Enhancements
This release of the product includes these enhancements.
Enhancements in SMC version 7.1.1
Enhancement | Description |
---|---|
Local Sandbox - Advanced Malware Detection & Protection option |
You can now configure an Advanced Malware Detection & Protection local sandbox to detect advanced threats by analyzing the behavior of files in a restricted operating system environment. Note: You need a local Advanced Malware Detection & Protection server to use this local sandbox service.
For more information, see the Connect Secure SD-WAN to a sandbox service and the Define Sandbox Service elements sections in the Forcepoint FlexEdge Secure SD-WAN Product Guide. |
Easy identification of VPN site status |
Support for enabled and disabled VPN site icons are added. The appropriate VPN site icon is displayed in the preview or editor view in SMC User Interface to help easily differentiate, if the VPN site is in enabled or disabled state. |
Temporarily Ban for Multiple Failed Logon Attempts (Password Policy) option |
You can now configure the password policy in the global system settings to temporarily ban an IP address, when logon attempts by a SMC administrator from a single IP address reaches the maximum failed logon attempts. For more information, see the Centralized management of global system settings section in the Forcepoint FlexEdge Secure SD-WAN Product Guide. |
Updated the ElasticSearch client libraries to version 8.8.2 |
The ElasticSearch client libraries are updated to the version 8.8.2 to improve the indexing performance.
Note: In the ElasticSearch version 8.8.2, OpenSearch is no longer
supported.
For more information, see the Requirements for using Elasticsearch with Forcepoint NGFW Security Management Center (SMC) Knowledge Base Article. |
Enhancements in SMC version 7.1.0
Enhancement | Description |
---|---|
BGP Monitoring Protocol (BMP) Configuration |
Support for BMP configuration options from the Dynamic Routing Editor. It is used to monitor BGP sessions and send the monitored data from BGP routers to the network management entities. Also, when configured the log events includes the information for the configured options, and which in turn helps to make correlation of BMP and engine logs easy for analytics. For more information, see Create core elements for dynamic routing, and Enable BGP on the Engine, Engine Cluster, or Virtual Engine sections in Forcepoint Next Generation Firewall Product Guide. |
Improved Application Health Monitoring |
The Application Health Monitoring feature now comes with the following support:
For more information, see Application Health Monitoring Dashboard section in Forcepoint Next Generation Firewall Product Guide. |
Improved SD-WAN algorithms and link selection logic |
The following updates have been done to provide for better user experience:
Also, the Default SD-WAN Link Balancing Preference option is made available to allow you to set the preferences on how the traffic is balanced over the links for each engine. For more information, see Create Link Usage Profile elements section in Forcepoint Next Generation Firewall Product Guide. |
Tunnel interface now supports multiple IP addresses | It is now possible to add multiple IP addresses (that can be of types IPv4 and IPv6) for tunnel interfaces. |
IPFIX forwarding | When you export IPFIX information, the following new IPFIX Element IDs are now supported:
Note:
|