UI monitor and page enhancements in SonicOS 7.1.1

Enhancements

•           A new gear icon has been added to the upper right-hand corner to check for new firmware.
•           Changes to the Device | Firmware and Settings > Settings | Firmware Auto Update page
•           New tabs have been added to the Home | Dashboard page for Security Services and DNS Filtering
•           A new page has been added under the Device tab for Network Access Control
•           The DNS Security settings have been moved from Network | DNS – DNS Security to their own page under the Policy tab

This release includes significant user interface changes and many new features that are different from the SonicOS 7.0 and earlier firmware. The below resolution is for customers using SonicOS 7.1.1 firmware.

New Firmware Auto update items:

•           Starting with SonicOS 7.1.1 and newer a new gear has been added to the upper right corner of the screen.  This gear can be used to check if a new version of Firmware is available.

•           Along with the new gear icon there have been some changes to the Device | Firmware and Settings > Settings | Firmware Auto Update page as well. 
  • The options to only download critical updates and the option to Schedule Automatic install have been added.

•           The Final change relating to firmware update is in the Notification Center.  When a new SonicOS firmware is published as General Release an alert will display in the notification Center so the administrator knows a new Firmware is available.  The gear in the upper right corner will show a red dot on it when a new firmware version is available to download.

New Dashboard tab for Security Services:

Security Services

The HOME | Dashboard > System | Security Services view provides a high level view to manage and monitor

the licenses for all security services features. It summarizes the licenses for each feature in easy-to-read, colorcoded indicators. It allows to add a new license, enable/disable any existing license, monitor any error occurred

to any services.

The various components described under security services are:

• LICENSES
• GATEWAY ANTI-VIRUS
• INTRUSION PREVENTION AND DETECTION
• BOTNET FILTER
• CLOUD ANTI-VIRUS
• CAPTURE ATP
• CONTENT FILTER
• GEO-IP FILTER
• ANTI-SPYWARE
• APPLICATION CONTROL
• DNS SECURITY

Licensees

The LICENSES section displays the details regarding the licenses installed. The following table describes the

components that make up the LICENSES section.

Sync State:

 This displays sync state between the unit device and license manager. The color of the

text indicates:

• Green: Indicates a successful sync with license manager within 24 hours.
• Orange: Indicates a successful sync with license manager between 24 to 72 hours.
• Red: Indicates a successful sync with license manager more than 72 hours.

Last Successful Sync Time:

It displays the latest timestamp when the device user interface and license manager

synced successfully.

Last LM Contact:

It displays the latest timestamp when device was able to contact the license manager.

License Summary:

It provides a link to navigate to DEVICE | Settings > Licenses for details of the

licenses installed.

Gateway Anti-virus

The GATEWAY ANTI-VIRUS section displays the details regarding the gateway anti-virus license. The following

table describes the components that make up the GATEWAY ANTI-VIRUS section.

Toggle Button:

The toggle button is used to enable/disable the downloaded license.

Signature Database:

 It shows if the gateway anti-virus license is downloaded or not. The color of the

Downloaded text indicates:

• Green: Indicates a successful sync with license manager within 24 hours.
• Orange: Indicates a successful sync with license manager between 24 to 72 hours.
• Red: Indicates a successful sync with license manager more than 72 hours.

On-box Database Timestamp:

It displays the timestamp displayed on the unit device user interface.

Backend Database Timestamp:

It displays the timestamp from the license manager where all license data is stored.

Last Checked:

It displays the latest timestamp when the device user interface and license manager

synced successfully.

License Expiration:

It displays the timestamp when the license will expire.

Intrusion Prevention and Detection

The INTRUSION PREVENTION AND DETECTION section displays the details regarding the intrusive

prevention and detection license. The following table describes the components that make up the INTRUSION PREVENTION AND DETECTION section.

Toggle Button:

The toggle button is used to enable/disable the downloaded license.

Signature Database:

It shows if the intrusive prevention and detection license is downloaded or not. The

color of the Downloaded text indicates:

• Green: Indicates a successful sync with license manager within 24 hours.
• Orange: Indicates a successful sync with license manager between 24 to 72 hours.
• Red: Indicates a successful sync with license manager more than 72 hours.

On-box Database Timestamp:

It displays the timestamp displayed on the unit device user interface.

Backend Database Timestamp:

It displays the timestamp from the license manager where all license data is stored.

Last Checked:

It displays the latest timestamp when the device user interface and license manager

synced successfully.

License Expiration:

It displays the timestamp when the license will expire.

Botnet Filter

The BOTNET FILTER section displays the details regarding the botnet filter license. The following table

describes the components that make up the BOTNET FILTER section.

Toggle Button:

The toggle button is used to enable/disable the downloaded license.

Signature Database:

It displays the status of the botnet server where botnet data is stored.

On-box Database Timestamp:

It displays the timestamp displayed on the unit device user interface.

Backend Database Timestamp:

It displays the timestamp from the license manager where all license data is stored.

Last Successful Sync Time:

It displays the latest timestamp when the device user interface and license manager

synced successfully.

License Expiration:

It displays the timestamp when the license will expire.

Cloud Anti-virus

The CLOUD ANTI-VIRUS section displays the details regarding the cloud antivirus license. The following table

describes the components that make up the CLOUD ANTI-VIRUS section.

