches you may find yourself having to add a new VLAN across the network. Perhaps you are moving to a new DNS provider, or you are changing your NTP settings.

Whatever the reason, making  the same configuration change to a large number of devices can be tiresome.

OneConfig has recently released version 1.23.0 of our cloud-based service, and in there you will find our new Multi Device Update (MDU) feature. MDU lets you use Junos config or set commands to configure devices. Once the commands are in place,  select some or all device, click UPDATE and away you go.

mdu

 

OneConfig checks the commands for syntax errors, then produces a real time log of changes. At the end of the change it generates a report that can also be downloaded as a PDF, listing successful updates, updates with issues and failed updates. 

Looks like you'll be finishing work early today!

By Andrew Hill

(andrew@oneconfig.com)

Why setting a rescue configuration is so important

The stability and health of your Juniper devices is extremely important for your network. If a device goes down for some reason it could impact your business' ability to service your customers and run normal business operations.

A big focus area for OneConfig is giving users greater visibility of the health of your devices and some tools around that to ensure you can recover from issues.

One of the simplest things you can do to protect your Juniper devices from downtime is by setting the rescue configuration. Rescue configuration is a "last known good" state that allows you to return to operation after a failure using the reset config button on the front of your device.

OneConfig tells you when your device does not have the rescue configuration set and we even give you the option to set it right there and then with a simple click.

What other alarms would you like us to warn you about? Let us know: info@oneconfig.com or http://twitter.com/oneconfig.

Restore SRX Configuration with USB

Your network is down! Panic is setting in, users are complaining, you need to get the broken SRX device replaced with a spare ASAP! Hopefully you have a spare, or at least opted for same day support.

Then you realise that you've got to find the config file to get the replacement SRX back up and running. Then you can't find a console cable. You're having a really bad day!

We love tools that make it easier in these kind of situations. SRX has a great (but not very well known) feature that can help you out here. It's called USB Auto Install.

There is a great Juniper Learning Byte video on YouTube about USB Auto Install. It covers how easy it is to install new Junos software on an SRX, but what is leaves out is that you can also use this process to get configuration on there too. 

Here are the steps:

  • Find a FAT32 USB flash drive
  • Format it / clear all other files off (especially people using Mac OS X, you'll need to get on the Terminal for this as the finder stores all kinds of things in there).
  • You'll need to put a couple of files on there:
    • junos-config.conf - your full Junos configuration, in stanza format.  You can download this from OneConfig's device details window.
    • autoinstall.conf - just a blank file, e.g. "echo " " > F:\autoinstall.conf"
    • Junos software image, it needs to be the "junos-srxsme" name (e.g. junos-srxsme-12.3X48-D20.4-domestic.tgz)
  • Power up the SRX, insert the USB in the front
  • After some time the lights will all start flashing
  • Hold in the "config reset" button, use a pen
  • When all the lights go green, you're good to go. Pull out the USB and the SRX will reboot with the new software and the configuration in place.

There is also a Juniper KB article that goes in to more detail.

OneConfig can store your configuration backup - simply enable it by ticking the box in the Device Settings window. Or turn it on for all new devices via Settings -> Device -> Enable config backups.

If you have any questions about USB Auto Install for SRX with configuration added, please feel free to contact me.

By Martyn Lomax (mlomax@oneconfig.com)




  

  

Incredibly Simple Juniper Configuration Management

When you press the brake pedal in your car, the vehicle stops. Simple, right? But what happens behind the scenes is far from simple. The brake pedal activates a hydraulic piston that forces brake fluid down various pipes to the brake calipers at each wheel. Cylinders within the calipers force the brake pads onto the brake disk. Anti Braking System sensors on each wheel feed information back to the central computer which responds to regulate how much each wheel brakes. That’s how modern cars stop so effectively, and it saves lives.

When we implemented Configuration Management into the latest release of OneConfig’s Juniper cloud-based management platform we made it as simple as possible - one tick box to activate.

When you tick this box your configurations are being managed, it’s that simple. What happens behind the scenes is a little more complex. We build our platform so that managing Juniper devices is really easy. You don’t need to know Junos CLI if you use OneConfig, and you don’t need to know about the underlying complexity that delivers such simplicity. We might not be saving lives but we certainly make them simpler!

