>>> SmartConsole as a web application, maybe HTML5 based, like the SmartView option for logs
>>> Overall better performance for the SmartConsole application itself (some local tests showed that the application can only utilize one CPU core and therefore it often runs into performance problems when searching trough a big rulebase)
>>> The reporting function of the policy verification option in the current state is just not useful at all. If you have 5-6 hidings it gets very problematic to fix all of these in one attempt, as;
- the information about the hidden rules is static, so for example the report says "Rule 3 hides Rule 16 for Service & Applications ..." => the better approach would be to list the UIDs of the given rules in addition
- if one rule gets corrected by you the complete static mentioning of hidings makes no sense anymore. Let's assume you 'kill' one hiding and delete rule 4, now every rule after rule 4 "moves" up one rule as rule 4 was eliminated. This could be resolved with mentioning the UIDs in addition - as already mentioned - or with a more dynamic approach, which updates the hiding report automatically if a rule gets deleted. Like some kind of automatic list, that you can work from top to bottom until you verify again and the hidings are gone.
- if you have a large rule base with lots of inline layers it can get very frustrating to verify in such a case. Because the verifier stops once a hiding in one inline layer was found. In such a case the verification should continue until the end of the rule base is reached, so that - again - all hidings can be solved with one verification. In the current state I often need to verify 2-3 times, just because I have that many inline layers that could and often do have hidings within it.
>>> In SmartConsole you can copy multiple rules as pictures - also add an option to allow the copying of multiple rule IDs (maybe as a csv or just with spaces in between)
>>> Please add the option in VSX to configure DNS + NTP for each VS individually. I really do not see any benefit from synching this to all VS's within a VSX. It just is a contradiction to the virtualization and separation itself if you ask me.