New features and enhancements in SNS 4.7.3
Monitoring
An information message now appears in the Monitoring module and via the CLI/Serverd command MONITOR MISC when custom settings have been implemented on the firewall (presence of customized configuration files in some firewall folders).
More information on the CLI/Serverd command MONITOR MISC.
Synchronization of the object database with DNS servers
It is now possible to indicate the source IP address of DNS requests sent for the automatic synchronization of the object database. The traffic from these queries can then be routed through a VPN tunnel. This new parameter can only be modified through the CLI/Serverd commands:
CONFIG OBJECT SYNC UPDATE bindaddr=<host>
CONFIG OBJECT SYNC ACTIVATE
To reset the configuration to the default settings, use the commands:
CONFIG OBJECT SYNC UPDATE bindaddr=
CONFIG OBJECT SYNC ACTIVATE
More information on the CLI/Serverd command CONFIG OBJECT SYNC UPDATE.
Certificates and PKI
Support reference 83969
When a certificate raises an alarm (revoked certificate, expired certificates, etc.), a message indicating the reason for the alarm will now appear when scrolling over the certificate in question in the Certificates and PKI module.
Monitoring - Dashboard - Certificates
Support reference 85412
When a certificate raises an alarm, especially when the TPM (Trusted Platform Module) has been initialized and all certificates found on the firewall are not protected by the TPM, scrolling over the Certificates health indicator in the Dashboard module will now display a message indicating the reason for the alarm.