Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Release Notes for Junos Space Security Director

 

New and Changed Features

This section describes the new features and enhancements to existing features in Junos Space Security Director Release 19.3R1.

  • IPS policy support for unified and standard firewall policy—Starting in Junos Space Security Director Release 19.3, you can configure an Intrusion Prevention System (IPS) policy from the standard and unified firewall policy rules page.

    Note
    • From Junos OS Release 18.2 and later, IPS policy publish or update is combined with firewall policy and is not an independent operation.

    • In a device running Junos OS Release 18.2, you must assign the same IPS policy to all the rules in the firewall policy; otherwise, the commit fails.

    • In a device running Junos OS Release 18.3 or later, you can assign different IPS policy to the rules in the firewall policy. You must set one of the IPS policies as the default policy; otherwise, the commit fails.

    When you import the configuration from a device, the IPS policy is also imported along with the firewall policy.

    You can import and convert the deprecated active policy CLI configuration into a new CLI configuration from Security Director. You can import the IPS policy for the deprecated active-policy for Junos OS Release 18.2 and later. After the IPS policy is imported, the rules associated with the firewall policy for the device is updated with IPS policy details as follows:

    • Firewall rules having IPS ON will be set to IPS OFF and the IPS Policy value is updated with the imported IPS Policy.

    • On subsequent update from Security Director, you can see the new firewall policy CLI configuration to attach IDP and the same can be updated to device.

  • Default UTM configuration—Starting in Junos Space Security Director Release 19.3, you can configure a default UTM configuration for web filtering, antivirus, antispam, and content filtering profiles for devices running Junos OS Release 18.2 or later. You can configure only one default configuration on each device.

    If any parameter in a UTM feature profile is not configured, then the corresponding parameter is applied from the UTM default configuration. The UTM default CLI configuration is generated as part of the unified or standard firewall policy, where the corresponding device with the default UTM configuration is assigned.

  • CentOS upgrade support—Junos Space Security Director Release 19.3 supports Log Collector upgrade from CentOS version 6.5 to 6.8.

  • Out-of-band changes—Starting in Junos Space Security Director Release 19.3, after selecting a device for group policy, you can click Affected Devices to see all the devices to which the policy is assigned.

    For both group policy and device-specific policy, the icon next to the device(s) indicates the out-of-band changes.

Supported Managed Devices

Security Director Release 19.3R1 manages the following devices:

  • SRX100

  • SRX110

  • SRX210

  • SRX220

  • SRX240

  • SRX240H

  • SRX300

  • SRX320

  • SRX320-POE

  • SRX340

  • SRX345

  • SRX550

  • SRX550M

  • SRX650

  • SRX1400

  • SRX1500

  • SRX3400

  • SRX3600

  • SRX4100

  • SRX4200

  • SRX5400

  • SRX5600

  • SRX5800

  • SRX4600

  • vSRX

  • MX240

  • MX480

  • MX960

  • MX2010

  • MX2020

  • LN1000-V

  • LN2600

The following log collection systems are supported:

  • Security Director Log Collector

  • Juniper Secure Analytics (JSA) as Log Collector on JSA Release 2014.8.R4 and later

  • QRadar as Log Collector on QRadar Release 7.2.8 and later

Supported Line Cards

Table 1 shows the supported Juniper Networks line cards in Junos Space Security Director Release 19.3R1.

Table 1: Supported Line Cards

Device

Line Cards

SRX5800

  • SRX5K IOC4

  • SRX5K RE3

  • SRX5K SCB4

Supported Junos OS Releases

Security Director Release 19.3R1 supports the following Junos OS releases:

  • 10.4

  • 11.4

  • 12.1

  • 12.1X44

  • 12.1X45

  • 12.1X46

  • 12.1X47

  • 12.3X48

  • 15.1X49

  • vSRX 15.1X49

  • 16.1R3-S1.3

  • 15.1X49-D110

  • 17.3

  • 17.4

  • 18.1

  • 18.2

  • 18.3

  • 18.4

  • 19.1

  • 19.2

  • 19.3

  • 19.4

SRX Series devices require Junos OS Release 12.1 or later to synchronize the Security Director description field with the device.

The logical systems feature is supported only on devices running Junos OS Release 11.4 or later.

Note

To manage an SRX Series device by using Security Director, we recommend that you install the matching Junos OS schema on the Junos Space Network Management Platform. If the Junos OS schemas do not match, a warning message is displayed during the publish preview workflow.

