Local backup of SN firewall and SMC server configurations
The configurations of SN firewalls and the SMC server can now be automatically backed up. Details on the various backups can be found in the web interface, from which they can be downloaded. You can manually perform full backups of your firewall environment as well at any moment.
Configuration deployment icon
Whenever changes are made to a configuration, the deployment icon in the upper banner of the server's window turns orange , indicating that changes made in SMC have not yet been deployed.
Package connecting SN 3.1 firewalls to SMC
The 3.1.X version now needs to be selected when generating a connecting package that connects an SN 3.1 firewall to the SMC server. So in the case of a 3.1 firewall already in production, there will be no service disruption.
Time and Router network objects
SMC makes it possible to create and deploy global Time and Router network objects. SN firewalls must be in at least version 3.1 in order to receive objects.
Selective deployment of network objects on SN firewalls
In the list of network objects, new icons indicate the deployment policy selected for each object. A single arrow means that the deployment of the object has been imposed on one or several selected firewalls. A double arrow means that the deployment of the object has been imposed on all firewalls.
Public IP addresses of SN firewalls used in a VPN topology
In each firewall’s parameters, you can now define the IP address to be contacted within a VPN topology. It will then differ from the firewall’s IP address used to connect to the SMC server.
It is still possible to use the same IP address for the VPN and the connection to the SMC server.
"Number of specific rules" column
In the Firewalls and folders view, a new column shows the number of filter or translation rules specific to each firewall.
Displaying the contents of a folder
Folders can now be accessed directly from the firewall monitoring view.
Duplicating network objects
During the creation or modification of network objects, they can now be duplicated in order to facilitate the creation of new similar objects.
Creating network objects from a VPN topology
New network objects can now be created directly from the VPN topology creation or modification window during the selection of networks, hosts and/or groups associated with each firewall.
Creating network objects from a rule
Network objects can now be created directly from a filter or translation rule while it is being created or modified.
Using Host and Group network objects in a VPN topology
Apart from Network objects, Host or Object group objects can also be selected as traffic endpoints of tunnels in a VPN topology.
Moving filter and translation rules
In folder view, filter and translation rules can now be moved to other folders or other firewalls. By default, moved rules are inserted at the end of the list.
Simplified rule creation
Newly created filter or translation rules are now enabled by default, and naming them is not mandatory.
Variable “Address range” objects
Like Host and Network objects, Address range objects can now be variable. Their IP addresses can include a customized variable with the format %FW_CUSTOMx% defined in the Customized variables tab in the Edit firewall panel.
Using SNS dynamic objects in SMC
On an SN firewall, some Firewall_xx or Network_xx objects are automatically created according to the names and IP addresses of the firewall network interfaces (for example: Firewall_out or Network_dmz1).
To reference these objects in filter rules in SMC, objects with the same names can now be created in SMC. These objects will never be deployed on firewalls.
Monitoring the SMC server via SNMP
SNMP (Simple Network Management Protocol) is a communication protocol that allows network administrators to monitor devices and diagnose network and hardware issues remotely. This service is now available in the SMC 2.1 command line interface.
Exporting logs in Syslog format
Logs from the SMC server can now be exported in Syslog format. This service is available in the SMC 2.1 command line interface.
Importing SN firewalls from a CSV file
Using CSV files to import SN firewalls in command line makes it possible to specify new parameters, such as the public IP address of the firewall defined manually in its properties.
SMC user help can now be accessed even without Internet access directly from the server's web administration interface.
VMware Tools are now pre-installed on the SMC server.