SMC 3.0 new features


Nested groups

Administrators that belong to an LDAP group nested in another can now connect to the SMC server.

Configuration of SN firewalls

Managing network interfaces

The network interfaces of SN firewalls can now be managed from a central point on the SMC server. On SN firewalls in at least version 3.7, SMC displays network interfaces in read-only mode. On SN firewalls from version 4.2.3 upwards, the configuration of network interfaces can be enabled in write mode in their SMC settings.

The Ethernet interfaces, bridges, VLANs and IPv4 aggregates of compatible firewalls will therefore appear on the SMC server. Their configuration can be managed without the need to connect to each firewall individually. SMC verifies the configuration of supported interfaces and reports errors through the consistency checker.

Find out more

Keeping the connection alive during deployment

When the wrong configuration is accidentally deployed, the connection between the server and firewall may be lost. On SN firewalls from version 4.2.3 upwards, the previous configuration will be restored if the connection was lost. This guarantees that the firewall will always remain reachable from the SMC server.

Find out more

Restarting after a deployment

SN firewalls may sometimes need to be restarted after a network configuration is deployed in order for changes to be applied. In such cases, SMC reports the information using the new “Reboot required” health status, and the firewalls in question can then be rebooted directly from the SMC server. This feature is supported only on firewalls in version 4.2.3.

Find out more

Detecting local modifications

After its initial deployment on a connected SN firewall, SMC now detects local modifications to the configuration of items that SMC manages. You can then decide whether to deploy the configuration currently found on the SMC server, which will overwrite local modifications. You can also restore the latest configuration deployed on the firewall in question.

Find out more

Importing firewalls from a CSV file

The command that makes it possible to import SN firewalls from a CSV file in command line has been renamed smc-import-firewalls. The previous command smc-firewalls-and-packages is no longer supported.

Find out more

Filter and NAT rules

Creating rule sets

Rule sets can now be created to group filter or translation rules that you wish to deploy on one or several firewalls. As such, a set of rules corresponding to a specific application in the configuration of various firewalls can be reused, regardless of their location in the folder tree.

Find out more