OneConfig’s automatic configuration backup ensures that you can quickly recover from a device failure.

Of course, OneConfig also allows users to view the current configuration and compare it to any of the previous (up to) 49 configurations on that device. So tracking what changes were made and who made them can be done with a few clicks in a browser.

If you haven’t used OneConfig before why not sign up for a free 30-day trial (no credit card required) now and see how easy it is to manage EX, SRX and vSRX devices. Sign up at my.oneconfig.com

By Andrew Hill (andrew@oneconfig.com)

 

 

TLS support for OneConfig's Application and Network Risk (ANR) Report

Juniper partners who use OneConfig's Application and Network Risk Report (ANR) as a pre-sales solution will be pleased to hear that TLS support has been added to our solution. We have the ability to process security policy logs to get a detailed view of 'Top Talkers' and 'Geographic IP'. Now we can gather those logs securely using TLS.

With more recent versions of Junos on SRX branch it is possible to support TLS for syslog. This means that the syslog data can be sent encrypted to OneConfig. This feature has been supported from 12.1X47-D20.

Here is an example of the configuration to enable the TLS syslog on your SRX:

set security log mode stream
set security log format syslog
set security log source-interface fe-0/0/7.0
set security log transport protocol tls
set security log transport tls-profile ssl-i
set security log stream oneconfig format syslog
set security log stream oneconfig category all
set security log stream oneconfig host logs.mydomain.com
set services ssl initiation profile ssl-i protocol-version all
set services ssl initiation profile ssl-i actions ignore-server-auth-failure

And, of course, you enable the logging option in the security policies you want to see logs for.

By Martyn Lomax JNCIE-SP #876 (mlomax@oneconfig.com)

AppSecure is now free - manage it with OneConfig

Great news for Juniper customers! Juniper has made AppSecure free for the first year on most SRX devices. The AppSecure suite delivers security threat visibility, enforcement, control, and protection over the network. And OneConfig's cloud-based management platform can help you manage it.

If you are new to Junos and/or AppSecure, or just want to simplify your day-to-day management, sign up for a trial account now. You can be managing your Juniper devices with a browser in a matter of minutes - my.oneconfig.com.

We've just added a whole pile of new features to OneConfig - some big, some small. The image below shows a small icon next to 'srx1440' indicating that this is a Cluster or Virtual Chassis. Small feature but very useful. You can also find the serial numbers for your cluster in the device details popup. 

A few of our customers have asked us recently for the ability to export device lists and security policies to spreadsheet. We love getting feedback like this, and those two new features were added within a week.

Here are some other features we added this week:

- Remote Junos upgrade (only for managed service providers subscribers for now)

- Various UI updates and field validation:

   - added expand/collapse all security policy context containers

   - added cluster/virtual chassis device icon

   - custom application field validations

If you've been following OneConfig's progress this year you've probably noticed how quickly our product is maturing. We couldn't be happier with the way things are going and we love contributing to the Juniper community. But we especially like hearing your feedback so please feel free to contact me - andrew@oneconfig.com

By Andrew Hill (andrew@oneconfig.com)

Testing Junos 15.1X49 on vSRX, and how JTAC responded to a bug

As OneConfig is part of the Juniper Beta Program, we were happy when the new version of Junos 15.1 was released in August. We enjoyed putting it through its paces in the months prior to release, so to see it out in production was exciting.

While the beta testing was successful, we unfortunately found a bug in the actual 15.1X49 release that caused a fault with devices connecting to OneConfig. We notified the JTAC and worked closely with them to get this issue diagnosed and fixed. The JTAC were very professional and thorough in their approach, especially considering what a difficult problem it was to reproduce involving OneConfig's external system. We were assigned a great JTAC engineer who was really keen to learn about OneConfig's platform and he spent considerable effort learning how the OneConfig platform works whilst troubleshooting the issue.

The JTAC confirmed the issue and worked with us to do some further testing on a short term work around. Only 2 weeks later a fix was released in vSRX 15.1X49-D20. We've upgraded our vSRX test lab and everything is now working well again!

