January, 2021 Release

New and Changed Features: January, 2021

Support for filtering DNS requests for disallowed domains (SRX4100, SRX4200, SRX4600, and vSRX)
Enhancements to adaptive threat profiling feed
Inclusion and Diversity (I&D) terminology updates
Support for TLS version 1.3

Support for filtering DNS requests for disallowed domains (SRX4100, SRX4200, SRX4600, and vSRX)

Starting in Junos OS Release 20.4R1, you can configure DNS filtering to identify DNS requests for disallowed domains. You can either:

Block access to the domain by sending a DNS response that contains the IP address or fully qualified domain name (FQDN) of a DNS sinkhole server. This ensures that when the client attempts to send traffic to the disallowed domain, the traffic instead goes to the sinkhole server.
Log the DNS request and reject access.

[See DNS Sinkhole, dns-filtering, security-intelligence(services), clear services security-intelligence dns-statistics, and show services security-intelligence dns-statistics.]

Enhancements to adaptive threat profiling feed

You can now directly exclude specific feed entries (IP addresses) from the threat profiling feed.

[See Adaptive Threat Profiling Overview.]

Inclusion and Diversity (I&D) terminology updates

We have changed some of the terminologies in the Juniper ATP Cloud GUI and documentation. The changed terms represent the inclusion and diversity principles we value.

[See Creating Allowlists and Blocklists.]

Support for TLS version 1.3

We now support Transport Layer Security (TLS) version 1.3 for encrypted traffic insights feature.