New features and enhancements in SNS version 5.0.4 EA

IPsec VPN

A column indicating the Traffic Flow Confidentiality (TFC) has been added to the IPsec policy grid . This column is hidden by default.

Dynamic routing

System command netstat and dynamic routing protocol Open Shortest Path First (OSPF)

Support references 85271 - 86200

The command netstat -axp ospf now displays statistical information regarding connections that relate to the OSPF dynamic routing protocol.

OSPF protocol

Support reference 86200

The maximum size of incoming and outgoing buffers on OSPF sockets can now be configured.

SNMP - STORMSHIELD-ALARM-MIB

The OID (Object Identifier).1.3.6.1.4.1.11256.1.19.1.1.13 in the MIB STORMSHIELD-ALARM-MIB now makes it possible to find out the level of a protocol, ICMP or system alarm:

• Value of 1 for a major alarm,
• Value of 4 for a minor alarm.

Authentication - RADIUS

Support reference 85699

The NAS-Identifier can now be customized. This allows the firewall serial number to be used as the NAS-Identifier, for example. To change this configuration, use the CLI/Serverd command suite:

CONFIG AUTH RADIUS CustomNasId=<string>
CONFIG AUTH ACTIVATE

More information on the CLI/Serverd command CONFIG AUTH RADIUS.

Support for new hardware modules

As of SNS version 5.0.4 EA, the hardware modules NC-1-8x10G-FIB-SFP+ and NC-1-4x25G-FIB-SFP28 are supported on the following firewall models:

• SN-L-Series-2200 and SN-L-Series-3200,

• SN-XL-Series-5200 and SN-XL-Series-6200.