We have a growing number of customers using Juniper's vSRX for different use cases in both hosting and CPE environments. We love that our platform can support these use cases in either physical SRX devices or the virtual environments, and it is very exciting to see the uptake of these services growing.  

15.1X49 vSRX brings a load of exciting new features and performance improvements. Things like transparent mode, UTM and AppFW. If you want to read more, check out the release notes here: http://www.juniper.net/techpubs/en_US/junos15.1x49/information-products/topic-collections/release-notes/15.1x49/index.html

By Martyn Lomax JNCIE-SP #876 (mlomax@oneconfig.com)

DHCP, VLAN Ranges, Aggregated Ethernet and More

OneConfig, the cloud-based management platform for Juniper devices, recently released Version 1.8.10 of their product. This new version includes important updates to our Interface Management features, a brand new feature for DHCP Management, a number of subtle improvements to the overall User Interface and multiple minor security feature updates. 

Juniper’s SRX is such a popular choice for a branch gateway device, and when you look at the capability of these devices and the great value they represent it is no surprise why this is the case. DHCP is a feature that many of our customers use in their remote offices so adding DHCP Management was a high priority on our product roadmap.

Another big change we’ve made is to combine the previously separate functions for VLAN and Interfaces. Now when you enter Interface configuration mode you will also have the VLAN configuration functions right there. Another important addition is support for Aggregated Interfaces on EX Switches.

As the screenshot shows, we’ve also added features for managing Ranges alongside Interfaces and VLANs. Like all OneConfig features, Interface, VLAN and Ranges Management has been designed to be intuitively easy to use so that all engineers, regardless of their level of knowledge or experience of Junos, can manage Juniper devices using just a browser.

 

Other new additions include:

  • new protocol to destination NAT rules

  • more validations in NAT rules

  • a swathe of UI improvements

  • serial number store and view on device connect

  • more trunk interface add/edit functions

  • policies, zones and custom applications data collection and view optimisations

“With the Juniper-Avnet Cloud-Managed Switch promotion currently running, where anyone buying a new EX Switch receives a free 12 month subscription to OneConfig, we wanted to ensure that switch management functionality was comprehensive.” said Andrew Hill, OneConfig Director. “Juniper equipment is extremely robust and feature rich, and great value too. OneConfig’s goal is to make it as easy to use as possible so more companies can realise the benefit of using this extremely well engineered equipment.”

Here’s a link to the Juniper-Avnet Cloud-Managed Switch promotion - http://www.avnet.com.au/updates/index.cfm?KEY=z1vL38DRCv5NnWc

Take a look at our 2 minute video to get an overview of OneConfig’s capabilities - www.oneconfig.com/overview-video

Free Cloud-Managed Switch Offer from Juniper Networks and Avnet Australia

Juniper Networks and Avnet Australia have team up with OneConfig to deliver a free cloud-managed switch offer to Australian customers.

Under this offer, which is available now, every customer buying Juniper Networks EX Series Switches through Avnet Australia will automatically get a free 12 month subscription to OneConfig’s cloud-based management solution.

OneConfig, a Juniper Technology Alliance Partner, has developed a true multi-tenanted, cloud-based Juniper switch management solution, allowing Juniper customers to:

  • Make configuration changes, even without knowledge of Junos®

  • Monitor devices and send alerts if devices go offline

  • Collect performance metrics and display them in hourly, daily, weekly or monthly based graphs.

Built from the ground up to include multi-tenancy support, OneConfig also allows Managed Service Providers to share secure, controlled access to devices with clients. Utilising a subscription license model, OneConfig simplifies operations, providing a single dashboard via a browser to manage Juniper EX and/or SRX switches across any number of distributed locations and networks

In an era where IT departments are being asked to do more with less, adding cloud-based management to Juniper switches is a great way to simplify network operations and improve service delivery.

OneConfig’s solution helps Juniper Partners sell Juniper devices by lowering the skills barrier required by the customer’s staff to manage and operate them. Cloud-based management also removes the necessity to run in-house management platforms, another cost and efficiency saving for the customer. And once customers start enjoying the benefits of cloud-managed Juniper devices, they are more likely to buy Juniper when expanding or refreshing  their network, thus generating additional run-rate business for Partners.

