New and Changed Features
This section describes the new features and enhancements to existing features in Junos Space Security Director Release 22.1R1.
Application visibility enhancements—Starting in Junos Space Security Director Release 22.1R1, you can:
View the applications, users, and source IP address details on the same landing page.
Use the query builder in the chart view to create search criteria based on options such as user, application, source IP address, and destination IP address. Enter the filter criteria, and click Save to save the filter. Click the filter icon and select Show Saved Filters to view the filters that you created.
View the aggregate count of applications, content (content filter), source IP addresses, and destination IP addresses in the insight bar. The aggregate count changes based on the applied filter values. When you click a count link, you navigate to the All Events page with valid filters applied.
View the standard and nonstandard port, firewall rule, and status details in the application grid view columns. The status indicates whether the application is blocked or not.
Manage threat prevention policy without Policy Enforcer—Starting in Junos Space Security Director Release 21.3R1 Hot Patch V1, you can manage threat prevention policies even if you haven’t configured Policy Enforcer. If you create and associate a threat prevention policy or profile with the firewall policy using the device CLI or J-Web without configuring Policy Enforcer, then Security Director doesn’t delete the threat prevention policy or profile when you preview or update the firewall policy. Therefore, you don't have to reconfigure the threat prevention policy or profile, and reassociate it with the firewall policies in the device.
Note:This feature is applicable only when you create a threat prevention policy and associate it to existing rules using the device CLI or J-Web.
Legacy log collector and Security Director Insights log collector support for event viewer—Starting in Junos Space Security Director Release 21.3R1 Hot Patch V1, you can add both the legacy log collector node and the Security Director Insights VM on the Logging Nodes page in Security Director. We've added read-only log collector support to enable you to view existing data. This support provides a smooth transition from the legacy log collector to the Security Director Insights VM as the log collector.
Note:You cannot add same type of log collector nodes on the Logging Nodes page.
The Legacy Node check box appears on all the Events & Logs pages after you add the legacy log collector node. Select the Legacy Node check box to view only the existing log collector data. New logs should point to Security Director Insights VM as the log collector. You see the Security Director Insights log collector data after you clear the Legacy Node check box.
For new features and enhancements in Policy Enforcer, see Policy Enforcer Release Notes.