Help Center User GuideGetting StartedFAQRelease Notes
 
X
User Guide
Getting Started
FAQ
Release Notes
Contents  

Release Notes for Junos Space Security Director

New and Changed Features

This section describes the new features and enhancements to existing features in Junos Space Security Director Release 19.3R1.

Supported Managed Devices

Security Director Release 19.3R1 manages the following devices:

The following log collection systems are supported:

Supported Line Cards

Table 1 shows the supported Juniper Networks line cards in Junos Space Security Director Release 19.3R1.

Table 1: Supported Line Cards

Device

Line Cards

SRX5800

  • SRX5K IOC4

  • SRX5K RE3

  • SRX5K SCB4

Supported Junos OS Releases

Security Director Release 19.3R1 supports the following Junos OS releases:

SRX Series devices require Junos OS Release 12.1 or later to synchronize the Security Director description field with the device.

The logical systems feature is supported only on devices running Junos OS Release 11.4 or later.

Note To manage an SRX Series device by using Security Director, we recommend that you install the matching Junos OS schema on the Junos Space Network Management Platform. If the Junos OS schemas do not match, a warning message is displayed during the publish preview workflow.

Supported Policy Enforcer and Juniper Sky ATP Releases

Table 2 shows the supported Policy Enforcer and Juniper Sky Advanced Threat Prevention (Juniper Sky ATP) releases.

Table 2: Supported Policy Enforcer and Juniper Sky ATP Releases

Security Director Release

Compatible Policy Enforcer Release

Junos OS Release (Juniper Sky ATP-supported Devices)

16.1R1

16.1R1

Junos OS Release 15.1X49-D60 and later

16.2R1

16.2R1

Junos OS Release 15.1X49-D80 and later

17.1R1

17.1R1

Junos OS Release 15.1X49-D80 and later

17.1R2

17.1R2

Junos OS Release 15.1X49-D80 and later

17.2R1

17.2R1

Junos OS Release 15.1X49-D110 and later

17.2R2

17.2R2

Junos OS Release 15.1X49-D110 and later

18.1R1

18.1R1

Junos OS Release 15.1X49-D110 and later

18.1R2

18.1R2

Junos OS Release 15.1X49-D110 and later

18.2R1

18.2R1

Junos OS Release 15.1X49-D110 and later

18.3R1

18.3R1

Junos OS Release 15.1X49-D110 and later

18.4R1

18.4R1

Junos OS Release 15.1X49-D110 and later

19.1R1

19.1R1

Junos OS Release 15.1X49-D110 and later

19.2R1

19.2R1

Junos OS Release 15.1X49-D120 and later

19.3R1

19.3R1

Junos OS Release 15.1X49-D120 and later

Supported Browsers

Security Director Release 19.3R1 is best viewed on the following browsers:

Installation and Upgrade Instructions

This section describes how you can install and upgrade Junos Space Security Director and Log Collector.

Installing and Upgrading Security Director Release 19.3R1

Junos Space Security Director Release 19.3R1 is supported only on Junos Space Network Management Platform Release 19.3R1 that can run on the following devices:

In Junos Space Security Director Release 19.3R1, a single image installs Security Director, Log Director, and the Security Director Logging and Reporting modules. All three applications are installed when you install the Security Director Release 19.3R1 image.

Note Starting in Junos Space Security Director Release 17.2R1 onward, Log Collector version information is stored in the /etc/juniper-release file on Log Collector. In previous Junos Space Security Director releases, Log Collector version information is stored in the /etc/redhat-release file on Log Collector.

Note An integrated Log Collector on a JA2500 appliance or Junos Space virtual appliance supports only 500 events per second (eps).

For more information about installing and upgrading Security Director Release 19.3R1, see Security Director Installation and Upgrade Guide.

Adding Security Director Log Collector Node in Security Director Release 17.2R1 and Later

For distributed Log Collector deployment, you must add only a Log Receiver node. You can add the node directly to Security Director using admin credentials, as in the case of the JSA node. For security reasons, non-root credentials are used to add a node.

Caution For Security Director Log Collector, provide the default credentials: username is admin and password is juniper123. You must change the default password by using the Log Collector CLI command configureNode.sh as shown in Figure 1.