Offer details - http://www.avnet.com.au/updates/index.cfm?KEY=z1vL38DRCv5NnWc

 

Ian Lowles Joins OneConfig Board of Directors

OneConfig is delighted to announce that Ian Lowles has accepted an offer to become Non-executive Chairman of the Board of Directors.

Ian is an experienced executive and non-executive director in the Information Technology & IT industry with a track record of building businesses across Asia, China & Japan. He has a highly successful record of working with companies that change the way we interact, transact and do business with consumers and business to business.

Ian has extensive international, general and VP management experience, forged with Oracle, in Europe, Asia and Japan building sales-led businesses organically and via M&A. He brings an in-depth knowledge of Asia Pacific Telco carriers and Network Equipment Manufacturers.

About OneConfig                                                                                    

OneConfig, a Sydney-based company, is a Juniper Technology Alliance partner and is passionate about building intuitive network management systems. OneConfig’s browser-based platform ensures that engineers with little or no Juniper Networks experience can manage Juniper devices from anywhere in the world. OneConfig is 100% Juniper focused and only makes products for Junos devices. For further information about OneConfig, or to request a product demonstration, please e-mail us at info@oneconfig.com.

 

Managed Service Provider Reduces Costs and Delights Customers with Juniper-OneConfig Solution

(This article first appeared on Juniper Networks Partner Watch blog)

An Australian managed service provider (MSP) delivers managed virtual networks to its customers using a variety of Customer Premises Equipment (CPE) in their customers’ remote offices.  Some CPE devices are Juniper SRX Gateways, while others are devices from alternative equipment vendors. Their approach to managing all these CPE devices had been to employ experienced engineers who configured the devices via Command Line Interface (CLI). While widely used throughout the industry, using CLI to configure and manage devices is a costly way to manage networks because it requires skilled resources to make even simple changes.

Previously, when customers contacted the MSP to request a change to their devices, they would wait hours while the change request was logged by the customer service engineer, forwarded to a senior engineer for attention and, finally, completed. Apart from continually involving expensive senior resources, the delays were also frustrating to customers.

In early 2015, the MSP began using OneConfig’s cloud-based management platform to configure and manage its Juniper SRX Gateways. OneConfig – which is exclusively for Junos® devices - is designed for day-to-day management tasks such as interface configuration, managing security policies, editing VLANs, and configuring NAT rules. Because OneConfig's platform is a multi-tenanted solution, the MSP was able to see and manage all its customers’ CPE devices from a single web interface. Additionally, OneConfig’s simple workflows are designed to be used by junior engineers with no Junos® experience, which enabled the MSP to hand-off most day-to-day changes from its senior engineers to its customer service engineers.

When CLI was replaced by OneConfig’s intuitive web interface, the impact to customers was immediate and significant. Whereas before they may have waited hours, changes now happen while they are on the phone. Customer service engineers who answer customer calls can use OneConfig to safely and securely view customers’ devices and make changes immediately. The customers are delighted, the customer service engineers are empowered, and the senior engineers are free to work on higher value tasks.

On the strength of this success, the MSP is planning to consolidate its mixed-vendor fleet of CPE devices and standardize on Juniper SRX Gateways for all its CPE devices.

Network Address Translation (NAT) added in OneConfig Version 1.8

OneConfig, the cloud-based management platform for Juniper devices, recently released Version 1.8 of their product. This new version includes a number of minor updates and one major new feature - NAT Management.

Configuring Source and Destination NAT rules, and setting up NAT Pools, are common network management tasks. Like all OneConfig features, NAT Management has been designed to be intuitively easy to use so that all engineers, regardless of their level of knowledge or experience of Junos®, can manage Juniper devices using just a browser.

“The development of this feature has really been driven by several of our key customers,” said Andrew Hill, OneConfig Director. “They are using OneConfig to hand off more and more tasks to junior engineers, and having NAT management in place is an important step forward for that process.”

