Junos Space Developer
Junos Space Developer

Auto sync policy using SD ver 19.2?

‎10-10-2019 08:01 PM

Hi all,

 

Previously i know the feature auto policy sync will be add on SD ver 19.3 (as per told by Juniper SE) but on 19.2 i can see that feature already appear. But that feature in 19.2 by default is disable and we need enable it. So may i know if this feature is good why it disable by default? Is there any things need to alert when we enable this feature?

 

Thanks and appreciate your feedback

 

 

 

3 REPLIES 3
Junos Space Developer

Re: Auto sync policy using SD ver 19.2?

‎10-10-2019 11:26 PM
Hello,




• Synchronizing out-of-band changes for firewall policies:


Starting in Junos Space Security Director Release 19.2R1, you can import or reject the out-of-band changes from a device to Security Director.
Automatic synchronization is applicable for device-specificfirewall policy and manual synchronization is applicable for both device-specific and grouppolicy.
Out-of-band configuration changes are the changes you make to a device configuration through any method other than deploying the configuration change from Security Director.




Juniper Business Use Only
Regards
-Animesh
If this worked for you please flag my post as an "Accepted Solution" so others can be benefited.
Junos Space Developer

Re: Auto sync policy using SD ver 19.2?

‎10-10-2019 11:34 PM
Hello,

Also this feature is an additional one which is not the default behaviour of how SD works and hence it's by default in disabled state.
This feature is only applicable for FW policies..
You can refer to the release notes - under section New and changed Feature for more details -

https://www.juniper.net/documentation/en_US/junos-space19.2/information-products/topic-collections/r...



Juniper Business Use Only
Regards
-Animesh
If this worked for you please flag my post as an "Accepted Solution" so others can be benefited.
Junos Space Developer

Re: Auto sync policy using SD ver 19.2?

‎10-11-2019 12:16 AM

It was scheduled to add in SD 19.2 itself.

It is by default disabled because it doesn't work for all policies, it only works for device-specific policy so user has an option to enable it or keep it disabled.

Even if you enable it, you still have an option to reject the Out-of-band changes.

https://www.juniper.net/documentation/en_US/junos-space19.2/topics/concept/junos-space-sd-policy-syn...