Juniper

JunOS M/MX

Dashboard and Browsers	Change Tracking Policy Analysis Risk Dashboard Cleanup Violations
Change Management	Change Management Graphical Policy Real-time Monitoring Display IPv6 objects Create SecureChange ticket from Policy Browser for: • Rule Decommission • Rule Recertification
Policy Analysis	Policy Analysis Object Lookup
Auditing and Reporting	Auditing and Reporting Expired Rules Report
Topology	Static Topology Dynamic Topology Calculate impact of NAT rules Calculate impact of VPN policies

Accountability, Rule and Object Usage, IPv6 objects logical systems are not supported.
Topology and dynamic topology (with MPLS L3 VPNs) are supported on standalone MX routers.

Dashboard and Browsers	Change Tracking Policy Analysis Risk Dashboard Cleanup Violations
Change Management	Rule and Object Usage Report Change Management Graphical Policy Real-time Monitoring Full Accountability Display IPv6 objects Create SecureChange ticket from Policy Browser for: • Rule Decommission • Rule Modification • Rule Recertification
Policy Analysis	Automatic Policy Generation (APG) Policy Analysis Object Lookup
Auditing and Reporting	Expired Rules Report Auditing and Reporting
Topology	Static Topology Dynamic Topology Calculate impact of NAT rules Calculate impact of VPN policies Path analysis with IPv6 addresses in source and destination

NAT rules and display of IPv6 objects are supported for directly-monitored SRX firewalls only.
Topology supports routes with a VR as the next hop.

Dashboard and Browsers	Change Tracking Policy Analysis Risk Dashboard Cleanup Violations
Change Management	Rule and Object Usage Report Change Management Graphical Policy Real-time Monitoring Full Accountability Display IPv6 objects Create SecureChange ticket from Policy Browser for: • Rule Decommission • Rule Recertification
Policy Analysis	Automatic Policy Generation (APG) Policy Analysis Object Lookup
Auditing and Reporting	Expired Rules Report Auditing and Reporting
Topology	Static Topology Dynamic Topology Calculate impact of NAT rules Calculate impact of VPN policies

Dashboard and Browsers	Change Tracking Policy Analysis Risk Dashboard Cleanup Violations
Change Management	Rule and Object Usage Report Change Management Graphical Policy Real-time Monitoring Full Accountability Display IPv6 objects Create SecureChange ticket from Policy Browser for: • Rule Decommission • Rule Recertification
Policy Analysis	Automatic Policy Generation (APG) Policy Analysis Object Lookup
Auditing and Reporting	Expired Rules Report Auditing and Reporting
Topology	Static Topology Dynamic Topology Calculate impact of NAT rules Calculate impact of VPN policies

Real-time monitoring uses device polling.
Only these reports are supported for managed devices: Best Practices, Compliance Policies, Policy Analysis, Rule Documentation and Recertification, Rule and Object Usage, and Firewall Module Change.
The Firewall Module Change report can only be used to report on Juniper devices connected to a monitored NSM Central Manager. To get full support for a device that is connected to NSM, add the managed device to SecureTrack monitoring directly.

IPv6 objects display is not supported.
Routing information is not collected from virtual routers; Support the Expired Rules report.
ISG series:
- Vsys devices when managed by Juniper NSM can be included in rule usage report, APG, and unused objects cleanup.
- Rule usage is supported only when syslogs are sent from NSM.