StoneBlog.stonesoft.com

Now as we celebrate the World IPv6 day today, it is a good time to announce that StoneGate Firewall 5.3 and StoneGate Management Center 5.3 will extend the IPv6 support to cover: IPv6 FW clustering IPv6 NAT rules IPv6 VPN IPv6 FTP Protocol Agent Stonesoft is among the first security vendors to participate in the World IPv6 day’s “test flight” in which the participants offer their services over IPv6 for a 24-hour time period. Stonesoft’s corporate website and blog will actually remain to be available over both IPv4 and IPv6 also after the test flight.

Continue reading »

written by Tero Jantunen - 2,312 views \\ tags: 5.3, Feature Previews, firewall, IPv6, SMC, World IPv6 day

StoneGate Management Center 5.3 provides a new feature for log data mining and troubleshooting tasks. In the Log Browser, you can select “Analyze” action from the Data menu. That actually creates a log data snapshot that can contain up to 100000 prefiltered log records. This data set lets you to quickly aggregate events based on any field.

Continue reading »

written by Tero Jantunen - 928 views \\ tags: 5.3, Aggregation, Data mining, Feature Previews, log analysis, Log Browser, logs, SMC

This other brand new session monitoring view lists all VPN Security Associations that have been currently negotiated in the firewall. The view lets the administrator e.g. to filter VPN SAs, create statistics, aggregate the table by any field and save VPN SA monitoring snapshots for further analysis.

Continue reading »

written by Tero Jantunen - 1,030 views \\ tags: 5.3, Feature Previews, firewall, Monitoring, SA, Security Association, SMC, VPN, VPN tunnel

There are a couple of new session monitoring views in StoneGate Management Center 5.3.0. One of them is the live monitoring view of authenticated users. It lists all the users that have authenticated themselves against the firewall by using the captive portal or IPsec VPN Client.

Continue reading »

written by Tero Jantunen - 1,650 views \\ tags: 5.3, authentication, Feature Previews, firewall, Monitoring, SMC, Users

StoneGate Firewall and SMC 5.3 will provide an integrated, easy-to-use web authentication for end users. This Captive HTTP/HTTPS authentication portal provides an easy way for the end users to authenticate themselves to access some service behind the firewall. The feature works well together with User & User Group based access control that is also released in StoneGate 5.3.

Continue reading »

written by Tero Jantunen - 1,538 views \\ tags: 5.3, authentication, Captive Portal, Feature Previews, firewall, SMC, Users, Web

There has been a lot of enhancements on Firewall access control side in version 5.3. As you have seen there are a lot of new element types you can use in policy access rules including Users and User Groups, Domain Names, Zones, Applications, URL Categories and TLS Matches. One thing that hasn’t been mentioned yet is that you can combine different type of Source, Destination and Service elements with AND -condition with the help of new policy cell editor. Just right-click any Source, Destination or Service cell in Access rules and you’ll see a small popup dialog. Once you put different type of elements on the same row, match is done only if all the elements on that row match the traffic.

Continue reading »

written by Tero Jantunen - 1,025 views \\ tags: 5.3, access rule, Feature Previews, network access control, Policy, rule, SMC

StoneGate Firewall and SMC 5.3 are capable for dynamically identify the applications from the traffic. From now on the administrators can use Application elements directly in a service cell of policy access rules. Applications are also visible in the logs, statistics and reports. Now you can actually see which user is using which application from SMC if you want.

Continue reading »

written by Tero Jantunen - 1,208 views \\ tags: 5.3, Applications, Feature Previews, firewall, SMC, SSL, TLS

As you have noticed the flexibility of policy configuration has increased in StoneGate Management Center 5.3. One of the most efficient enhancements on that side, is the ability to use Zones in policies. Zone is a tag that you can assign to any physical or VLAN interface of a firewall. You can use the Zones in Source and Destination cells in Access Rules and NAT rules.

Continue reading »

written by Tero Jantunen - 1,066 views \\ tags: 5.3, access rule, Feature Previews, firewall, Interface, Interface configuration, Policy, SMC, Zone

In addition to Users and User Groups, StoneGate Management Center and Firewall 5.3 lets administrators to use Domain Name elements in Source and Destination cells in Access, Inspection and NAT rules. This is convenient if you need to allow access for servers like update.microsoft.com, which IP may change frequently.

Continue reading »

written by Tero Jantunen - 1,326 views \\ tags: 5.3, Access control, Domain Names, Domains, Feature Previews, firewall, Policies, SMC

StoneGate Management Center 5.3 and StoneGate Firewall 5.3 allows to use Users and User Group elements directly in Source and Destination cells in Access, Inspection and NAT rules. The Firewall is now able to resolve the IP address for the users dynamically without authentication. IP addresses for Users are sent by StoneGate User Agent installed at any server that is in the same domain as Active Directory Server.

Continue reading »

written by Tero Jantunen - 1,491 views \\ tags: 5.3, Access control, Active Directory, AD, Feature Previews, firewall, SMC, User Groups, Users