•
Policy VPN Integration
— When a security policy created between two security domains
is provisioned, the policy will use the paths defined by the IPSec VPN created between
the security devices associated with the security domains.
•
Security Policy for Intermediate Firewall
— An intermediate firewall with the security
policy which allows IKE/IPsec traffic for VPN is configured automatically when
provisioning a VPN with an intermediate firewall. The intermediate device is listed
along with the VPN endpoints.
•
NAT
— Create, manage and provision NAT policies to devices. Using Network Address
Translation (NAT), you can maintain network security by hiding internal IP addresses
from other networks. You can also use NAT to conserve IP addresses. Junos Space
supports two types of NAT:
•
Source NAT
— Translates the source address of outbound traffic.
•
Static NAT
— Maintains a constant one-to-one address translation. It translates the
same private address to the same public address.
Known Issues
•
If you create a device group with more than 100 devices, the device group will not be
visible on the topology whiteboard.
Workaround: Click on the topology whiteboard. [PR 563375]
•
When you decommission a VPN that has VPN Monitor setting enabled, VPN Monitor
options such as Interval and Threshold are not removed from the device.
Workaround: Manually remove the VPN Monitor options using the CLI interface.
[PR 546065]
•
If you create and configure a group link that has a large number of devices, the Link
Properties window will still show that the group link is not configured. If you delete a
group link that has a large number of devices, the link is still displayed on the topology
whiteboard.
Workaround: Click on the topology whiteboard. [PR 561740]
Copyright © 2010, Juniper Networks, Inc.
8
Junos Space 2.0 Release Notes