Supported Policy Enforcer and Juniper Sky ATP Releases

Table 2 shows the supported Policy Enforcer and Juniper Sky Advanced Threat Prevention (Juniper Sky ATP) releases.

Table 2: Supported Policy Enforcer and Juniper Sky ATP Releases

Security Director Release

Compatible Policy Enforcer Release

Junos OS Release (Juniper Sky ATP-supported Devices)

16.1R1

16.1R1

Junos OS Release 15.1X49-D60 and later

16.2R1

16.2R1

Junos OS Release 15.1X49-D80 and later

17.1R1

17.1R1

Junos OS Release 15.1X49-D80 and later

17.1R2

17.1R2

Junos OS Release 15.1X49-D80 and later

17.2R1

17.2R1

Junos OS Release 15.1X49-D110 and later

17.2R2

17.2R2

Junos OS Release 15.1X49-D110 and later

18.1R1

18.1R1

Junos OS Release 15.1X49-D110 and later

18.1R2

18.1R2

Junos OS Release 15.1X49-D110 and later

18.2R1

18.2R1

Junos OS Release 15.1X49-D110 and later

18.3R1

18.3R1

Junos OS Release 15.1X49-D110 and later

18.4R1

18.4R1

Junos OS Release 15.1X49-D110 and later

19.1R1

19.1R1

Junos OS Release 15.1X49-D110 and later

19.2R1

19.2R1

Junos OS Release 15.1X49-D120 and later

19.3R1

19.3R1

Junos OS Release 15.1X49-D120 and later

Supported Browsers

Security Director Release 19.3R1 is best viewed on the following browsers:

  • Mozilla Firefox

  • Google Chrome

  • Microsoft Internet Explorer 11

Installation and Upgrade Instructions

This section describes how you can install and upgrade Junos Space Security Director and Log Collector.

Installing and Upgrading Security Director Release 19.3R1

Junos Space Security Director Release 19.3R1 is supported only on Junos Space Network Management Platform Release 19.3R1 that can run on the following devices:

  • JA2500

  • Junos Space virtual appliance

  • Kernel-based virtual machine (KVM) server installed on CentOS Release 7.2.1511

In Junos Space Security Director Release 19.3R1, a single image installs Security Director, Log Director, and the Security Director Logging and Reporting modules. All three applications are installed when you install the Security Director Release 19.3R1 image.

Note

Starting in Junos Space Security Director Release 17.2R1 onward, Log Collector version information is stored in the /etc/juniper-release file on Log Collector. In previous Junos Space Security Director releases, Log Collector version information is stored in the /etc/redhat-release file on Log Collector.

Note

An integrated Log Collector on a JA2500 appliance or Junos Space virtual appliance supports only 500 events per second (eps).

For more information about installing and upgrading Security Director Release 19.3R1, see Security Director Installation and Upgrade Guide.

Adding Security Director Log Collector Node in Security Director Release 17.2R1 and Later

For distributed Log Collector deployment, you must add only a Log Receiver node. You can add the node directly to Security Director using admin credentials, as in the case of the JSA node. For security reasons, non-root credentials are used to add a node.

Caution

For Security Director Log Collector, provide the default credentials: username is admin and password is juniper123. You must change the default password by using the Log Collector CLI command configureNode.sh as shown in Figure 1.

Figure 1: Change Password
Change Password

For JSA, provide the admin credentials that are used to log in to the JSA console.

For information about how to add the Log Collector node to Security Director, see Security Director Installation and Upgrade Guide.

Loading Junos OS Schema for SRX Series Devices

You must download and install correct Junos OS schema to manage SRX Series devices. To download the correct schema, from the Network Management Platform list, select Administration > DMI Schema, and click Update Schema. See Updating a DMI Schema.

DMI Schema Compatibility for Junos OS Service Releases

The following tables explain how the Junos Space Network Management Platform chooses Device Management Interface (DMI) schemas for devices running Junos OS Service Releases.

If a Junos OS Service Release is installed on your device with a major release version of a DMI schema installed on Junos Space Network Management Platform, then Junos Space chooses the latest corresponding major release of DMI schemas, as shown in Table 3.

