Table of Contents
Table of Contents
W hats New
New features
Features that have been implemented since StoneGate Management Center v4.0 are described in the table below.
Feature
Description
A new Ethernet rules tab has been added to the IPS policies. These rules define which
Ethernet protocol traffic is allowed or stopped for Sensors in Transparent Access
Control mode. A separate license is required to use the Ethernet Rules.
A new Ethernet Service elements have been added to the IPS Configuration branch of
the All Elements tree. These elements are used in the Ethernet rules of IPS policies
for Sensors in Transparent Access Control mode to define the Ethernet frame type.
You can now add a background image to diagrams. The Diagram view now also
includes a Diagram Navigation panel that allows you to more easily select and zoom in
on a particular area of a diagram.
StoneGate can be configured to send critical alert events to Bradford Networks NAC
Director/ Campus Manager (www.bradfordnetworks.com).
Enhancements
Enhancements that have been made since StoneGate Management Center v4.0 are described in the table below.
Enhancement
Description
You can now print element listings from the Search view and the Configuration view
with all the information displayed in the Info panel. You can also copy-paste selected
elements with all the information in comma-separated value (CSV) format.
In StoneGate Log Explorer, the progress line chart supports now also current log
mode.
Version information is
available in login screen.
(#21807)
Management Client login screen now displays the Management Clients software
version.
The Properties dialog for Sensors, Sensor Clusters and combined Sensor-Analyzers
includes a new option on the Advanced Properties tab to silently drop duplicate log
events. This option can be used when a group of Sensors is deployed in front of a
Firewall cluster.
The Reference search is now able to present more detailed information about the
reference in a tree view. For example, the reference search for policies now return also
the rule numbers for elements used in policies in addition to the policy element.
Whats New
Fixes
Problems described in the table below have been fixed since StoneGate Management Center v4.0.1. A workaround
solution is presented for earlier versions where available.
Synopsis
Description
N/A
N/A
Importing a custom-defined CA
element may fail. (#31446)
N/A
N/A
N/A
Whats New
Synopsis
Description
N/A
This section lists major changes that were introduced in SMC 4.0 that may affect you if you are upgrading from a
version prior to 4.0.0. This is not a full listing; see the Release Notes of each version for more details.
Change
Description
If MAC addresses have been used in IPS access rules, during upgrade to the
version 4.1, the rules will be moved to the new Ethernet rulebase. However, if
the rule has contained Ipv4 services, these services cannot be moved to the
Ethernet rules and ANY value will be used in migrate rule service definition. The
old access rules are left in the access rulebase, but the MAC addresses are
removed from the source and destination fields.
If MAC addresses has been used in the IPS access rules, Stonesoft
recommends to verify these rules manually after the upgrade, because the
meaning of the may have changed in the automated migration.
Only IPS engines with version 2.0 or later can be configured and managed
through SMC 4.1.
Old log data which has been stored to the database is no longer readable with
SMC version 4.0 or later, unless the log data is converted to the new format
before the upgrade.
Log data written with version 4.1 Log servers is not readable with Log servers
prior version 4.0
Whats New
S y s te m R e qu i r e m e n ts
Basic Management System Hardware Requirements
Pentium 4 processor or higher recommended (the suggested minimum processor speed is 2 GHz) or equivalent
on a non-Intel platform
A mouse or pointing device (for Management Client only)
SVGA (1024x768) display or higher (for Management Client only)
1 GB RAM
Disk space for Management Server: 4 GB
Disk space for Log Server: 20 GB 80 GB
Operating Systems
StoneGate Management System supports the following operating systems and versions:
Build Version
The StoneGate Management Center v4.1.0 build version is 7711.
This release contains StoneGate Dynamic Update package 112.
C o m p a ti bi l i ty
Minimum
StoneGate Management Center v4.1.0 is compatible with the following StoneGate component versions:
StoneGate Firewall engine v2.2.0 or higher
StoneGate IPS engine v2.0.0 or higher
Dynamic Update package 112 or later
Native support
In order to utilize all the features of StoneGate Management Center version 4.1, the following StoneGate
component versions are required:
StoneGate Firewall engine version 4.0 or higher
StoneGate IPS engine version 4.1 or higher
System Requirements
I ns ta l l a ti o n In s t ru c t i o ns
Note The sgadmin user is reserved for StoneGate use on Linux and Solaris, so it must not exist before the
StoneGate Management Center is installed for the first time.
The main installation steps for StoneGate Management Center and firewall or IPS engines are as follows:
1. Install the Management Server, the Log Server(s), and the Management Client. The Monitoring Server needs
to be installed if Monitoring Clients are used.
2. Import the licenses for all components (you can generate licenses on our Web site at https://
my.stonesoft.com/managelicense.do).
3. Configure the Firewall or IPS elements with the Management Client using the Configuration view.
4. Generate initial configurations for the engines by right-clicking the Firewall or IPS Sensor/analyzer and
selecting Save Initial Configuration from the menu that opens.
5. Install the firewall and IPS engines by rebooting the machines from the installation CD-ROM.
6. Make the initial connection from the engines to the Management Server and enter the one-time password
provided during step 4.
7. Create and upload a policy on the engine with the Management Client.
8. Command the nodes online by right-clicking the Firewall or IPS Sensor/analyzer and selecting Commands
Go Online from the menu that opens.
Detailed installation instructions can be found in the StoneGate Installation Guide . For a more thorough explanation
on using StoneGate, refer to the StoneGate Administrators Guide and the Administrators Reference .
U p gr a d e In s t ru c t i on s
Note StoneGate Management Center (Management Server and Log Servers)
firewall and IPS engines are upgraded.
StoneGate Management Center v4.1.0 requires an updated license. The license upgrade request can be done on
our website at https://my.stonesoft.com/managelicense.do. Activate the new license using the StoneGate
Management Client before upgrading the software.
To upgrade an earlier version of StoneGate Management Center to StoneGate Management Center v4.1.0, we
strongly recommend that you stop all the StoneGate services and then perform a backup before continuing with the
upgrade. After taking the backup, run the appropriate setup file depending on the operating system. The installation
program detects the old version and does the upgrade automatically.
Versions earlier than 3.0.1 require upgrade to version 3.0.1 before upgrading to newer versions.
Backup restoration is supported with backups taken from version 3.5.2 and later.
Installation Instructions
K n ow n Is s u e s
The current known issues of StoneGate v4.1.0 are described in the table below. For an updated list of known
issues, consult our website at http://www.stonesoft.com/support/StoneGate/Known_Issues/.
Synopsis
Description
Workaround
N/A
N/A
StoneGate Management
Server installation may fail on
Microsoft XPSP2.
Known Issues
Synopsis
Description
Workaround
N/A
Standby/Active settings of
forwarded tunnels are not
preserved during migration.
(#30130)
N/A
Known Issues
www.stonesoft.com
Stonesoft Corp.
Itlahdenkatu 22a
FIN-00210 Helsinki
Finland
tel. +358 9 4767 11
fax +358 9 4767 1234
Stonesoft Inc.
1050 Crown Pointe Parkway
Suite 900
Atlanta, GA 30338 USA
tel. +1 770 668 1125
fax +1 770 668 1131
10