Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation  Back up to About Overview 

Known Behavior

This section contains the known behavior and limitations in Junos Space Security Director Release 18.1R2.

  • You must disable OpenNMS before installing the integrated Log Collector.

    To disable OpenNMS:

    1. Select Network Management Platform > Administration > Applications.

      The Applications page appears.

    2. Right-click Network Management Platform and select Manage Services.

      The Manage Services page appears.

    3. Select Network Monitoring and click the Stop Service icon.

      The network monitoring service is stopped and the status of OpenNMS is changed to Disabled.

    Note: You must ensure that the Junos Space Network Management Platform and Security Director are already installed on a JA2500 or virtual machine.

  • The Enable preview and import device change option is disabled by default. To enable this option, select Network Management Platform > Administration > Applications. Right-click Security Director and select Modify Application Settings. Under Update Device, select the Enable preview and import device change option.

  • If you restart the JBoss application servers manually in a six-node setup one-by-one, the Junos Space Network Management Platform and the Security Director user interfaces are launched within 20 minutes, and the devices reconnects to the Junos Space Network Management Platform. You can then edit and publish the policies. When the connection status and the configuration status of all devices are UP and IN SYNC, respectively, click Update Changes to update all security-specific configurations or pending services on SRX Series devices.

  • To generate reports in the local time zone of the server, you must modify /etc/sysconfig/clock to configure the time zone. Changing the time zone on the server by modifying /etc/localtime is not sufficient.

  • If vSRX VMs in NSX Manager are managed in Security Director Release 17.1R1 and Policy Enforcer Release 17.1R1, then after upgrading to Security Director Release 18.1R1 and Policy Enforcer Release 18.1R1, log in to the Policy Enforcer server by using SSH and run the following command:

    cd /var/lib/nsxmicro

    ./migrate_devices.sh

    This script migrates the existing Release 17.1R1 vSRX VMs in NSX Manager into the currently compatible Release 18.1R1.

  • If the NSX server SSL certificate has expired or changed, communication between Security Director and NSX Manager does not work, thereby impacting the functionality of the NSX Manager, such as sync NSX inventory, security group update, and so on.

    You must refresh the NSX SSL certificate by performing the following steps:

    1. Log in to Policy Enforcer by using SSH.
    2. Run the command:

      nsxmicro_refresh_ssl --server <<NSX IP ADDRESS>>--port 443

      This script gets the latest NSX SSL certificate and stores it for communication between Security Director and NSX.

Modified: 2018-06-12