Table 3: Device with Service Release and Junos Space with FRS Release

Junos OS Version on Device

Junos Space DMI Schemas Installed

Junos Space Default Version

Junos Space Version Chosen for Platform

18.4R1-S1

18.4R1.8

18.3R1.1

18.2R1.1

18.2R1.1

18.4R1.8

If a Junos OS Service Release is installed on your device without a matching DMI schema version in Junos Space Network Management Platform, then Junos Space chooses the default DMI schema version, as shown in Table 4.

Table 4: Device with Service Release and Junos Space without matching DMI Schema

Junos OS Version on Device

Junos Space DMI Schemas Installed

Junos Space Default Version

Junos Space Version Chosen for Platform

18.4R1-S1

18.3R1.1

18.2R1.1

18.2R1.1

18.2R1.1

If more than one version of the DMI schemas are installed in Junos Space Platform for a single Junos OS Service Release version, Junos Space chooses the latest version of the DMI schema, as shown in Table 5.

Table 5: Device with Service Release and Junos Space with more than one DMI Schemas

Junos OS Version on Device

Junos Space DMI Schemas Installed

Junos Space Default Version

Junos Space Version Chosen for Platform

18.4R1-S1

18.4R1.8

18.4R1.7

18.4R1.6

18.3R1.1

18.3R1.1

18.4R1.8

If a Junos OS Service Release is installed on your device without a corresponding DMI schema version in Junos Space Network Management Platform, then Junos Space chooses a default DMI schema version, as shown in Table 6.

Table 6: Device with Service Release and Junos Space without more DMI Schemas

Junos OS Version on Device

Junos Space DMI Schemas Installed

Junos Space Default Version

Junos Space Version Chosen for Platform

18.4R1.1

18.3R1.1

18.2R1.1

18.2R1.1

18.2R1.1

For information about Junos OS compatibility, see Junos OS Releases Supported in Junos Space Network Management Platform.

Management Scalability

The following management scalability features are supported in Security Director:

  • By default, monitor polling is set to 15 minutes and resource usage polling is set to 10 minutes. This polling time changes to 30 minutes for a large-scale data center setup such as one for 200 SRX Series devices managed in Security Director.

    Note

    You can manually configure the monitor polling on the Administration>Monitor Settings page.

  • Security Director supports up to 15,000 SRX Series devices with a six-node Junos Space fabric. In a setup with 15,000 SRX Series devices, all settings for monitor polling must be set to 60 minutes. If monitoring is not required, disable it to improve the performance of your publish and update jobs.

  • To enhance the performance further, increase the number of update subjobs thread in the database. To increase the update subjobs thread in the database, run the following command:

    Note

    For mysql username and password, contact Juniper Support.

Table 7 shows the supported firewall rules per policy that are processed concurrently.

Table 7: Supported Firewall Rules per Policy

Number of Device Rules Processed Concurrently

JBoss Node Count

Memory

Platform OpenNMS Function

Log Collector

Hard Disk

5,000–7,000

1

64 GB of RAM

Enabled

Dedicated node

Any

15,000

1

64 GB of RAM

Off or dedicated node

Dedicated node

Any

40,000

2

64 GB of RAM per node

Off or dedicated node

Dedicated node

Any

100,000

2

64 GB of RAM per node

Off or dedicated node

Dedicated node

SSD required

Note

If you use a database dedicated setup (SSD hard disk VMs) for the deployment mentioned in Table 7, the performance of publish and update is better compared to the performance in a normal two-node Junos Space fabric setup.

Known Behavior

This section contains the known behavior and limitations in Junos Space Security Director Release 19.3R1.

  • You must disable OpenNMS before installing the integrated Log Collector.

    To disable OpenNMS:

    1. Select Network Management Platform > Administration > Applications.
    2. Right-click Network Management Platform, and select Manage Services.
    3. Select Network Monitoring, and click the Stop Service icon.

      The network monitoring service is stopped, and the status of OpenNMS is changed to Disabled.

    Note

    You must ensure that Junos Space Network Management Platform and Security Director are already installed on a JA2500 appliance or Junos Space virtual appliance.

  • The Enable preview and import device change option is disabled by default.

    To enable this option:

    1. Select Network Management Platform > Administration > Applications.
    2. Right-click Security Director, and select Modify Application Settings.
    3. From Update Device, select the Enable preview and import device change option.
  • If you restart the JBoss application servers manually in a six-node setup one-by-one, the Junos Space Network Management Platform and Security Director user interfaces are launched within 20 minutes, and the devices reconnect to Junos Space Network Management Platform. You can then edit and publish the policies. When the connection status and the configuration status of all devices are UP and IN SYNC, respectively, click Update Changes to update all security-specific configurations or pending services on SRX Series devices.

