I am currently running 15.1X49-D140 on all my SRX320 and SRX340 devices. Does anyone have any experience of running v18.2R1 on SRX hardware, ideally on the SRX300 series of devices? I am primarily interested in performance and GUI/J-Web differences, good or bad.
You will not see any performance enhancements on J-Web by going from 15.1X49-D140 to 18.2R1.
I'm running 18.2R1 on a SRX300 and SRX340 and via CLI it's fine. J-web is roughly the same with some minor enhancements for daily operation.
Disclaimer: I prefer cli so I'm not using J-web on a regular basis. Only doing basic tests when evaluating new releases.
Thank you Jonas. Is it fair to say then, that the only perceivable difference between the 2 major versions is the feature set?
Yeah, that's fair to say. Not much changed regarding J-web and daily operation. Focus has been features and upgrading the Junos foundation and include functionality for automation.
So in terms of general performance (not limited to GUI/J-Web) of a given device, I should not expect to see any difference, good or bad, even though extra features have been added?
In addition Jonas, do you know what version of 15.1X49 version 18.2R1 is tracking or has the software matured enough for this to become irrelevant?
There are functionality and some scaling enhancements - but no performance gain.
18.2R1 has many more features than 15.1X49-D140. The missing features in 17.3R1 and 17.4R1 compared to the 15.1X49 software train is no longer an issue.
This can be seen in the feature explorer where you can compare features between releases: https://apps.juniper.net/feature-explorer/compare-softwares.html?category=Security&typ=1#bm=cmpsw&pl=SRX340&rel1=18.2R1&rel2=15.1X49D140
Many thanks for your comments and answers, all clear now. I'm sure they'll also help others, especially beginners like me.
If you use any L7, like UTM, App-ID, or IDP, 18.2R1 now uses Unified policies, which allows you to combine L7 services directly at the security policies level. It is a shift in the way you configure L7. You can find out more by reading the Release Notes on that topic.
That is interesting, thank you. I do use UTM and IDP, so that leaves me a bit hesitent as to whether my current configs will port over OK upon upgrade, and also as to how to configure the relevant services now, but I shall investiagte.
When I upgraded my box from 18.1R1 to 18.2R1, everything still worked fine (even though the config stated that the app-fw config was deprecated).