- Stonesoft version 5.4 includes a new transformable Security Engine that allows for greater flexibility. - It features new visualizations and "evasion awareness" to better understand anomalies in logs. - The update also provides enhancements to the SMC like improved scalability to manage up to 2,000 nodes, localization support for additional languages, and improved reporting.

1. Stonesoft
version
5.4
NEW FEATURES

2. STONESOFT 5.4
Release highlights
New transformable
Security Engine
New visualizations and
evasion awareness

3. Security Engine

4. Security Engine
FW NGN IPS
2001 2012 2004

5. Security Engine Roles
NGN
IPS
FW
L2FW
VPN

6. New Statistics and
Visualizations

7. SEE THE ANOMALIES IN LOGS…
Evasion awareness
”Anomaly” log field available
that shows the detected
atomic evasions
”Top Anomalies” statistics

8. UNDERSTAND YOUR ENVIRONMENT
Log Visualizations
See which users use what
applications as a single
diagram
What services and situations
are used and by whom?
Log Analysis mode can
handle up to 100 000
(prefiltered) log events

9. LINK/TUNNEL USAGE INFO EMBEDDED TO…
Status diagrams
See the relative amount of
traffic flowing in each VPN
tunnel or Netlink

10. ENHANCED REPORTING
Statistics Sections
Ability to reuse Statistics
Sections
A lot of out-of-box
sections available
Ability to create ad-hoc
filters for Reports

11. SMC
Enhancements

12. REGULATORY COMPLIANCE
Audit Log
Enhancements
Element snapshots
Audit data syslog
forwarding
More granular auditing

13. MORE CONVENIENT TROUBLESHOOTING
Traffic Capture
It is now possible to take
tcpdump directly from
Management Client user tcpdump
interface
Makes troubleshooting
easier for customers and
Stonesoft Support

14. MANAGEMENT UP TO 2000 NODES
Better SMC Scalability
Nodes
One Management
Server can serve up to
2000 nodes 2000
Improved policy upload
performance
1000
5.3 5.4 Version

15. SMC IN CHINESE, RUSSIAN, SPANISH, …
Localization Support
Most important SMC labels
are parameterized
Introducing a new SMC
language is a matter of
translating one text file
containing about 5000+
labels/messages

16. NEW USAGE OF GEOIP DETECTION…
Country flags in logs
See the country flags directly
in Log records table
Useful information for anomaly
detection
Helps you to visually identify
which log entries are related

17. Other SMC
Enhancements
Internal User Database replication to separate
administrative Domains
Interface comments visible in statistics
Policy usability enhancements
LEEF forwarding/reception support

18. NGN
Enhancements

19. VPN WITH DYNAMIC ROUTING AVAILABLE
Advanced Routing
Tunneling interface
support with Route-Based
VPN
Dynamic routing over
Route based VPN

20. ABILITY TO IMPORT AND USE…
Snort Signatures
Snort signatures can be
automatically translated into
Stonesoft custom fingerprints

21. BETTER DEEP INSPECTION WITH…
File context
Makes possible to inspect
directly the transferred files
More accurate inspection

22. DEEPER INTEGRATION
Auth. Server & Firewall
Easier way to use
Authentication Server for VPN
and possibly also for wireless
access point authentication AS FW
Multi-Link capable channel
between the Authentication
Server and Firewall

23. MORE PROTOCOLS SUPPORTED
Improved Application
Identification
Port independent access
control and application
identification also for non-web
traffic
Amount of Applications
increasing all the time.

24. Other NGN
Enhancements
Increased small packet throughput with big
appliances
HTTP IPv6 inspection in L3

25. SSL
VPN
Version 1.5.100
Enhancements

26. BETTER ROBUSTNESS AND SCALABILITY
Integrated Directory
Service
USERS
Provides better resilience for
userbase without the need to
have external Directory
Services
SSL SSL
VPN VPN

27. IMPROVED PLATFORM SUPPORT
Access client for Linux,
and OS X
Native client for SSL
VPN
Linux and Mac OS X

28. Thanks!