Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


What’s Changed in Release 21.4R2

Authentication and Access Control

  • Enhanced UAC authentication (SRX Series)—To regulate the lifespan (default 60 seconds) of event table entries, we've added a new configuration statement set services unified-access-control event-table-lifetime time interval in seconds> . If there is a delay in authentication at the SRX Series device, use this configuration statement to enable UAC traffic after the user is authorized from the IC.

    [See Configuring Junos OS Enforcer Failover Options (CLI Procedure).]


  • Changes in Identity Management page (SRX Series)—Starting in Junos OS Release 21.4R1, we've renamed Identity Management as Juniper Identity Management Services (JIMS) in the following location: In Security Services > Firewall Authentication, the Identity Management menu is renamed to JIMS. In Identity Management page (new JIMS page), all instances of Identity Management are renamed to Juniper Identity Management Services.

Network Management and Monitoring

  • Changes when deactivating or deleting instances of the ephemeral configuration database (ACX Series, EX Series, MX Series, PTX Series, QFX Series, SRX Series, vMX, and vSRX)—The following changes apply when you deactivate or delete ephemeral database instances in the static configuration database:

    • When you deactivate the entire [edit system configuration-database ephemeral] hierarchy level, the device deletes the files and corresponding configuration data for all user-defined ephemeral instances. In earlier releases, the files and configuration data are preserved; however, the configuration data is not merged with the static configuration database.
    • When you delete an ephemeral instance in the static configuration database, the instance's configuration files are also deleted. In earlier releases, the configuration files are preserved.
    • You can delete the files and corresponding configuration data for the default ephemeral database instance by configuring the delete-ephemeral-default statement in conjunction with the ignore-ephemeral-default statement at the [edit system configuration-database ephemeral] hierarchy level.

    [See Enable and Configure Instances of the Ephemeral Configuration Database.]

Unified Threat Management (UTM)

  • Content filtering CLI updates (SRX Series and vSRX)—We've the following updates to the content filtering CLI:

    • Trimmed the list of file types supported for content filtering rule match criteria. Instead of uniquely representing different variants of a file type, now only one file-type string represents all variants. Hence, the show security utm content-filtering statistics output is also updated to align with the new file types available in the rule match criteria.
    • Renamed the content filtering security logging option seclog to log to match with the Junos OS configuration standard.
    • Rephrased the reason string associated with content filtering security log message.

    [See content-filtering (Security UTM Policy), content-filtering (Security Feature Profile), and show security utm content-filtering statistics.]