Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Known Issues

  • We do not support the use of third-party authenticators for access to certain SaaS applications. For example, the Box application allows you to log in using your Google credentials, but Juniper Secure Edge recognizes the activity as a Google login rather than a Box login.

    Workaround: Use the SaaS application's built-in authentication system.

  • Box upload activity is not detected in roaming traffic.

  • If you use the CASB-supported Microsoft Teams application, you must edit the decrypt profile to identify the activities. By default, the decrypt profile (exempt list) includes the following Microsoft URLs:

    • *.delivery.mp.microsoft.com
    • *.teams.microsoft.com
    • *.update.microsoft.com
    • *.vortex-win.data.microsoft.com
    • activation.sls.microsoft.com
    • update.microsoft.com
    • windowsupdate.microsoft.com
    • *.windowsupdate.microsoft.com

    You must remove *.teams.microsoft.com from the exempt list to identify Microsoft Teams activities.

  • If a non-administrator user launches the JIMS Collector user interface (UI), the status of the Enforcement Points are not updated. The status always shows "Inactive" in the Monitor > Enforcement Points page in the JIMS Collector UI.

  • When authenticated by Hosted DB, end users with disabled accounts are not notified that their account has been disabled. The end-user account was either disabled by the administrator or automatically disabled after five consecutive failed authentication attempts.

    Workaround: End users can contact their administrator to unlock their account.

  • When you create an IPsec tunnel from a site to Secure Edge, the tunnel configuration status on the UI displays a “tunnel_status_undefined” message instead of an “in progress” message.

    Workaround: The status updates when the tunnel creation process is complete – typically in about <10> minutes.

  • The LDAP configuration may display a blank error screen when incorrect information is entered .

    Workaround: The administrator will need to reenter the correct LDAP values.

  • A few CASB applications and activities are not identified by the browser.

    Workaround: Disable the HTTP over QUIC in your browser settings to use the SSL proxy.

    • Steps to disable HTTP over QUIC in Firefox:

      1. In the address bar, enter about:config.

      2. In the Search preference name box, enter network.http.http3.enable and change the toggle to False.

      3. Repeat the above step for network.http.http3.enable and change the toggle to False.

      4. Clear the browser cookies and restart the browser.

    • Steps to disable HTTP over QUIC in Chrome:

      1. In the address bar, enter chrome://flags/.

      2. In the Search flags box, enter Experimental QUIC protocol and select Disabled from the drop-down menu.

      3. Clear the browser cookies and restart the browser.