Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Device Security

  • IMA coverage update (ACX Series, PTX Series, and QFX Series)—Integrity Measurement Architecture (IMA) coverage now includes the following additional file systems:

    • ISO9660

    • PROC

    • SYSFS

    • DEBUGFS

    • RAMFS

    • SECURITYFS

    • EFIVARFS

    • DEVPTS

    • BINFMTFS

    • SELINUX

    • CGROUP

    • NSFS

    • TRACEFS

    IMA now enforces signature verification for the kexec kernel and initramfs images. It also generates a nonrepudiable log for new key addition events to IMA keyrings. These enhancements strengthen runtime integrity protections against unauthorized changes to Junos OS Evolved.

    [See File Security with IMA.]