Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

New Features

Juniper Security Director 25.4.1

General

Menu reorganization—You can use the reorganized navigation system in Juniper Security Director to view the related features under intuitive categories with streamlined menu headers. The new layout reduces clutter, minimizes clicks, and helps you quickly find needed tools. Role-based access controls show only permitted menu items, simplifying your interface. You can quickly search the menu using the dedicated Menu Search text box provided at the top of the menu.

[See Juniper Security Director GUI Overview.]

Intelligence

IDP and Screens Insights—We have moved IDP and Screens threat details to separate pages. This dedicated view enhances clarity and improves user experience.

[See Insights Overview.]

Security

Zone-based or global security policy rule—You can now select the security policy rule scope—either zone-based or global—while creating a rule.

[See Add and Manage Security Policy Rules.]

Support for IPv6—We have extended IPv6 support across the following areas to enhance your network addressing capabilities:

  • IPS Signatures: A new IPv6 tab is now available when you create custom IPS signatures under Security > Security Services > IPS Signatures.

  • IPsec VPNs: IPv6 is supported for Network IP and Tunnel Settings in Security > IPsec VPN Management > IPsec VPNs.

  • Shared Object: You can now select IPv6 as an Address type in Security > Shared Objects > Addresses.

  • Security Policies: IPv6 is supported for Source and Destination addresses in Security > Security Policies.

[See Create and Manage IPS Signatures, Create and Manage Route-Based Site-to-Site VPN, Create and Manage Access Profiles, Create and Manage Addresses or Address Groups, and Create and Manage Address Pools.]

Inventory

Onboard and manage SRX4120 Firewalls—You can now use Juniper Security Director to onboard and manage SRX4120, a next-generation firewall that protects your enterprise campus edge and data center edge. Use SRX4120 devices for use cases such as:

  • Roaming

  • SD-WAN large branch

  • SD-WAN secure hub

[See Add Devices, Onboard SRX Series Firewalls to Juniper Security Director.]

Looking Glass—Use the looking glass functionality to view and compare configurations and runtime data across multiple devices. Run CLI commands—show, ping, test and traceroute simultaneously on selected devices to validate the state and troubleshoot efficiently. As you type, a dynamic suggestion list displays supported commands from the platform database, ensuring accurate inputs and faster entry. You can view results in text or table formats and export them in text or CSV format.

[See Looking Glass Overview.]

Logical MNHA grouping or ungrouping for existing devices—If Multinode High Availability (MNHA) is already configured using the CLI on devices outside Juniper Security Director or through templates, you can now select and logically group two already-managed standalone devices in the UI. You can then view the grouped devices as part of the MNHA configuration in the Juniper Security Director UI. You can also ungroup these devices in the UI if MNHA has been removed or ungrouped outside of Juniper Security Director. In this case, the devices appear as standalone devices.

Group and Ungroup are UI-only actions that improve visibility and management. Juniper Security Director cdoes not create, modify, push, or remove any MNHA configuration on the devices.

[See Group MNHA Devices and Ungroup MNHA Pairs.]

Configurable routing instance support—You can configure a custom routing instance for management, so devices reach Juniper Security Director services through that instance. Provide an input for the routing instance during onboarding or update from Device Connectivity Settings > Routing Instance - Other Features. Juniper Security Director saves the routing instance with interface and applies it to CLIs for outbound SSH, security log streaming, security packages, image staging or file copy, and PKI/Security-Intelligence/AAMW profiles. You can edit or remove the management routing instance. You can use templates to deploy routing instances to PKI/Security-Intelligence/AAMW profiles.

[See Configure and Manage Routing Instance.]

Roll back device image—You can now roll back the current image deployed on a device to its preceding version, also known as a backup image. Roll back the image on standalone devices, clusters, or MNHA pair devices that are onboarded and connected to the Juniper Security Director. You can roll back up to 10 devices at once.

[See Rollback Device Image.]

Proxy server for device connectivity—You can now configure a dynamic or static HTTP proxy server to manage your devices, onboard devices, and for all outbound SSH device traffic.

Note:

Devices running Junos OS Release 23.4R1 and later can use proxy servers. You can configure proxy servers in Juniper Security Director to manage devices running these supported versions of Junos OS.

[See Configure an HTTP Proxy Server for Device Management.]

Administration

Support for IPv6—We have extended IPv6 support across the following areas to enhance your network addressing capabilities:

  • Address Pools: IPv6 is supported in Address pool type, Primary DNS Server, and Secondary DNS Server in Admin > Identity > Address Pools.
  • Access Profile: IPv6 is supported for RADIUS authentication in Admin > Identity > Access Profile.
  • JIMS: IPv6 is supported for Primary JIMS Server in Admin > Identity > JIMS.

[ See Create and Manage Address Pools, Create and Manage Access Profiles, JIMS Identity Management Service Overview.]

Network

Support for Neighbor Discovery Protocol in NAT Policy—Use this feature to have the device respond to NDP requests and translate IPv6 addresses to MAC addresses in Network > NAT Management > NAT Policies.

[See Create a NAT Policy.]

Support for IPv6 in NAT Pools—You can now expand your addressing capabilities with IPv6 supported in Host Address Base in Network > NAT Management > NAT Pools.

[See Create and Manage NAT Pools.]