October 07, 2023 Release
Secure Edge New Features: October 07, 2023
Service Management
Enhancements on the Service Locations page—We've made the following enhancements:
-
You get at least one pair of service locations to ensure maximum service availability.
-
You can add more pairs of service locations as needed.
-
You can add more users to any pair of service locations as needed.
Monitor
View CASB logs—When associated with a Secure Edge policy, a Cloud Access Security Broker (CASB) profile collects logs from the configured cloud applications. You can view and monitor these activity-based and action-based application logs on Monitor > Logs > CASB. [See Monitor CASB Logs.]
View CASB application visibility logs—On the new CASB Application Visibility page (Monitor > Maps & Charts > CASB Applications), you can view the following information related to CASB-supported cloud applications:
-
Volume (network traffic) that each application uses
-
Volume (bandwidth) that each category of the application consumes
-
Number of events or sessions received, grouped by risk as defined by the applications
[See About the CASB Application Visibility Page.]
Tunnel status alerts—You can use the Tunnel Status Alerts page (Monitor > Alerts > Tunnel Status Alerts) to view the tunnel status alerts for the configured tunnels between sites and service locations.
Security Subscriptions
Manage CASB profiles—You can create, modify, clone, and delete Cloud Access Security Broker (CASB) profiles. The CASB functionality provides visibility into the security of your cloud applications. You can also create CASB profile rules to control specific actions on each cloud application to secure your data. After you assign the CASB profile to a Secure Edge policy, the profiles ensure that the traffic flows between cloud providers and on-premises devices comply with the Secure Edge policy. [See About the CASB Profiles Page, About the CASB Rules Page, and Add a Secure Edge Policy Rule.]
CASB inline cloud application activity controls—You can configure rules to control activities on the cloud applications for a CASB profile. The supported activities are login, upload, download, and share. The supported cloud applications are Box, Dropbox, Salesforce, Google Docs, and OneDrive. [See About the CASB Rules Page.]
Application instance for CASB—You can configure an application instance for the CASB profile. Use instance names to define which particular instances of the same cloud application you want to take a policy action on. [See About the CASB Rules Page.]
Application tagging for CASB—You can tag an application instance as Untagged, Sanctioned, or Unsanctioned for a CASB profile to reflect whether or not your organization approves the cloud application. By default, all the application instances are tagged as None. This type of tagging is not the same as the application instance tagging for the CASB rules. [See About the Application Tagging Page.]
Custom URL categories—You can create custom URL categories and add them to Web filtering profiles. You can also assign one of the following actions to the URL categories:
-
Log and permit the URLs.
-
Block the URLs.
-
Permit the URLs.
-
Quarantine the URLs.
Security Policy
Captive portal support for unauthenticated on-premises users—You can now use captive portal to authenticate on-premises users that request access to a network service. In earlier releases, you could use captive portal to authenticate only roaming users. By default, captive portal is enabled for roaming users and disabled for on-premises site users. You can enable the captive portal support for on-premises users from the Secure Edge Policy page. [See About the Secure Edge Policy Page, and Add a Secure Edge Policy Rule.]
Identity
Supported JIMS Collector version—Secure Edge now supports JIMS Collector Release 1.7.0 and later. [See Juniper Identity Management Service Overview.]
Shared Services
Import URL patterns from a CSV file—Import multiple allowed or blocked URL patterns from a CSV file. You can use these URL patterns to validate inbound and outbound URL requests and allow or block the requests.
[See Import URL Patterns from a CSV File.]
DAG filter—You can filter and view the dynamic address group (DAG) feeds from the Amazon Web Services (AWS) regions and services that you select. Use a DAG filter to add the feeds. You can configure a maximum of 10 DAG filters for the selected AWS regions and services. [See Configure DAG Filter.]
Webhook for audit log notifications—You can use an audit log webhook to send Juniper Advanced Threat Prevention Cloud (ATP Cloud) audit log notifications to a remote server. A webhook is an automated message or a real-time notification that any application receives from another application that triggers an event. You can enable the webhook and configure the remote server URL to receive these notifications in a chat application that can process JavaScript Object Notation (JSON) responses. [See Configure Webhook.]
Secure Edge Bug Fixes: October 07, 2023
There are no bug fixes in this release.