  • To generate reports in the local time zone of the server, you must modify /etc/sysconfig/clock to configure the time zone. Changing the time zone on the server by modifying /etc/localtime does not generate reports in the local time zone.

  • If the vSRX VMs in NSX Manager are managed in Security Director Release 17.1R1 and Policy Enforcer Release 17.1R1, then after upgrading to Security Director Release 19.3R1 and Policy Enforcer Release 19.3R1, you must migrate the existing vSRX VMs in NSX Manager from Policy Enforcer Release 17.1R1 to Release 19.3R1.

    To migrate the existing vSRX VMs:

    1. Log in to the Policy Enforcer server by using SSH.
    2. Run the following commands:

      cd /var/lib/nsxmicro

      ./migrate_devices.sh

  • If the NSX Server SSL certificate has expired or changed, communication between Security Director and NSX Manager fails, thereby impacting the functionality of NSX Manager, such as sync NSX inventory and security group update.

    To refresh the NSX SSL certificate:

    1. Log in to Policy Enforcer by using SSH.
    2. Run the following command:

      nsxmicro_refresh_ssl --server <<NSX IP ADDRESS>>--port 443

      This script fetches the latest NSX SSL certificate and stores it for communication between Security Director and NSX Manager.

  • In a setup where other applications are installed in Junos Space Network Management Platform along with Security Director, the JBoss PermSize must be increased from 512m to 1024m in the /usr/local/jboss/domain/configuration/host.xml.slave file. Under <jvm name="platform">, change the following values in the <jvm-options> tag:

    <option value="-XX:PermSize=1024m"/>

    <option value="-XX:MaxPermSize=1024m"/>

  • When you import addresses via CSV, a new address object is created by appending a_1 to the address object name if the address object is already present in Security Director.

Known Issues

This section lists the known issues in Security Director Release 19.3R1.

For the most complete and latest information about known Security Director defects, use the Juniper Networks online Junos Problem Report Search application.

  • When you import multiple devices with default IPS policies simultaneously, only one default IPS policy is imported. The default IPS policy of other devices are not imported. PR1470335

    Workaround: If default IPS policies are configured, import devices individually.

    OR

    If you want to simultaneously import multiple devices with default IPS policies, create and update default IPS policy from Standard/Unified Policies > Global Options > IDP Default.

  • An object conflict is seen while importing web filter profiles with duplicate name though the values are same. PR1420341

    Workaround: Select either Overwrite with Imported Value or Keep Existing Object to avoid duplicate objects.

  • Unified IPS support for LSYS device is not provided. PR1465554

  • Security Director does not support routing instance and proxy profile in antivirus pattern update for UTM default configuration. PR1462331

  • When out-of-band changes are imported to logical system (LSYS) device, the job is created for the root device along with the LSYS device, although changes are made only in the LSYS device. PR1448667

  • The newly created first rule of a rule group always moves to the previous rule group when out-of-band changes are imported. PR1451550

    Workaround: Manually move the imported rule to the appropriate rule group.

  • You must not import a device with UTM traffic-options because Security Director throws a delta which causes update to fail. PR1419135

    Workaround: Delete traffic-options from the UTM profiles.

  • Import fails when a device is imported with UTM custom objects alone without a UTM policy. PR1447779

    Workaround: Delete the UTM custom objects if they are not used in a policy or assign a UTM policy.

  • Port range search of services in firewall rule page does not work. PR1442093

  • Update fails for unified policies when an SSL proxy profile that is set as global in a device is not used in any policy for that device. PR1407389

  • Junos Space Security Director fails to import VPN if a device uses master password encryption because VPN preshared key with $8$ format is not supported. PR1416285

  • Junos Space Security Director generates wrong CLI commands for deleting advanced policy-based routing (APBR) rules. PR1417708

  • A policy analysis report with a large number of rules cannot be generated. PR1418125

  • When a column filter is used, the deselect all and clear all options sometimes do not clear selected items. PR1424112

  • The Show Unused option is removed for URL categories. PR1431345

For known issues in Policy Enforcer, see Policy Enforcer Release Notes.

Resolved Issues

This section lists the issues fixed in Security Director and Policy Enforcer Release 19.3R1.

For the most complete and latest information about resolved Security Director and Policy Enforcer issues, use the Juniper Networks online Junos Problem Report Search application.

