Starting in Junos 12.1X47D10 the SRX uses a second generation application identification engine which greatly improves the application identification capabilities on the SRX. On May 14th 2015, we will be providing a major update to our AppID engine which further improves accuracy, and adds an additional 270 new applications. This major AppID update will be released in signature pack 2495.
As part of the standard development cycle, Juniper has done extensive quality assurance and scalability testing and has detected a small performance degradation in lab testing scenarios of 5-10% in some of the test cases.
We believe this is unlikely to affect actual customer deployments, and is a result of the addition of new inspection techniques and the 270 new applications detected.
This update does not require any downtime or manual customer intervention (if automatic updates are configured), as it can be seamlessly installed as part of standard update process documented here:
http://www.juniper.net/techpubs/en_US/junos12.1/topics/concept/services-application-identification-application-package-understanding.htmlIf you believe that this update has created a performance or stability concern, you can easily roll the system back to a previous signature pack (2493 or earlier) and contact JTAC.
Steps to Rollback:
1. Download the previous signature/detector pack with the following command:
a. “request services application-identification download version 2493”
2. Install the package with the following command:
a. “request services application-identification install”
3. Optionally, if automatic download/installation is enabled, you can disable that during troubleshooting by entering the configuration mode and disabling automatic AppID/IPS downloads:
a. “edit”
b. “deactivate services application-identification download”
c. “deactivate security idp security-package”
d. commit