Next-Generation Juniper Network Firewall discovery

  • Release version: Yokohama
  • Updated March 12, 2026
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Next-Generation Juniper Network Firewall discovery

    The Next-Generation Juniper Network Firewall discovery pattern in ServiceNow Discovery uses SNMP calls to identify and collect detailed information about Juniper network firewalls. This pattern supports horizontal discovery and requires the latest Discovery and Service Mapping Patterns application from the ServiceNow Store. It enables ServiceNow customers to enrich their CMDB with accurate, structured data about Juniper firewall devices and related components.

    Show full answer Show less

    Prerequisites

    • Ensure SNMP access is enabled and properly configured on Juniper firewall devices.
    • Configure SNMP credentials on the ServiceNow instance.
    • Add the SNMP system OID record for Juniper devices to the ServiceNow instance.
    • Update the Classifier to Juniper Firewall and the Class to Juniper Firewall Device.
    • Download and install the CMDB CI Class Models (Release 1.10.0) from the ServiceNow Store to add required firewall classes.
    • Download and install the Juniper firewall discovery pattern from the ServiceNow Store and sync it with the appropriate MID Server.

    Key Features

    • Comprehensive CI Class Model: The pattern introduces new CI classes such as Juniper Firewall Device, Juniper Firewall Cluster, Firewall Device Group, Firewall Manager, and Firewall Security Policy, extending standard firewall and cluster classes to model Juniper-specific devices accurately.
    • Detailed Data Collection: Discovery collects extensive information on devices, including hostname, serial number, operational status, IP address, manufacturer, model number, firmware, hardware OS, and version across multiple CI tables like IP Firewall, Firewall Device, Juniper Firewall Device, and Firewall Cluster.
    • Network Adapter and Relationships: It discovers network adapters linked to Juniper Firewall Devices, capturing adapter names, IP addresses, and MAC addresses, and establishes key CI relationships to represent device ownership, hosting, membership, and management within clusters, device groups, and firewall policies.

    CI Relationships and References

    The pattern defines important relationships to map the environment accurately:

    • Juniper Firewall Devices are hosted on Juniper Firewall Clusters.
    • Devices own network adapters and IP addresses.
    • Firewall Devices contain Firewall Security Policies and are members of Firewall Device Groups.
    • Firewall Managers manage Firewall Devices and contain security policies.

    These relationships enable customers to visualize dependencies and associations among firewall components within the ServiceNow CMDB.

    Benefits for ServiceNow Customers

    By implementing this discovery pattern, customers can:

    • Automate identification and inventory of Juniper network firewalls with detailed, structured CI data.
    • Enhance CMDB accuracy and completeness for firewall infrastructure.
    • Leverage discovered relationships to improve impact analysis, change management, and security policy enforcement.
    • Use enriched data to support operational workflows, compliance, and risk management related to network firewalls.

    The ServiceNow Discovery application uses the Next-Generation Juniper Network Firewall discovery pattern to find Juniper network firewalls. Discovering some of these resources may require updating to the latest version of the Discovery and Service Mapping Patterns application from the ServiceNow Store.

    The discovery pattern uses a set of SNMP calls to find the Juniper network firewalls. Discovery uses the pattern to run horizontal discovery.

    Request apps on the Store

    Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Juniper Network Firewall data model

    The Next-Generation Juniper Network Firewall pattern introduces the following CI classes that are part of the Juniper firewall data model.

    Table 1. CI class hierarchy
    CI class Extends from
    Firewall Device [cmdb_ci_firewall_device] IP Firewall [cmdb_ci_ip_firewall]
    Juniper Firewall Device [cmdb_ci_firewall_device_juniper] Firewall Device [cmdb_ci_firewall_device]
    Firewall Cluster [cmdb_ci_firewall_cluster] Cluster [cmdb_ci_cluster]
    Juniper Firewall Cluster [cmdb_ci_firewall_cluster_juniper] Firewall Cluster [cmdb_ci_firewall_cluster]
    Firewall Device Group [cmdb_ci_firewall_device_group] Configuration Item [cmdb_ci]
    Firewall Manager [cmdb_ci_firewall_manager] Configuration Item [cmdb_ci]
    Firewall Security Policy [cmdb_ci_firewall_security_policy] Configuration Item [cmdb_ci]

    Prerequisites

    • Ensure that your network firewall device has SNMP access.
    • On the ServiceNow instance, configure SNMP credentials.
    • Add the SNMP system OID record for the Juniper device to the ServiceNow instance. Update the following:
      • Classifier: Juniper Firewall
      • Class: Juniper Firewall Device
    Deploy the pattern as follows:
    1. Download and install the CMDB CI Class Models: Release 1.10.0 from the ServiceNow Store. The app adds the new CMDB classes required for network firewall discovery. For more information, see Firewall extension classes.
    2. Download and install the discovery pattern from the ServiceNow Store.
    3. Sync the pattern with the appropriate MID Server.

