New and Changed Features
This section describes the new features and enhancements to existing features in Junos Space Security Director Release 18.2R1.
Logical systems—You can create logical systems in Security Director. Logical systems for SRX Series devices enable you to partition a single device into secure contexts. Each logical system has its own discrete administrative domain, logical interfaces, routing instances, security firewall, and other security features. To distribute security resources across logical systems, you must create security profiles that specify the type and amount of resources to be allocated to a logical system. Security Director supports logging and reporting for each configured logical system.
Installing and upgrading Security Director from Junos Space Store—Junos Space Store displays the latest compatible versions of the Junos Space applications, which can be installed or upgraded on the current version of Junos Space Network Management Platform. You must configure the Juniper Networks Software download credentials to connect to Junos Space Store. Junos Space accesses the metadata repository hosted by Juniper Networks to discover the available applications and published versions. You can configure the Log Collector and Policy Enforcer components while installing the Security Director application. Junos Space Store does not handle the upgrade of components such as Log Collector and Policy Enforcer. Therefore, refer to the existing method of upgrading the Log Collector and Policy Enforcer components after upgrading the Security Director application.
Reports—Following are the enhancements in Reports:
You can generate reports for a selected time range by choosing the Custom Time Range Selection option. For a custom time range, you can select the top records to be displayed in the report for a specific period or time range. You can select the custom time range while creating the log report and bandwidth report. You can also select the custom time range for the Run Now, Preview as PDF, and Send Report options.
The Top Talkers report is added. This generates a report on the source IP addresses, with the highest bandwidth usage or maximum sessions, over a specified period.
IPsec VPN enhancements—Following are the enhancements for IPsec VPN:
You can now delete multiple IPsec VPNs. While you are deleting the IPsec VPNs, a confirmation message is displayed for redirecting the user to the Security Devices page to delete the IPsec VPNs from the device.
You can rename an IPsec VPN while importing the VPN.
For a custom proposal, you can specify Diffie-Hellman (DH) Group, Authentication, or Encryption, as selecting all three values is not mandatory.
You can add a maximum of five IKE addresses on an extranet device when dead peer detection (DPD) is enabled.
You can create an IPsec VPN with eBGP. The interface type must be numbered and you must set the autonomous system (AS) number.
IPv6 support for Juniper Secure Analytics (JSA)—When you add JSA as a log collector in Security Director, IPv6 addresses are supported when logging nodes are added.