Out of all the enterprise software I've ever used, NSM has to have the worst track record of bugs ever! Does Juniper even test this product before they ship it or do they expect their customers to act as QA for them?
We've recently upgraded from 2011.1 to 2012.1 -- if you're thinking about this, DON'T DO IT. In the past two weeks, I've documented the following gems:
1. NSM used to ignore options set on predefined objects when it didn't have the option to change it. No longer! Now, if you have an inactivity timer set on a predefined object on an SRX, NSM won't update the device. In our case, we had an inactivity timer set on the junos-ssh service object... their support tech workaround was to replace the predefined SSH object with a custom one. Thank, great advice... I'll update 300 rules b/c you shipped buggy software... even using "replace with...", this is ridiculous.
2. NSM flat out fails to do a delta config on certain older versions of screenos... we get an obscure message. Juniper sent me a schema update... haven't tested it yet. I guess they don't have older screenos devices in their test lab!
3. Device server is crashing every 15-20 minutes. Haven't seen this before, must be a new HA "feature" -- I bet Juniper can spin this turd as some sort of HA feature!
4. Even slower -- Everytime I upgrade NSM, I swear that there's no possible way they could make the client interface any slower... well, they've outdone themselves once more on this release! The good news is that you can run a delta config and have time to run to starbucks for a coffee while you'r waiting for it to finish.
I've got 2 nice things to say:
1. They updated the icon -- it's so prettty now.
2. Their support staff are phenominal people -- patient and willing to go the distance to fix the absolute garbage product that their developers have shipped. It's a shame really, they should have the developers field these calls some time, they might learn some respect for other people's time.
