Sophos Firewall v21 brings thrilling new enhancements to VPN, authentication, and routing performance.
VPN enhancements
- Bulk activate and deactivate choices at the moment are accessible for connections (see display screen shot beneath)
- Enhanced filtering on the VPN handle web page now consolidates data throughout a number of pages
- Free text- and value-based search is now supported in VPN configurations for community, subnet, customers for distant entry and site-to-site VPNs
- An XFRM interfaces-specific view has been added on the Interfaces web page for straightforward filtering of RBVPN interfaces
Website to website VPN enhancements
- FQDN-based distant gateways have been optimized to enhance scalability for distributed deployments
- DHCP relays over XFRM interfaces at the moment are supported for visitors to DHCP servers deployed behind a distant firewall (see illustration beneath)
- RBVPN deployments get a rise of as much as 20x in XFRM interface up-time, considerably minimizing disruption throughout tunnel flap, HA failovers, or reboots
Authentication enhancements
- Google Workspace integration through LDAP purchasers and Google Chromebook SSO compatibility with LDAP server sorts allows SSO performance for Google LDAP for Chromebook environments
- Efficiency for burst login dealing with is improved as much as 4x for Radius SSO, STAS, and Synchronized Person ID to allow the dealing with of hundreds of simultaneous login requests even in a number of SSO environments (mixture of STAS, Radius SSO, and Synchronized Person ID)
- As well as, help has been added for a clear AD SSO expertise when HSTS is enforced, enabling Kerberos and NTLM handshakes over HTTP or HTTPS
Static and dynamic route administration
- Customers can clone static routes, flip them on or off, and add descriptions through the brand new Handle possibility for every static route within the desk (see display screen shot beneath)
- There’s now a blackhole route possibility and help for equal-cost multi-path (ECMP) for load balancing
- Dynamic routing will get a brand new choice to redistribute BGP routes into OSPFv3
- Dynamic routing now experiences zero influence throughout HA failover situations
Watch this quick demo video to see the way it works and the best way to set it up:
Begin making the most of this nice new functionality in Sophos Firewall v21 by collaborating within the early entry program. Merely register for this system, click on the hyperlink in your e-mail to obtain the firmware replace bundle, and set up it in your Sophos Firewall.
