Stonesoft version 5.4

NEW FEATURES

Release highlights

STONESOFT 5.4

New transformable

Security Engine

New visualizations and

evasion awareness

Security Engine

FW

Security Engine

IPS NGN

2001 2004 2012

IPS FW VPN L2FW

Security Engine Roles

NGN

New Statistics and Visualizations

Evasion awareness SEE THE ANOMALIES IN LOGS…

”Anomaly” log field available

that shows the detected

atomic evasions

”Top Anomalies” statistics

Log Visualizations UNDERSTAND YOUR ENVIRONMENT

See which users use what applications as a single diagram

What services and situations are used and by whom?

Log Analysis mode can handle up to 100 000 (prefiltered) log events

Status diagrams LINK/TUNNEL USAGE INFO EMBEDDED TO…

See the relative amount of

traffic flowing in each VPN

tunnel or Netlink

Statistics Sections ENHANCED REPORTING

Ability to reuse Statistics

Sections

A lot of out-of-box

sections available

Ability to create ad-hoc

filters for Reports

Enhancements

SMC

Audit Log Enhancements

REGULATORY COMPLIANCE

Element snapshots

Audit data syslog

forwarding

More granular auditing

Traffic Capture MORE CONVENIENT TROUBLESHOOTING

It is now possible to take

tcpdump directly from

Management Client user

interface

Makes troubleshooting

easier for customers and

Stonesoft Support

tcpdump

Better SMC Scalability MANAGEMENT UP TO 2000 NODES

One Management

Server can serve up to

2000 nodes

Improved policy upload

performance

5.3

1000

2000

5.4

Nodes

Version

Localization Support SMC IN CHINESE, RUSSIAN, SPANISH, …

Most important SMC labels

are parameterized

Introducing a new SMC

language is a matter of

translating one text file

containing about 5000+

labels/messages

Country flags in logs NEW USAGE OF GEOIP DETECTION…

See the country flags directly

in Log records table

Useful information for anomaly

detection

Helps you to visually identify

which log entries are related

Other SMC Enhancements

Internal User Database replication to separate

administrative Domains

Interface comments visible in statistics

Policy usability enhancements

LEEF forwarding/reception support

Enhancements

NGN

Advanced Routing VPN WITH DYNAMIC ROUTING AVAILABLE

Tunneling interface

support with Route-Based

VPN

Dynamic routing over

Route based VPN

Snort Signatures ABILITY TO IMPORT AND USE…

Snort signatures can be

automatically translated into

Stonesoft custom fingerprints

File context BETTER DEEP INSPECTION WITH…

Makes possible to inspect

directly the transferred files

More accurate inspection

Auth. Server & Firewall DEEPER INTEGRATION

Easier way to use

Authentication Server for VPN

and possibly also for wireless

access point authentication

Multi-Link capable channel

between the Authentication

Server and Firewall

FW AS

Improved Application Identification

MORE PROTOCOLS SUPPORTED

Port independent access

control and application

identification also for non-web

traffic

Amount of Applications

increasing all the time.

Other NGN Enhancements

Increased small packet throughput with big

appliances

HTTP IPv6 inspection in L3

Enhancements

SSL VPN

Version 1.5.100

Integrated Directory Service

BETTER ROBUSTNESS AND SCALABILITY

Provides better resilience for

userbase without the need to

have external Directory

Services

USERS

SSL VPN

SSL VPN

Access client for Linux, and OS X

IMPROVED PLATFORM SUPPORT

Native client for

Linux and Mac OS X

SSL VPN

Thanks!