Next-Generation Juniper Network Firewall discovery

  • Release version: Zurich
  • Updated March 12, 2026
  • 4 minutes to read
    • Summarize
    Summarized using AI
    This content was generated using new OpenAI-powered functionality. Results are provided on an as is basis and are not guaranteed to be accurate or complete.

    Summary of Next-Generation Juniper Network Firewall discovery

    The ServiceNow Discovery application includes a specialized pattern for discovering Next-Generation Juniper Network Firewalls. This pattern uses SNMP calls during horizontal discovery to identify Juniper firewall devices and collect detailed configuration item (CI) data. To fully utilize this capability, customers may need to update to the latest Discovery and Service Mapping Patterns application from the ServiceNow Store.

    Show full answer Show less

    Prerequisites and Setup

    • Ensure SNMP access is configured on Juniper firewall devices.
    • Configure SNMP credentials on the ServiceNow instance.
    • Add the SNMP system OID record for Juniper devices to ServiceNow.
    • Update the Juniper Firewall classifier and device class in ServiceNow.
    • Download and install the CMDB CI Class Models: Release 1.10.0 app to add necessary CI classes.
    • Download and install the Juniper Network Firewall discovery pattern from the ServiceNow Store.
    • Sync the discovery pattern with the appropriate MID Server for execution.

    Juniper Network Firewall Data Model

    The pattern introduces new CI classes extending the base firewall classes to accurately model Juniper firewalls, clusters, device groups, managers, and security policies. Key CI classes include:

    • Juniper Firewall Device extending Firewall Device
    • Juniper Firewall Cluster extending Firewall Cluster
    • Firewall Device Group, Firewall Manager, and Firewall Security Policy classes

    Data Collected During Discovery

    The discovery gathers detailed attributes across multiple CI tables, including:

    • IP Firewall and Firewall Device: hostname, serial number, IP address, operational status, manufacturer, model, firmware, hardware OS and versions.
    • Juniper Firewall Device and Cluster: similar detailed fields as Firewall Device with Juniper-specific classification.
    • Network Adapter: adapter name, IP and MAC addresses, and linkage to the associated Juniper Firewall Device.

    CI Relationships and References

    The pattern establishes comprehensive relationships to model the Juniper firewall ecosystem accurately, including:

    • Juniper Firewall Cluster hosts Juniper Firewall Devices.
    • Firewall Devices own Network Adapters and IP Addresses.
    • Firewall Devices use Router Interfaces.
    • Firewall Devices contain Firewall Security Policies and belong to Firewall Device Groups.
    • Firewall Managers manage Firewall Devices and contain Security Policies.

    References link related CIs such as serial numbers and configuration items, supporting detailed dependency views in the CMDB.

    Benefits for ServiceNow Customers

    By implementing this discovery pattern, customers gain automated, accurate visibility into their Juniper next-generation firewalls within the CMDB. This enhanced data supports better asset management, security policy enforcement, and operational insights across firewall clusters and device groups. The detailed relationship mapping enables effective impact analysis and change management related to firewall infrastructure.

    The ServiceNow Discovery application uses the Next-Generation Juniper Network Firewall discovery pattern to find Juniper network firewalls. Discovering some of these resources may require updating to the latest version of the Discovery and Service Mapping Patterns application from the ServiceNow Store.

    The discovery pattern uses a set of SNMP calls to find the Juniper network firewalls. Discovery uses the pattern to run horizontal discovery.

    Request apps on the Store

    Visit the ServiceNow Store website to view all the available apps and for information about submitting requests to the store. For cumulative release notes information for all released apps, see the ServiceNow Store version history release notes.

    Juniper Network Firewall data model

    The Next-Generation Juniper Network Firewall pattern introduces the following CI classes that are part of the Juniper firewall data model.

    Table 1. CI class hierarchy
    CI class Extends from
    Firewall Device [cmdb_ci_firewall_device] IP Firewall [cmdb_ci_ip_firewall]
    Juniper Firewall Device [cmdb_ci_firewall_device_juniper] Firewall Device [cmdb_ci_firewall_device]
    Firewall Cluster [cmdb_ci_firewall_cluster] Cluster [cmdb_ci_cluster]
    Juniper Firewall Cluster [cmdb_ci_firewall_cluster_juniper] Firewall Cluster [cmdb_ci_firewall_cluster]
    Firewall Device Group [cmdb_ci_firewall_device_group] Configuration Item [cmdb_ci]
    Firewall Manager [cmdb_ci_firewall_manager] Configuration Item [cmdb_ci]
    Firewall Security Policy [cmdb_ci_firewall_security_policy] Configuration Item [cmdb_ci]

    Prerequisites

    • Ensure that your network firewall device has SNMP access.
    • On the ServiceNow instance, configure SNMP credentials.
    • Add the SNMP system OID record for the Juniper device to the ServiceNow instance. Update the following:
      • Classifier: Juniper Firewall
      • Class: Juniper Firewall Device
    Deploy the pattern as follows:
    1. Download and install the CMDB CI Class Models: Release 1.10.0 from the ServiceNow Store. The app adds the new CMDB classes required for network firewall discovery. For more information, see Firewall extension classes.
    2. Download and install the discovery pattern from the ServiceNow Store.
    3. Sync the pattern with the appropriate MID Server.

