Configuration of the contact IP address and local address
In VPN topologies, it is now possible to configure the contact IP address and local address of each firewall. Different addresses can therefore be defined for each topology on the same firewall.
Support for several certificate authorities in a topology
Several trusted certificate authorities can now be selected within the same VPN topology. This makes it possible to include in a topology equipment belonging to various entities and certified by different authorities.
Support for dynamic peers
It is now possible to create VPN topologies that involve peers using dynamic IP addresses.
Status of the SMC server
You can now download a diagnostics report on the performance status of the SMC server in HTML format from the web interface or the command line interface. This report may provide useful information if issues arise on the server.
Communication between the SMC server and SN firewalls
Compression and optimization
From version 3.6.0 of SN firewalls onwards, data exchanged between the SMC server and firewalls will now be compressed. The SMC server in version 2.4.0 requires about 100 times less bandwidth that version 2.3.0. The bandwidth required to supervise 30 firewalls is now about 6 Kb/s.
Before deploying a new configuration on your firewalls with the SMC server, you can now view a configuration comparison in order to compare the last configuration deployed on the firewalls and the new configuration about to be deployed.
Selection of SN firewalls by default
Support reference: 157606CW
Firewalls are now no longer selected by default during the deployment of the configuration from the web interface.
SNS CLI Scripts
Scheduled running of scripts
You can now schedule when to run SNS CLI scripts. You can therefore schedule when your pool of firewalls needs to be updated, for example, without impacting production. New variables make it possible to update a disparate pool using a single script.
Sample CSV file
The sample file example-sns-cli-script.csv has been added on the server in the repository of sample CSV files /var/fwadmin/examples/csv.