Known Issues
This section lists the known issues in Junos Space Security Director Release 22.2R1.
For the most complete and latest information about known Security Director defects, use the Juniper Networks online Junos Problem Report Search application.
-
A policy analysis report with more than 20000 rules cannot be generated. PR1708393
-
SSL certificate error is displayed while analyzing threat prevention policy. PR1648734
-
When you use Security Director Insights as a log collector, device selection on Monitor page does not work when a logical system or a tenant system device is selected. PR1621052
-
Security Director displays device lookup failed error during preview. PR1617742
Workaround:
Move the device to RMA state. Navigate to Junos Space Network Management Platform. Select Devices > Device Management. Select a device, right-click and select Device Operations and then select Put in RMA State.
Reactivate the device from RMA state. Navigate to Junos Space Network Management Platform. Select Devices > Device Management. Select a device, right-click and select Device Operations and then select Reactivate from RMA.
-
Primary cluster displays the status as DOWN while both devices in the device cluster displays the status as UP. PR1616993
Workaround:
Move the device to RMA state. Navigate to Junos Space Network Management Platform. Select Devices > Device Management. Select a device, right-click and select Device Operations and then select Put in RMA State.
Reactivate the device from RMA state. Navigate to Junos Space Network Management Platform. Select Devices > Device Management. Select a device, right-click and select Device Operations and then select Reactivate from RMA.
-
Security Director does not clear uncommitted logical system or tenant system device management configuration in case of job failure, which causes subsequent updates to fail. You must clear the configuration from space node before proceeding with next update. PR1603146
Workaround: Navigate to Junos Space Network Management Platform > Devices > Device Management > Modify Configuration > Deploy > Reject Changes.
-
Security Director fails to import policies when custom dynamic-applications are configured at root-level and referred in logical system or tenant system policies. PR1602677
-
An icon showing out-of-band changes is seen for firewall and IPS policies, although the corresponding policy changes are not made on the device. PR1484953
Workaround: Clear the out-of-band icon on the policies when changes are not made on the device. Navigate to the corresponding policy, and right-click the policy. Select View Device Policy Changes and reject all changes, and then click OK.
-
Deployment of cipher list CLI works only when you perform Save, or Save and Deploy. PR1485949
Workaround: You must save or deploy the selected Cipher list before you view the preview changes.
-
An object conflict occurs when you import Web filter profiles with duplicate names, although the values are the same. PR1420341
Workaround: Select either Overwrite with Imported Value or Keep Existing Object to avoid duplicate objects.
-
Junos Space Security Director does not support routing instances and proxy profiles in an antivirus pattern update for the unified threat management (UTM) default configuration. PR1462331
-
When you import out-of-band changes to a logical system device, a job is created for the root device along with the logical system device, although changes are made only in the logical system device. PR1448667
-
Import fails when a device is imported only with UTM custom objects without a UTM policy. PR1447779
Workaround: Delete the UTM custom objects if they are not used in a policy, or assign a UTM policy.
-
Update fails for unified policies when an SSL proxy profile that is set as global in a device is not used in any policy for that device. PR1407389
-
A policy analysis report with a large number of rules cannot be generated. PR1418125
-
When a column filter is used, the Deselect all and Clear all options do not clear selected items occasionally. PR1424112
-
The Show Unused option is not available for URL categories. PR1431345
-
Restart of a single JBoss node does not recover the system even if the issue is present on a single node. PR1478804
Workaround: Restart all JBoss nodes.
For known issues in Policy Enforcer, see Policy Enforcer Release Notes.