Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Known Issues

    This section lists the known issues in hardware and software in Junos OS Release 15.1X49-D120 for Sky ATP.

    • After you change the revocation configuration of a CA profile, the change cannot be populated to the SSL-I's revocation check. We recommend you change the SSL-I configuration to enable or disable CRL checking instead of using a ca-profile configuration. [PR 1143462]
    • When in HA mode, if you disable and then reenable CRL checking of certificate validity, the system does not reenable CRL checking. You must reboot the SRX1500 Services Gateway before CRL checking is again enabled. [PR 1144280]
    • If you select the Permit action in the Configure > Email Management > SMTP window, e-mails with attachments are sent directly to the recipients while the attachments are sent to the cloud for analysis. If system constraints, such as memory issues, cloud connectivity issues, etc., occur while the attachment is sent to the cloud, the fallback condition is supposed to be used. However, in this case, the Permit action overrides the fallback action. For example, if your fallback condition is Block, the Permit action as configured in the Web GUI is used. [PR 1239650]
    • A file submission timeout can occur on the SRX Series device when the following conditions are present:
      • The advanced anti-malware service (AAMW) is enabled.
      • SMTP or SMTPS is configured in the AAMW policy.
      • The fallback action is permit.
      • Long network latency exists between the SRX Series device and the Sky ATP cloud service.

      Under these circumstances, the e-mail remains in the sender’s Outlook outbox and the recipient never receives the e-mail.

      As a workaround, try to resolve the long latency issue between the SRX Series device and the Sky ATP cloud service. If this is not possible, increase the server timeout setting in the recipient’s Outlook. [1254088]

    • When the AAMW service is enabled and SMTP inspection is configured in the AAMW policy, SMTP e-mails encoded with the uuencode mechanism cannot be decoded or identified and as such are not inspected by the Sky ATP cloud for malware. [1236721]
    • AAMW sessions will always use the AAMW parameters configured at the time the session was establishment. Configuration changes will not retroactively affect already established sessions. For example, a session established when the verdict threshold is 5 will always have 5 as the threshold even if the verdict threshold changes to other values during that session’s lifetime. [1270751]
    • When you select the Deliver malicious messages with warning headers added option, Sky ATP adds headers to e-mails that most mail servers will recognize and filter into spam or junk folders. However, there are some SMTP servers that do not recognize the added headers and may reject these e-mails. [1281987]
    • if UTM IMAP and AAMW IMAP are configured in the same policy, AAMW will not inspect the e-mail attachment. [1275002]
    • If you configure a block close http file in a security intelligence policy, for example,
      set services security-intelligence profile CC_SERVER rule Rule-2 then action block close http file secintel_default_page.html

      the system software validation might fail. The block close http file feature is not supported if you used the validate option when installing the Junos OS software with the request system software add CLI command. As a workaround, disable this configuration if you used the validate option, or use the no-validate option with the request system software add CLI command. For example:

      request system software add junos-srxsme-10.0R2-domestic.tgz no-copy no-validate

      [1315593]

    • For certain actions for inspection profiles, the eicar.exe file is permitting instead of taking the configured actions. This applies to http and smtp. The inspection profile eicar.exe file is permitted instead of block for http and tag-and-deliver for smtp. [1317897-1]

    Modified: 2017-11-15