Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
ON THIS PAGE
 

Hot Patch Releases

Junos Space Security Director Release 24.1R2 Hot Patch Release

This section describes the installation procedure and resolved issues in Junos Space Security Director Release 24.1R2 hot patch.

During hot patch installation, the script performs the following operations:

  • Blocks the device communication.
  • Stops JBoss, JBoss Domain Controller (JBoss-dc), and jmp-watchdog services.
  • Backs up existing configuration files and EAR files.
  • Updates the Red Hat Package Manager (RPM) files.
  • Restarts the watchdog process, which restarts JBoss and JBoss-dc services.
  • Unblocks device communication after restarting the watchdog process for device load balancing.
    Note:

    You must install the hot patch on Security Director Release 23.1R1 or on any previously installed hot patch. The hot patch installer backs up all the files which are modified or replaced during hot patch installation.

Installation Instructions

Perform the following steps in the CLI of the JBoss-VIP node only:

  1. Download the Security Director 24.1R2 Patch vX from the download site.

    Here, X is the hot patch version. For example, v1, v2, and so on.

  2. Copy the SD24.1R2-hotpatch-vX.tgz file to the /home/admin location of the VIP node.

  3. Verify the checksum of the hot patch for data integrity:

    md5sum SD24.1R2-hotpatch-vX.tgz.

  4. Extract the SD24.1R2-hotptach-vX.tgz file:

    tar -zxvf SD24.1R2-hotpatch-vX.tgz

  5. Change the directory to SD24.1R2-hotpatch-vX.

    cd SD24.1R2-hotpatch-vX

  6. Execute the patchme.sh script from the SD24.1R2-hotpatch-vX folder:

    sh patchme.sh

    The script detects whether the deployment is a standalone deployment or a cluster deployment and installs the patch accordingly.

A marker file, /etc/.SD24.1R2-hotpatch-vX, is created with the list of Red-hat Package Manager (RPM) details in the hot patch.

Note:

We recommend that you install the latest available hot-patch version, which is the cumulative patch.

Resolved Issues in the Hot Patches

Table 1 lists the resolved issues in Security Director Release 24.1R2 hot patch.

Table 1: Resolved Issues in the Hot Patch

PR

Description

Hot Patch Version
PR1835150

The user is unable to download SummaryReport.zip file in Security Director.

v1

Junos Space Security Director Release 24.1R3 Hot Patch Release

This section describes the installation procedure and resolved issues in Junos Space Security Director Release 24.1R3 hot patch.

During hot patch installation, the script performs the following operations:

  • Blocks the device communication.
  • Stops JBoss, JBoss Domain Controller (JBoss-dc), and jmp-watchdog services.
  • Backs up existing configuration files and EAR files.
  • Updates the Red Hat Package Manager (RPM) files.
  • Restarts the watchdog process, which restarts JBoss and JBoss-dc services.
  • Unblocks device communication after restarting the watchdog process for device load balancing.
    Note:

    You must install the hot patch on Security Director Release 23.1R1 or on any previously installed hot patch. The hot patch installer backs up all the files which are modified or replaced during hot patch installation.

Installation Instructions

Perform the following steps in the CLI of the JBoss-VIP node only:

  1. Download the Security Director 24.1R3 Patch vX from the download site.

    Here, X is the hot patch version. For example, v1, v2, and so on.

  2. Copy the SD24.1R3-hotpatch-vX.tgz file to the /home/admin location of the VIP node.

  3. Verify the checksum of the hot patch for data integrity:

    md5sum SD24.1R3-hotpatch-vX.tgz.

  4. Extract the SD24.1R3-hotptach-vX.tgz file:

    tar -zxvf SD24.1R3-hotpatch-vX.tgz

  5. Change the directory to SD24.1R3-hotpatch-vX.

    cd SD24.1R3-hotpatch-vX

  6. Execute the patchme.sh script from the SD24.1R3-hotpatch-vX folder:

    sh patchme.sh

    The script detects whether the deployment is a standalone deployment or a cluster deployment and installs the patch accordingly.

A marker file, /etc/.SD24.1R3-hotpatch-vX, is created with the list of Red-hat Package Manager (RPM) details in the hot patch.

Note:

We recommend that you install the latest available hot-patch version, which is the cumulative patch.

Resolved Issues in the Hot Patches

Table 2 lists the resolved issues in Security Director Release 24.1R3 hot patch.

Table 2: Resolved Issues in the Hot Patch

PR

Description

Hot Patch Version

PR1854243

The databases are out of sync in Security Director.

Workaround:

  1. Login to the JBoss CLI using the following command:

    /usr/local/jboss/bin/jboss-cli.sh --connect --user=admin --password=$(grep jboss.admin /etc/sysconfig/JunosSpace/pwd | awk -F= '{print $2}') --controller=jmp-CLUSTER

  2. Run the following command in the JBoss CLI and set tcp-keep-alive to false.

    /profile=full-ha/subsystem=undertow/server=default-server/http-listener=default:write-attribute(name=tcp-keep-alive, value=false)

  3. Verify the value

    /profile=full-ha/subsystem=undertow/server=default-server/http-listener=default:read-resource

  4. Stop JBoss and JBoss-dc on the VIP node and JBoss on the non-VIP node.

  5. Start JBoss and JBoss-dc on the VIP node and JBoss on the non-VIP node.

v2

PR1853552

The user is unable to modify the system log configuration in Security Director.

v2
PR1849595

The user is unable to view data in the Application tab under Monitor > Applications. The page displays An error occurred while requesting the data message.

v1
PR1851141

The user is unable to configure rule sets for a NAT policy using change control workflow.

v1
PR1852966

The user is unable to install AppSecure license on the vSRX Virtal Firewall via Security Director.

v1
PR1852986

The user is unable to scroll down on the IDP policy rules list under Configure > IPS Policy > Policies in Security Director 24.1R1.

v1