Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 

New and Changed Features

This section describes the new features and enhancements to existing features in Junos Space Security Director Release 16.2R1.

  • MX Series firewall capability support—Security Director now supports managing MX Series routers. You can discover them along with SRX Series devices and perform the following actions:
    • Create and manage firewall policies
    • Create and manage firewall policy rules
    • Publish and update policies

    Starting in Junos OS Release 16.1R3-S1.3, you can use the Screens section on the Modify Configuration page to modify the security screen configuration for MX Series routers.

    [See Creating Firewall Policies, Creating Firewall Policy Rules, and Modifying the Screens Configuration for Security Devices.]

  • Migrating content from NSM to Security Director—You can migrate the NSM database from NSM Releases 2010.3 through 2012.2 into Security Director.

    The following features are supported during the NSM migration:

    • Firewall policies with global rules (including support for the global address book)
    • NAT policies with support for the global address book
    • Nested address group support (Junos OS Release 11.2 and later)
    • Negate address group support in firewall rules
    • Service offload support in firewall rules
    • Source address or source port option in static NAT
    • Source port option in source NAT

    [See NSM Migration.]

  • Using JSA as a log collector—Starting in Security Director Release 16.2R1, you can use Juniper Secure Analytics (JSA) as a log collector to view log data in Security Director. From the JSA console, Security Director supports SRX Series logs only. Security Director can use JSA3800, JSA5800, JSA7500, or virtual JSA for log collection. You must add JSA as a logging node in Security Director to view the log data on the Dashboard, Events and Logs, Reports, and Alerts pages.

    After JSA is deployed as a VM or hardware appliance, you can configure the network devices to send system logs to JSA. It collects the logs in a standalone or clustered setup. For more details on deploying and configuring JSA, see Juniper Secure Analytics.

    Note: You can use either Security Director log collector or JSA as a log collector.

    [See Using JSA as a Log Collector.]

  • SSL forward proxy URL category—The whitelisting feature is extended to include URL categories supported by Enhanced Web filtering in the whitelist configuration of SSL forward proxy. These URL categories are exempted during the SSL inspection.

    [See Creating SSL Forward Proxy Profiles.]

  • Suite B and PRIME cryptographic suites support—Suite B and PRIME-128 and PRIME-256 cryptographic suites are supported.

Modified: 2017-04-04