Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Application Identification (AppID)

  • Application signature package enhancements (NFX Series, SRX Series, and vSRX)—Starting in Junos OS Release 21.1R1, we've enhanced the application signature package by grouping all newly added signatures under the junos:all-new-apps group. When you download the application signature package on your device, the predefined application group is downloaded. You can use this application group in the security policy configuration.

    We've also introduced a list of application tags, based on attributes, in the application signature package. You can group similar applications based on these predefined tags. By doing so, you can consistently reuse the application groups when you define security policies.

    [See Predefined Application Signatures for Application Identification.]

  • Enhancements to packet capture of unknown applications (NFX Series, SRX Series, and vSRX)

    Starting in Junos OS Release 21.1R1, your security device stores the packet capture of unknown

    applications’ details per session. As a result of this change, the packet capture (.pcap) file now includes the session ID in the filename. We now store the file in destination-IP-address.destination-port.protocol.session-id.pcap format in the /var/log/pcap location. (Previously, the packet capture file was saved in destination-IP-address. destination-port.protocol.pcap format.)

    In addition, we’ve enhanced packet capture of unknown application functionality to capture unknown Server Name Indication (SNI) details.

    [See Packet Capture of Unknown Application Traffic Overview.]

  • Application signature enhancements (NFX Series, SRX Series, and vSRX)—Starting in Junos OS Release 21.1R1, we’ve introduced the following enhancements to application signatures:
    • Support for FTP data context propagation
    • Skipping of deep packet inspection (DPI) for the sessions offloaded by advanced policy-based routing (APBR) on application system cache (ASC) hit (when only APBR service is enabled).
    • Forceful installation of the application signature pack over the same version of signature pack.
    • Display (in the CLI command output) of the application signature pack release date.
    • Display (in the CLI command output) of the list of deprecated application signatures available in the installed signature pack.

    [See Predefined Application Signatures for Application Identification.]