Enhancements
This release of the product includes these enhancements.
Enhancements in SMC version 7.4.0
| Enhancement | Description |
|---|---|
| Application Access Portal improvements | Application Access Portal (previously SSL VPN portal) now supports TLS 1.3. Also support for WebSocket protocol has been added. |
| Datagram Transport Layer Security (DTLS) tunneling protocol support | The Security Engine supports DTLS tunneling protocol for Forcepoint VPN Client versions that have the DTLS support included. This feature can now be configured normally through SMC. Using DTLS can improve remote access performance compared to TLS based tunnels when network conditions are challenging. |
| Local ThreatSeeker URL Categorization database | You can choose to either use the locally downloaded ThreatSeeker URL Categorization database or use the Cloud-based ThreatSeeker URL Categorization database for URL filtering. Note: This
feature is supported on engines that have at least 16 GB of memory.
|
| Log Server per Virtual Engine | You can now assign a dedicated log server to a virtual engine. Previously, the log data from virtual engine was sent to the same log server as the Master Engine. |
| Support for user authentication using email format usernames | Previously user authentication did not support usernames that contain the @-character used in email addresses or in UPN Active Directory user attribute. Forcepoint Network Security Platform can now be configured to allow the use of either an email address or a UPN as the user ID in configuration and user authentication. |
| URL Category sync with Forcepoint portfolio | Unified the URL category taxonomy across web security features for all Forcepoint products. Note: When upgrading from SMC version 7.3 or earlier to version 7.4, any URL categories that
are used in policies will be automatically converted to reflect the latest changes present in the URL Categories.
|
| User or group-based policies | You can now include users and user groups in access policy rules for a managed engine even if SMC is not able to query an external LDAP or AD server. Note: The engine must be able to
access the LDAP server for user authentication, even if the LDAP server is not accessible from SMC. When user authentication is SAML-based, it is also possible to operate the engine without
LDAP server access.
|