The new feature includes:

  • Source and Destination Rulesets - view, edit, create, delete and reorder

  • NAT Pools - view, edit, create and delete

OneConfig is focused on providing Enterprises and Managed Service Providers with practical tools for managing Juniper devices. Adding NAT Management extends the growing capability of OneConfig’s platform.

“We are excited to release this function to our customers, “  Andrew Hill added. “We’ve recently expanded our Development Team and we are expecting this to be the first of many new features to our product over the next few months.”

Partnering with Juniper to Build a Demo Aid for Effective Next-Generation Firewall Evaluations

What is the most effective way to convert customers to Juniper’s next-generation firewall platform? Show them! 

As a Juniper Technology Alliance partner, we've developed a demo aid that Juniper channel partners can employ that demonstrates how Juniper Networks® SRX Series Services Gateways for the branch will strengthen security.  

Juniper partners know and appreciate the capabilities and benefits that the SRX Series brings to any network. However, conveying that message to customers can be challenging. Simply telling customers about the product only gets you only so far. Actually showing customers the clear and present risks in their own environment, and demonstrating how the SRX Series detects and deals with these risks, is a compelling sales aid. So what is the best approach for setting up and running an SRX Series evaluation session?

In high-end environments where large SRX Series gateways are deployed in data centers and core networks, using a comprehensive tool like Juniper Secure Analytics is advisable. But in branch and campus environments, where smaller SRX Series devices are used, the JSA Series approach may not be feasible. However, customers still need to be shown compelling evidence of the SRX Series’ effectiveness. Implementing an SRX Series gateway into the customer’s environment is a fairly simple procedure, but producing a detailed and persuasive report at the end of the evaluation is challenging. Short of manually collecting and analyzing logs, the options for partners are limited.

An alternative option has been developed by OneConfig with assistance from Juniper Australia and Sydney-based Juniper Professional Services partner, Crystal Echo. In this approach, the Juniper partner deploys the SRX Series into the customer environment and adds a few configuration lines to securely connect the device to OneConfig’s cloud-based management platform. During the evaluation period, OneConfig collects real-time security and application usage data from the SRX Series device and stores it in its database. At the end of the evaluation, OneConfig generates a report in an easy-to-read format featuring relevant graphs, charts, and tables that highlight how effective the SRX Series has been.

Whether customers already use Juniper routing and switching devices, or are completely new to Juniper, effective evaluations are the ideal way to convert them to Juniper’s powerful next-generation firewalls. Contact me for more information about how you can use our demo tool. Good selling!

 

ABOUT OneConfig

OneConfig is a Juniper Technology Alliance partner and is passionate about building intuitive network management systems. OneConfig’s browser-based solution ensures that IT generalists with little or no Juniper Networks Junos® operating system experience can manage Juniper Networks EX Series Ethernet Switches and SRX Series devices from anywhere in the world. OneConfig is 100% Juniper focused and only makes products for Junos OS devices. For further information about OneConfig, or to request a product demonstration, please e-mail me at Andrew Hill

About Crystal Echo

Crystal Echo is a Juniper Networks Professional Services Specialist (PSS) and Juniper Networks Authorised Education Partner (JNAEP) with more than 10 years experience working with Juniper Networks. Crystal Echo consultants have deep experience with Juniper Networks products and technologies gained from working on some of the largest, most complex networks in Australia.

OneConfig Releases Version 1.7.4

OneConfig, the cloud-based management platform for Juniper devices, today released Version 1.7.4 of their product. The big news for this minor release is the improvements to our Performance Graphs. We've spent a lot of time optimising graph load times in this new release, and the results are evident - lightning fast load times! In addition, performance graphs for environmental and firewall sessions are now available when a device is offline, which should be a useful aide for troubleshooting.

We've also added a few minor bug fixes for Managed Service Provider features, mainly in the UI. In the background we are hard at work on what is probably the most requested feature to date, and its not far off from being released...more details coming soon.

OneConfig is focused on providing Managed Service Providers (MSP) with an effective tool for managing large fleets of Juniper customer premise equipment (CPE) across multiple customer networks. Faster graphs extends the usability of our multi-tenancy web-based platform, making ongoing management simpler and reducing the cost of owning a Juniper environment.