  • Issue when cloning a predefined report definition. PR1449442

  • The source-except option in IPS policies does not work. PR1449494

  • Unable to delete unused items. PR1445707

  • Unable to search for any rule description from the global search. PR1441200

  • Import of firewall policy fails. PR1459349

  • Update job takes a long time to complete. PR1455111

  • Unable to create application firewall policies. PR1451118

  • Service object merge function does not work. PR1428132

  • The Find Usage option for shared objects does not work. PR1450774

  • Exact hit-count report is not generated. PR1434244

  • Traffic log search by policy name fails if the policy name has a special character. PR1456719

  • VPN configuration update fails. PR1459910

  • An error occurs during an import device configuration job. PR1438257

  • Search does not work. PR1442082

  • Search of services does not work. PR1458357

  • When publishing and updating a NAT policy, the destination port is deleted. PR1448887

  • Dynamic application information is lost. PR1447346

  • Destination port is not shown when publishing and updating a NAT policy. PR1453195

  • Unable to rename objects. PR1437619

  • Description search of firewall rules does not work if the search string is a combination of numerals and alphabets. PR1441200

  • Unable to import IPS policies from devices with Junos OS version 18.2R1 or later. PR1411089

  • Unable to import UTM configuration from devices with Junos OS version 18.2R1 or later. PR1431759

  • Devices without unified support can be assigned under unified policies. PR1407283

  • Failure seen in preview after upgrade. PR1463926

  • An issue with Install Signatures schedule job. PR1450479

  • Unable to import URL global device profiles. PR1459427

  • Unable to edit Show Top Records value in report definition. PR1463934

  • Numeric values are appended to VPN names. PR1453628

  • Unable to delete custom users and roles. PR1466720

    Note

    The fix is available in Junos Space platform 19.3 hot-patch:19.3R1-hotpatch-v2.

Hot Patch Releases

This section describes the installation procedure and resolved issues in Junos Space Security Director Release 19.3R1 hot patches.

During hot patch installation, the script performs the following operations:

  • Blocks the device communication.

  • Stops JBoss, JBoss Domain Controller (JBoss-dc), and jmp-watchdog services.

  • Backs up existing configuration files and EAR files.

  • Updates the Red Hat Package Manager (RPM) files.

  • Restarts the watchdog process, which restarts JBoss and JBoss-dc services.

  • Unblocks device communication after restarting the watchdog process for device load balancing.

Note

You must install the hot patch on Security Director Release 19.3R1.86 or on any previously installed hot patch. The hot patch installer backs up all the files which are modified or replaced during hot patch installation.

Installation Instructions

Perform the following steps in the CLI of the JBoss-VIP node only:

  1. Download the Security Director 19.3R1 Patch vX from the download site.

    Here, X is the hot patch version. For example, v1, v2, and so on.

  2. Copy the SD-19.3R1-hotpatch-vX.tgz file to the /home/admin location of the VIP node.
  3. Verify the checksum of the hot patch for data integrity:

    md5sum SD-19.3R1-hotpatch-vX.tgz.

  4. Extract the SD-19.3R1-hotptach-vX.tgz file:

    tar -zxvf SD-19.3R1-hotpatch-vX.tgz

  5. Change the directory to SD-19.3R1-hotpatch-vX.

    cd SD-19.3R1-hotpatch-vX

  6. Execute the patchme.sh script from the SD-19.3R1-hotpatch-vX folder:

    sh patchme.sh

    The script detects whether the deployment is a standalone deployment or a cluster deployment and installs the patch accordingly.

A marker file, /etc/.SD-19.3R1-hotpatch-vX, is created with the list of Red-hat Package Manager (RPM) details in the hot patch.

Note

We recommend that you install the latest available hot-patch version, which is the cumulative patch.

Supported Junos OS Releases

Security Director Release 19.3R1 V2 and later hot patches support the following Junos OS releases:

  • 20.1

  • 20.2

Resolved Issues in Hot Patches

Table 8 lists the resolved issues in Security Director Release 19.3R1 hot patch.

Table 8: Resolved Issues in the Hot Patch

PR

Description

Hot Patch Version

PR1506356

Disabling monitoring for a device does not stop polling the device.

V2

PR1509739

After an upgrade, the UTM policy configuration lines for traffic-options are deleted.

V2

PR1501832

Preview of an update/publish job fails for SRX Series firewall.

V2

PR1513934

There is an issue with the hit count settings.

