From version 3.6.0 onwards, SN firewalls have a set of probes that allow them to report on the general status of their health. The SMC server now supports these health indicators, which can be found in the upper banner of the SMC web interface and in the Status column in the list of firewalls.
For firewalls in versions lower than 3.6.0, the health indicators available are the same as the ones previously available.
The center of a star topology can now be configured in "Responder-only" mode. The other peers will always initiate the setup of VPN tunnels. This feature is only available on SN firewalls from version 3.6.0 and upwards.
The AES GCM 16 encryption algorithm can now be used. This algorithm is available on SN firewalls from version 3.6.0 and upwards.
fwadmin-import-crl command no longer requires write privileges. You can now use it regardless of whether an administrator is currently logged on, and without having to disrupt him.
Importing a certificate on an SN firewall via SMC now forces any administration sessions opened directly on the firewall to be logged off.
Filter and NAT rules
For rules with a 'decrypt' action, a visual indicator similar to the one seen in the SNS administration console now informs the user that decrypted traffic will continue to be evaluated by the rules that follow.
Importing rules from the web administration interface
You can now import a firewall's local and global filter and NAT rules from the SMC web interface.
Deployment script in command line
You can now deploy configurations on SN firewalls in command line using the
Length of firewall object names
Up to 255 characters can now be used to create a firewall name.
The SMC server no longer needs to be restarted in order to apply the configuration of the connection to the LDAP server entered in the ldap-server.ini file.