    Data collected by Discovery during horizontal discovery

    The discovered data includes the following tables and fields.

    Table 2. IP Firewall [cmdb_ci_ip_firewall]
    Field Description
    Name [name] Hostname.
    Serial Number [serial_number] Device serial number.
    Operational Status [operational_status] Indicates if the device is in active state.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Firmware [firmware_version] Firmware version.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 3. Firewall Device [cmdb_ci_firewall_device]
    Field Description
    Name [name] Hostname.
    Serial Number [serial_number] Serial number of the device.
    Fully qualified domain name [fqdn] Fully qualified domain name.
    Operational Status [operational_status] Indicates if the device is in active state.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Firmware [firmware_version] Firmware version.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 4. Juniper Firewall Device [cmdb_ci_firewall_device_juniper]
    Field Description
    Name [name] Hostname.
    Serial Number [serial_number] Serial number of the device.
    Fully qualified domain name [fqdn] Fully qualified domain name.
    Operational Status [operational_status] Indicates if the device is in active state.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Firmware [firmware_version] Firmware version.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 5. Firewall Cluster [cmdb_ci_firewall_cluster]
    Field Description
    Name [name] Hostname.
    Fully qualified domain name [fqdn] Fully qualified domain name.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 6. Juniper Firewall Cluster [cmdb_ci_firewall_cluster_juniper]
    Field Description
    Name [name] Hostname.
    Fully qualified domain name [fqdn] Fully qualified domain name.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 7. Network Adapter [cmdb_ci_network_adapter]
    Field Description
    Name [name] Name of the network adapter.
    IP Address [ip_address] IP address of the network adapter.
    MAC Address [mac_address] MAC address of the network adapter.
    Configuration Item [cmdb_ci] References the Juniper Firewall Device [cmdb_ci_firewall_device_juniper] associated with this network adapter.
    The Dependency Views map on the Juniper Firewall Device CI shows the Juniper Firewall Cluster to which it belongs.
    CIs and connections on a Dependency Views map

    CI relationships

    The Next-Generation Juniper Network Firewall pattern creates the following relationships and references to support Juniper network firewall discovery. References link to records in other tables and don't appear in the CI Relationship [cmdb_rel_ci] table.

    Table 8. CI relationships
    CI Relationship CI
    Juniper Firewall Cluster [cmdb_ci_firewall_cluster_juniper] Hosted on::Hosts Juniper Firewall Device [cmdb_ci_firewall_device_juniper]
    Juniper Firewall Device [cmdb_ci_firewall_device_juniper] Owns::Owned by Network Adapter [cmdb_ci_network_adapter]
    Juniper Firewall Device [cmdb_ci_firewall_device_juniper] Owns::Owned by IP Address [cmdb_ci_ip_address]
    Juniper Firewall Device [cmdb_ci_firewall_device_juniper] Uses::Used by Router Interface [dscy_router_interface]
    Firewall Device [cmdb_ci_firewall_device] Contains::Contained by Firewall Security Policy [cmdb_ci_firewall_security_policy]
    Firewall Device Group [cmdb_ci_firewall_device_group] Members::Member Of Firewall Device [cmdb_ci_firewall_device]
    Firewall Device Group [cmdb_ci_firewall_device_group] Contains::Contained by Firewall Security Policy [cmdb_ci_firewall_security_policy]
    Firewall Manager [cmdb_ci_firewall_manager] Manages::Managed by Firewall Device [cmdb_ci_firewall_device]
    Firewall Manager [cmdb_ci_firewall_manager] Contains::Contained by Firewall Security Policy [cmdb_ci_firewall_security_policy]
    Table 9. CI references
    CI Field Referenced CI
    Serial Number [cmdb_serial_number] Configuration item [configuration_item] Juniper Firewall Device [cmdb_ci_firewall_device_juniper]
    Network Adapter [cmdb_ci_network_adapter] Configuration Item [cmdb_ci] Juniper Firewall Device [cmdb_ci_firewall_device_juniper]
    Router Interface [dscy_router_interface] Configuration Item [cmdb_ci] Juniper Firewall Device [cmdb_ci_firewall_device_juniper]