V2

PR1518097

When user selects a time-period such as 5m, 10m, 15m, and so on, events data is not populated and displays that the data is not available.

V2

PR1512652

An error message is displayed on the Tunnels page.

V2

PR1505663

Unexpected results are returned when using global search for Policies.

V2

PR1450608

A specific Juniper Sky ATP event is not displayed in monitor events.

V1

PR1451532

There is an issue while searching for a service range.

V1

PR1452201

Application firewall publish and update operations fail because a deprecated configuration was pushed to the device.

V1

PR1454442

Threat-map block functionality does not work.

V1

PR1458913

A false failure message is displayed for firewall updates.

V1

PR1464623

Unable to add JSA as a logging node after the Junos Space database is restored.

V1

PR1468161

Security Director does not push the proper detector version or signature database for vSRX 3.0.

V1

PR1468755

When a policy is updated on the device, Security Director changes the policy destination and source.

V1

PR1469204

After the filter is cleared, the data is not retained in the job manager.

V1

PR1469745

Service objects search fails for an IPS policy.

V1

PR1469852

Data is not available on the Application page.

V1

PR1471546

Tunnel name is not updated.

V1

PR1472468

Event logs from Juniper Secure Analytics (JSA) to Security Director show a wrong sub-domain.

V1

PR1474842

NSM job migrations fail.

V1

PR1475408

Random digits are appended to the VPN name.

V1

PR1478209

There is an issue with renaming the rule-set.

V1

PR1478355

Security Director dashboard widgets fail to load data whenever a specific device is selected.

V1

PR1478919

NAT pool drop-down list takes more time to load.

V1

PR1478948

The routing-instance does not get bound to the interface while a VPN is being created or edited.

V1

PR1479200

Issue with snapshot rollback of an application firewall policy.

V1

PR1479339

There are issues after Security Director is upgraded.

V1

PR1479795

Security Director device updates fail when an SRX Series cluster failover occurs.

V1

PR1479934

There is inconsistency in the grid view of application visibility data.

V1

PR1480360

The policy import or publish job fails with a null exception.

V1

PR1480479

Modifying a VPN Phase 1 profile causes the Phase 2 custom profile to be deleted.

V1

PR1480647

VPNs on Security Director remain down as Security Director is unable to generate a unique IKE policy name.

V1

PR1483279

Search does not work for user IDs in security policies.

V1

PR1483763

Security Director does not generate antivirus profile CLI commands when the engine type is selected as None for UTM.

V1

PR1483997

All the detector details are not shown.

V1

PR1484530

There is an issue with publish or update of identity management configuration.

V1

PR1484611

Security Director does not push the pre-shared key (PSK) to the VPNs as the PSKs are getting encrypted twice.

V1

PR1485485

Device-related jobs on Security Director fail.

V1

PR1486055

Multiple IKE policy pre-shared-key statements are pushed to the firewall.

V1

PR1486740

Search does not work for objects in the firewall, IPS, or NAT policies.

V1

PR1488680

The device update job does not show the reason for failure with or without OOB changes.

V1

PR1488781

The pre-shared keys for the VPNs in Security Director do not get updated on the devices correctly.

V1

PR1489303

When a rule is cloned in firewall policies, the cloned rule does not contain the tunnel information.

V1

PR1490718

After publishing 30,000 VPNs, issues are seen with the publish process.

V1

PR1490851

IPS signature installation fails from Junos Space on vSRX installed on KVM.

V1

PR1490998

Junos Space is unable to push policy changes due to the connection limit for Enhanced Web Filtering.

V1

PR1491008

Users cannot create a usable custom role name to be used in the source-identity field of the policy.

V1

PR1492280

Data is not seen in the application-related widgets when a specific device is selected.

V1

PR1493326

Unable to change the name of the IPS policy for an SRX Series device.

V1

PR1493795

When you run a publish or update job from Security Director, an error message is seen.

V1

PR1496012

IPv6 address object search does not work properly.

V1

PR1497931

When creating an application or service object, a warning appears for source-port.

V1

PR1499409

Security Director is unable to search for a shared object.

V1

PR1501723

Policy update failure is seen when the same IDP or IPS policy is assigned in group device policies or device-specific policies for two or more devices.

V1

PR1480657

The Username field is blank for dynamic VPN events.

V1

Note

If the hot patch contains a user interface fix, you must clear the Web browser’s cache to reflect the latest changes.