Toggle Button:

The toggle button is used to enable/disable the downloaded license.

Last Checked:

 It displays the latest timestamp when cloud antivirus contacted antivirus database.

License Expiration:

 It displays the timestamp when the license will expire.

Capture ATP

The CAPTURE ATP section displays the details regarding the Ccapture ATP license. The following table describes

the components that make up the CAPTURE ATP section.

Toggle Button:

The toggle button is used to enable/disable the downloaded license.

License Expiration:

It displays the timestamp when the license will expire.

Content Filter

The CONTENT FILTER section displays the details regarding the content filter license. The following table

describes the components that make up the CONTENT FILTER section.

Toggle Button:

The toggle button is used to enable/disable the downloaded license.

Server Status:

It displays if device can contact content filter database.

License Expiration:

It displays the timestamp when the license will expire.

Geo-IP Filter

The GEO-IP FILTER section displays the details regarding the Geo-ip filter license. The following table describes

the components that make up the GEO-IP FILTER section.

Toggle Button:

The toggle button is used to enable/disable the downloaded license.

Signature Database:

It displays the status of the Geo-ip filter server where Geo-ip filter data is stored.

On-box Database Timestamp:

It displays the timestamp displayed on the unit device user interface.

Back-end Database Timestamp:

It displays the timestamp from the license manager where all license data is stored.

Last Successful Sync Time:

It displays the latest timestamp when the device user interface and license manager

synced successfully.

License Expiration:

 It displays the timestamp when the license will expire.

Anti-Spyware

The ANTI-SPYWARE section displays the details regarding the anti-spyware license. The following table

describes the components that make up the ANTI-SPYWARE section.

Toggle Button:

The toggle button is used to enable/disable the downloaded license.

Signature Database:

It shows if the anti-spyware license is downloaded or not. The color of the

Downloaded text can be green or red and the color describes:

• Green: Indicates a successful sync with license manager within 24 hours.
• Orange: Indicates a successful sync with license manager between 24 to 72 hours.
• Red: Indicates a successful sync with license manager more than 72 hours.

On-box Database Timestamp:

It displays the timestamp displayed on the unit device user interface.

Back-end Database Timestamp:

It displays the timestamp from the license manager where all license data is stored.

Last Checked:

It displays the latest timestamp when anti-spyware contacted anti-spyware database.

License Expiration:

It displays the timestamp when the license will expire.

Application Control

The APPLICATION CONTROL section displays the details regarding the application control license. The

following table describes the components that make up the APPLICATION CONTROL section.

Toggle Button:

The toggle button is used to enable/disable the downloaded license.

Signature Database:

It shows if the application control license is downloaded or not. The color of the

Downloaded text indicates:

• Green: Indicates a successful sync with license manager within 24 hours.
• Orange: Indicates a successful sync with license manager between 24 to 72

hours.

• Red: Indicates a successful sync with license manager more than 72 hours.

On-box Database Timestamp:

It displays the timestamp displayed on the unit device user interface.

Back-end Database Timestamp:

It displays the timestamp from the license manager where all license data is stored.

Last Checked:

It displays the latest timestamp when application control contacted application control

database.

License Expiration:

It displays the timestamp when the license will expire.

DNS Security

The DNS SECURITY section displays the details regarding the DNS security license. The following table

describes the components that make up the DNS SECURITY section.

License Expiration:

It displays the timestamp when the license will expire.

New Dashboard tab for DNS Filtering:

The new monitoring tab for the DNS Filtering consists four sections.  The section are DNS Filtering Data, Top Security, Top Mature, and Top Enterprise.  Below we will go review what each of these sections.

Viewing DNS Filtering Information Using the

Dashboard

You can view summary reporting information about DNS Filtering on the Dashboard.

To view DNS Filtering information:

1. Navigate to Home > Dashboard > System.

2. Click the DNS Filtering tab.

Summary information is displayed for these responses and categories:

• DNS Filtering Data
  • Allow
  • Block
  • Negative Reply

A negative reply can occur if an IP address has been identified through one your rules or an external agency as untrustworthy.

• Forged IP Reply

Forged IP addresses (also known as "IP spoofing") occur when the content in the source IP header is replaced, often with randomized numbers, to either hide the sender's identity or launch a reflected DDoS attack.

• Top Security
• Top Mature
• Top Enterprise

Viewing DNS Filtering Reports

You can view DNS Filtering data through generated reports.

To view a DNS Filtering report:

1. Navigate to Policy > DNS Security > Reports.

2. Click the Domain tab.

On this screen, you can see a list of domains processed by DNS Filtering, how many times they were

visited and its percentage of the total number of domains, and the category associated with the domain.

Network Access Control Page

Starting with Sonic OS 7.1.1 a new page has been added for Network Access Control and can be found on the Device tab under Device | Network Access Control.  This new page can is used to setup integration with ClearPass Network Access control.  For instruction on setting this up please refer to the Configuring Network Access Control document



DNS Security Settings Page new Location

Also starting with Sonic OS 7.1.1 and newer firmware the DNS Security tab has been moved to the Policy page located under Policy | DNS Security.  This new page can is used to setup DNS security features.  For instruction on setting this up please refer to the Configring DNS Security document