    Data collected by Discovery during horizontal discovery

    The discovered data includes the following tables and fields.

    Table 2. IP Firewall [cmdb_ci_ip_firewall]
    Field Description
    Name [name] Hostname.
    Serial Number [serial_number] Device serial number.
    Operational Status [operational_status] Indicates if the device is in active state.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Firmware [firmware_version] Firmware version.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 3. Firewall Device [cmdb_ci_firewall_device]
    Field Description
    Name [name] Hostname.
    Serial Number [serial_number] Serial number of the device.
    Fully qualified domain name [fqdn] Fully qualified domain name.
    Operational Status [operational_status] Indicates if the device is in active state.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Firmware [firmware_version] Firmware version.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 4. Juniper Firewall Device [cmdb_ci_firewall_device_juniper]
    Field Description
    Name [name] Hostname.
    Serial Number [serial_number] Serial number of the device.
    Fully qualified domain name [fqdn] Fully qualified domain name.
    Operational Status [operational_status] Indicates if the device is in active state.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Firmware [firmware_version] Firmware version.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 5. Firewall Cluster [cmdb_ci_firewall_cluster]
    Field Description
    Name [name] Hostname.
    Fully qualified domain name [fqdn] Fully qualified domain name.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 6. Juniper Firewall Cluster [cmdb_ci_firewall_cluster_juniper]
    Field Description
    Name [name] Hostname.
    Fully qualified domain name [fqdn] Fully qualified domain name.
    IP address [ip_address] IP address.
    Manufacturer [manufacturer] Device manufacturer.
    Description [short_description] Short description.
    Model Number [model_number] Device model number.
    Hardware Operating System [hardware_os] OS running on the hardware.
    Hardware OS Version [hardware_os_version] OS version running on the hardware.
    Table 7. Network Adapter [cmdb_ci_network_adapter]
    Field Description
    Name [name] Name of the network adapter.
    IP Address [ip_address] IP address of the network adapter.
    MAC Address [mac_address] MAC address of the network adapter.
    Configuration Item [cmdb_ci] References the Juniper Firewall Device [cmdb_ci_firewall_device_juniper] associated with this network adapter.
    The Dependency Views map on the Juniper Firewall Device CI shows the Juniper Firewall Cluster to which it belongs.
    CIs and connections on a Dependency Views map

    CI relationships

    The Next-Generation Juniper Network Firewall pattern creates the following relationships and references to support Juniper network firewall discovery. References link to records in other tables and don't appear in the CI Relationship [cmdb_rel_ci] table.

    Table 8. CI relationships
    CI Relationship CI
    Juniper Firewall Cluster [cmdb_ci_firewall_cluster_juniper] Hosted on::Hosts Juniper Firewall Device [cmdb_ci_firewall_device_juniper]
    Juniper Firewall Device [cmdb_ci_firewall_device_juniper] Owns::Owned by Network Adapter [cmdb_ci_network_adapter]
    Juniper Firewall Device [cmdb_ci_firewall_device_juniper] Owns::Owned by IP Address [cmdb_ci_ip_address]
    Juniper Firewall Device [cmdb_ci_firewall_device_juniper] Uses::Used by Router Interface [dscy_router_interface]
    Firewall Device [cmdb_ci_firewall_device] Contains::Contained by Firewall Security Policy [cmdb_ci_firewall_security_policy]
    Firewall Device Group [cmdb_ci_firewall_device_group] Members::Member Of Firewall Device [cmdb_ci_firewall_device]
    Firewall Device Group [cmdb_ci_firewall_device_group] Contains::Contained by Firewall Security Policy [cmdb_ci_firewall_security_policy]
    Firewall Manager [cmdb_ci_firewall_manager] Manages::Managed by Firewall Device [cmdb_ci_firewall_device]
    Firewall Manager [cmdb_ci_firewall_manager] Contains::Contained by Firewall Security Policy [cmdb_ci_firewall_security_policy]
    Table 9. CI references
    CI Field Referenced CI
    Serial Number [cmdb_serial_number] Configuration item [configuration_item] Juniper Firewall Device [cmdb_ci_firewall_device_juniper]
    Network Adapter [cmdb_ci_network_adapter] Configuration Item [cmdb_ci] Juniper Firewall Device [cmdb_ci_firewall_device_juniper]
    Router Interface [dscy_router_interface] Configuration Item [cmdb_ci] Juniper Firewall Device [cmdb_ci_firewall_device_juniper]