Post on 16-Jun-2015
Stonesoft version 5.4
NEW FEATURES
Release highlights
STONESOFT 5.4
New transformable
Security Engine
New visualizations and
evasion awareness
Security Engine
FW
Security Engine
IPS NGN
2001 2004 2012
IPS FW VPN L2FW
Security Engine Roles
NGN
New Statistics and Visualizations
Evasion awareness SEE THE ANOMALIES IN LOGS…
”Anomaly” log field available
that shows the detected
atomic evasions
”Top Anomalies” statistics
Log Visualizations UNDERSTAND YOUR ENVIRONMENT
See which users use what applications as a single diagram
What services and situations are used and by whom?
Log Analysis mode can handle up to 100 000 (prefiltered) log events
Status diagrams LINK/TUNNEL USAGE INFO EMBEDDED TO…
See the relative amount of
traffic flowing in each VPN
tunnel or Netlink
Statistics Sections ENHANCED REPORTING
Ability to reuse Statistics
Sections
A lot of out-of-box
sections available
Ability to create ad-hoc
filters for Reports
Enhancements
SMC
Audit Log Enhancements
REGULATORY COMPLIANCE
Element snapshots
Audit data syslog
forwarding
More granular auditing
Traffic Capture MORE CONVENIENT TROUBLESHOOTING
It is now possible to take
tcpdump directly from
Management Client user
interface
Makes troubleshooting
easier for customers and
Stonesoft Support
tcpdump
Better SMC Scalability MANAGEMENT UP TO 2000 NODES
One Management
Server can serve up to
2000 nodes
Improved policy upload
performance
5.3
1000
2000
5.4
Nodes
Version
Localization Support SMC IN CHINESE, RUSSIAN, SPANISH, …
Most important SMC labels
are parameterized
Introducing a new SMC
language is a matter of
translating one text file
containing about 5000+
labels/messages
Country flags in logs NEW USAGE OF GEOIP DETECTION…
See the country flags directly
in Log records table
Useful information for anomaly
detection
Helps you to visually identify
which log entries are related
Other SMC Enhancements
Internal User Database replication to separate
administrative Domains
Interface comments visible in statistics
Policy usability enhancements
LEEF forwarding/reception support
Enhancements
NGN
Advanced Routing VPN WITH DYNAMIC ROUTING AVAILABLE
Tunneling interface
support with Route-Based
VPN
Dynamic routing over
Route based VPN
Snort Signatures ABILITY TO IMPORT AND USE…
Snort signatures can be
automatically translated into
Stonesoft custom fingerprints
File context BETTER DEEP INSPECTION WITH…
Makes possible to inspect
directly the transferred files
More accurate inspection
Auth. Server & Firewall DEEPER INTEGRATION
Easier way to use
Authentication Server for VPN
and possibly also for wireless
access point authentication
Multi-Link capable channel
between the Authentication
Server and Firewall
FW AS
Improved Application Identification
MORE PROTOCOLS SUPPORTED
Port independent access
control and application
identification also for non-web
traffic
Amount of Applications
increasing all the time.
Other NGN Enhancements
Increased small packet throughput with big
appliances
HTTP IPv6 inspection in L3
Enhancements
SSL VPN
Version 1.5.100
Integrated Directory Service
BETTER ROBUSTNESS AND SCALABILITY
Provides better resilience for
userbase without the need to
have external Directory
Services
USERS
SSL VPN
SSL VPN
Access client for Linux, and OS X
IMPROVED PLATFORM SUPPORT
Native client for
Linux and Mac OS X
SSL VPN
Thanks!