Support Support Downloads Knowledge Base Apex Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

Important notification for customers upgrading to Junos SPACE Security Director 13.3R1

0

0

Article ID: TSB16402 TECHNICAL_BULLETINS Last Updated: 30 Apr 2014Version: 2.0
Alert Type:
PSN - Product Support Notification
Alert Description:
Important notification for customers upgrading to Junos SPACE Security Director 13.3R1.
Junos SPACE Security Director 13.3R1 will be available May, 2014.

Our internal testing has shown the following issues may occur:
Deployments using Junos SPACE Security Director 13.3R1 on the JA1500 hardware appliance or VMware virtual machine with 8GB of RAM or less may experience significant degradation in performance along with lack of system memory when one of the following scenarios occur
  • When the number of firewall rules being published simultaneously is 8,000 or more. The 8,000 threshold can be reached by a single user publishing/updating a single firewall policy that has 8,000 firewall rules or two users simultaneously publishing/updating two firewall policies that each have 4,000 firewall rules each, etc….
  • When the number of firewall rules being published/updated simultaneously is 4,000 or more and there are several administrators making changes within Security Director/Space Platform at the same time. The 4,000 threshold can be reached by a single user publishing/updating a single firewall policy that has 4,000 firewall rules or two users simultaneously publishing/updating two firewall policies that each have 2,000 firewall rules each, etc….

The issue is related to the number of simultaneous firewall rules being published not the number of devices managed by Security Director.

This is primarily due to the Junos SPACE platform v.13.3 and Security Director v.13.3 requiring more system memory to operate than previous versions.
Solution:
One of the following is recommended prior to upgrading to Junos SPACE Security Director 13.3R1 to avoid the issues stated:
  • Migrate your Junos SPACE Security Director installation from the JA1500 hardware platform to the new JA2500 hardware platform
  • Migrate your Junos SPACE Security Director installation from the JA1500 hardware platform to a VMware virtual machine using a minimum of 16GB RAM (32GB RAM is recommended)
  • Increase the RAM allocation for any VMware virtual machine deployments to a minimum of 16GB RAM (32GB RAM is recommended)

Please note we have only observed this behavior for the environments outlined above.

Contact Juniper Technical Assistance Center (JTAC) at http://www.juniper.net/support/requesting-support.html with any questions or concerns.

We also want to highlight that the JA1500 appliance should not be recommended for new customers.

Implementation:
 
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search