Hot Patch Releases
This section describes the installation procedure and resolved issues in Junos Space Security Director Release 22.3R1 hot patch.
During hot patch installation, the script performs the following operations:
- Blocks the device communication.
- Stops JBoss, JBoss Domain Controller (JBoss-dc), and jmp-watchdog services.
- Backs up existing configuration files and EAR files.
- Updates the Red Hat Package Manager (RPM) files.
- Restarts the watchdog process, which restarts JBoss and JBoss-dc services.
- Unblocks device communication after restarting the watchdog process for device load
balancing.Note:
You must install the hot patch on Security Director Release 22.3R1 or on any previously installed hot patch. The hot patch installer backs up all the files which are modified or replaced during hot patch installation.
Installation Instructions
Perform the following steps in the CLI of the JBoss-VIP node only:
-
Download the Security Director 22.3R1 Patch vX from the download site.
Here, X is the hot patch version. For example, v1, v2, and so on.
-
Copy the
SD-22.3R1-hotpatch-vX.tgz
file to the/home/admin
location of the VIP node. -
Verify the checksum of the hot patch for data integrity:
md5sum SD-22.3R1-hotpatch-vX.tgz.
-
Extract the
SD-22.3R1-hotptach-vX.tgz
file:tar -zxvf SD-22.3R1-hotpatch-vX.tgz
-
Change the directory to
SD-22.3R1-hotpatch-vX
.cd SD-22.3R1-hotpatch-vX
-
Execute the
patchme.sh
script from theSD-22.3R1-hotpatch-vX
folder:sh patchme.sh
The script detects whether the deployment is a standalone deployment or a cluster deployment and installs the patch accordingly.
A marker file, /etc/.SD-22.3R1-hotpatch-vX
, is created with the list of
Red-hat Package Manager (RPM) details in the hot patch.
-
We recommend that you install the latest available hot-patch version, which is the cumulative patch.
Resolved Issues in the Hot Patches
Table 1 lists the resolved issues in Security Director Release 22.3R1 hot patch.
PR |
Description |
Hot Patch Version |
---|---|---|
Geographical location report shows incorrect data in Security Director. |
V1 |
|
Security Director updates the database with incorrect cyclic service group. |
V1 |
|
SRX series devices do not show any data in the Intrusion Prevention System (IPS) report with log event IDP_ATTACK_LOG_EVENT_LS. |
V1 |
|
The application visibility feature does not show the log data for last eight hours and earlier. |
V1 |
|
User is unable to search for an object in Security Director even when the objects exist in Shared Objects. |
V1 |
|
When you try to preview, publish, or update configuration in Security Director, it fails with an error. |
V1 |
|
The Maximum Transmission Unit (MTU) is not visible during the edit workflow, when provided as default. |
V1 |
|
Security Director fails to import the policy zip files with more than 20000 rules. |
V1 |
|
Security Director fails to publish the SRX series cluster policy with Content Security (UTM) is not available in the device error message. |
V1 |
|
SecurityDirector fails to update the Unified ThreatManagement (UTM) policies in SRX and vSRX Series devices. |
V1 |
|
Unexpected changes for UTM are visible in the preview after upgrading to Junos Space Network Management Platform release 22.3R1. |
V1 |
If the hot patch contains a UI fix, then you must clear the Web browser’s cache to reflect the latest changes.