Figure 1: Change Password

Change Password

For JSA, provide the admin credentials that are used to log in to the JSA console.

For information about how to add the Log Collector node to Security Director, see Security Director Installation and Upgrade Guide.

Loading Junos OS Schema for SRX Series Devices

You must download and install correct Junos OS schema to manage SRX Series devices. To download the correct schema, from the Network Management Platform list, select Administration > DMI Schema, and click Update Schema. See Updating a DMI Schema.

DMI Schema Compatibility for Junos OS Service Releases

The following tables explain how the Junos Space Network Management Platform chooses Device Management Interface (DMI) schemas for devices running Junos OS Service Releases.

If a Junos OS Service Release is installed on your device with a major release version of a DMI schema installed on Junos Space Network Management Platform, then Junos Space chooses the latest corresponding major release of DMI schemas, as shown in Table 3.

Table 3: Device with Service Release and Junos Space with FRS Release

Junos OS Version on Device

Junos Space DMI Schemas Installed

Junos Space Default Version

Junos Space Version Chosen for Platform

18.4R1-S1

18.4R1.8

18.3R1.1

18.2R1.1

18.2R1.1

18.4R1.8

If a Junos OS Service Release is installed on your device without a matching DMI schema version in Junos Space Network Management Platform, then Junos Space chooses the default DMI schema version, as shown in Table 4.

Table 4: Device with Service Release and Junos Space without matching DMI Schema

Junos OS Version on Device

Junos Space DMI Schemas Installed

Junos Space Default Version

Junos Space Version Chosen for Platform

18.4R1-S1

18.3R1.1

18.2R1.1

18.2R1.1

18.2R1.1

If more than one version of the DMI schemas are installed in Junos Space Platform for a single Junos OS Service Release version, Junos Space chooses the latest version of the DMI schema, as shown in Table 5.

Table 5: Device with Service Release and Junos Space with more than one DMI Schemas

Junos OS Version on Device

Junos Space DMI Schemas Installed

Junos Space Default Version

Junos Space Version Chosen for Platform

18.4R1-S1

18.4R1.8

18.4R1.7

18.4R1.6

18.3R1.1

18.3R1.1

18.4R1.8

If a Junos OS Service Release is installed on your device without a corresponding DMI schema version in Junos Space Network Management Platform, then Junos Space chooses a default DMI schema version, as shown in Table 6.

Table 6: Device with Service Release and Junos Space without more DMI Schemas

Junos OS Version on Device

Junos Space DMI Schemas Installed

Junos Space Default Version

Junos Space Version Chosen for Platform

18.4R1.1

18.3R1.1

18.2R1.1

18.2R1.1

18.2R1.1

For information about Junos OS compatibility, see Junos OS Releases Supported in Junos Space Network Management Platform.

Management Scalability

The following management scalability features are supported in Security Director:

Table 7 shows the supported firewall rules per policy that are processed concurrently.

Table 7: Supported Firewall Rules per Policy

Number of Device Rules Processed Concurrently

JBoss Node Count

Memory

Platform OpenNMS Function

Log Collector

Hard Disk

5,000–7,000

1

64 GB of RAM

Enabled

Dedicated node

Any

15,000

1

64 GB of RAM

Off or dedicated node

Dedicated node

Any

40,000

2

64 GB of RAM per node

Off or dedicated node

Dedicated node

Any

100,000

2

64 GB of RAM per node

Off or dedicated node

Dedicated node

SSD required

Note If you use a database dedicated setup (SSD hard disk VMs) for the deployment mentioned in Table 7, the performance of publish and update is better compared to the performance in a normal two-node Junos Space fabric setup.

Known Behavior

This section contains the known behavior and limitations in Junos Space Security Director Release 19.3R1.

Known Issues

This section lists the known issues in Security Director Release 19.3R1.

For the most complete and latest information about known Security Director defects, use the Juniper Networks online Junos Problem Report Search application.

For known issues in Policy Enforcer, see Policy Enforcer Release Notes.

Resolved Issues

This section lists the issues fixed in Security Director and Policy Enforcer Release 19.3R1.

For the most complete and latest information about resolved Security Director and Policy Enforcer issues, use the Juniper Networks online Junos Problem Report Search application.

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit