Enhancements

This release of the product includes these enhancements.

Enhancements in SMC version 7.1.0

Enhancement Description
BGP Monitoring Protocol (BMP) Configuration

Support for BMP configuration options from the Dynamic Routing Editor. It is used to monitor BGP sessions and send the monitored data from BGP routers to the network management entities. Also, when configured the log events includes the information for the configured options, and which in turn helps to make correlation of BMP and engine logs easy for analytics.

For more information, see Create core elements for dynamic routing, and Enable BGP on the Engine, Engine Cluster, or Virtual Engine sections in Forcepoint Next Generation Firewall Product Guide.

Improved Application Health Monitoring
The Application Health Monitoring feature now comes with the following support:
  • Enhanced engine monitoring and better support for non-TCP traffic, that is there is now support for applications that use UDP for data transport.
  • Visibility into application health history and health status history of network applications.
  • Better ISP link status monitoring.
  • Application health status history.

For more information, see Application Health Monitoring Dashboard section in Forcepoint Next Generation Firewall Product Guide.

Improved SD-WAN algorithms and link selection logic
The following updates have been done to provide for better user experience:
  • Engine logic is updated to avoid too much packet loss before the traffic is sent to the better links.
  • The QoS link value is tuned to make QoS link value selection feature to work as intended.

Also, the Default SD-WAN Link Balancing Preference option is made available to allow you to set the preferences on how the traffic is balanced over the links for each engine.

For more information, see Create Link Usage Profile elements section in Forcepoint Next Generation Firewall Product Guide.

Tunnel interface now supports multiple IP addresses It is now possible to add multiple IP addresses (that can be of types IPv4 and IPv6) for tunnel interfaces.
IPFIX forwarding When you export IPFIX information, the following new IPFIX Element IDs are now supported:
  • EID 5 ipClassOfService
  • EID 58 vlanId (source VLAN)
  • EID 59 postVlanId (destination VLAN)
  • EID 60 ipVersion
  • EID 89 forwardingStatus
  • EID 90 mplsVpnRouteDistinguisher
  • EID 131 exporterIPv6Address
Note:
  1. EID 90 mplsVpnRouteDistinguisher is exported, only when BMP monitoring is configured for the engine that originates the log entries.
  2. The following IPFIX element IDs are only generated by engine version 7.1.0 or later:
    • EID 5 ipClassOfService
    • EID 89 forwardingStatus
    • EID 90 mplsVpnRouteDistinguisher