Unified Console
You can now control all aspects of security from one console. This includes gateway configuration, monitoring and event management.
- The Gateway tab consolidates SmartView Monitor and SmartUpdate so you can configure your gateways and monitor status and updates in one place
- The Logs and Monitoring tab consolidates SmartEvent, SmartLog and SmartReporter so you now have full threat management functions on the same console
Unified Policy
With R80, you can have a unified policy for access control and threat prevention rules, allowing you better control over critical aspects of security.
- Access Control policy unifies the Firewall, Application Control, URL Filtering and Data Awareness policies
- Threat Prevention policy unifies the IPS, Anti-virus, Anti-bot and Threat Emulation policies
Policy Layers and Sub-Policies
R80 introduces the concept of layers and sub-policies, allowing you to segment your policy according to your network segments or business units/functions. In addition, you can also assign granular privileges by layer or sub-policy to distribute workload and tasks to the most qualified administrators
- With layers, the rule base is organized into a set of security rules. These set of rules or layers, are inspected in the order in which they are defined, allowing control over the rule base flow and the security functionalities that take precedence. If an “accept” action is performed across a layer, the inspection will continue to the next layer. For example, a compliance layer can be created to overlay across a cross-section of rules.
- Sub-policies are sets of rules that are created for a specific network segment, branch office or business unit, so if a rule is matched, inspection will continue through this subset of rules before it moves on to the next rule.
- Sub-policies and layers can be managed by specific administrators, according to their permissions profiles. This facilitates task delegation and workload distribution.
Role-based & Concurrent Administration
R80 enables concurrent administration, while enabling granular privilege delegation for each administrator.
- Multiple administrators can login and work in read-write mode on the same security policy without conflict.
- A new publish mechanism supports concurrent administration and provides revision control functionality.
- Granular administrator profiles can determine the exact privileges each administrator will have by sub-policy, layer or specific rules, what logs they can view and what operations they can execute.
Trusted CLI and API Automation and Orchestration
- CLI and API interface options are available for management of integrations with 3rd party systems & automation of daily functions.
- Any operations is controlled by a privilege profile, so the administrator maintains strict control over automation and integration capabilities.
Operational Efficiency Enhancements
R80 introduces multiple features to streamline workflow and help administrators makes smarter policy decisions.
- Integrated logging enables the administrator to view all logs associated with a rule on the same screen.
- Detailed rule information is stored, providing visibility into rule history and changes, hit counts, and other user defined information such as ticket numbers.
- Enhanced search capabilities allow the administrator to immediately find any rule or object in the system.
- Management High Availability is enhanced to sync only changes between servers, significantly improving performance.
Multi-Language and Accessibility Support
With R80, it is easy to change the Console language with a single click and there is now support for accessibility features such as vision impairment and keyboard navigation.
Scalable Architecture
R80 is built on 64-bit multi-threaded architecture, enabling it to support large-scale security operations.
Web-Based Monitoring and Logging
All logging and monitoring functions are accessible via a web-based interface.
Multi-Domain Management Enhancements
For complex, multi-tenant environments, R80 supports:
- Unified architecture and unified client with single domain security management
- New and improved views for domain provisioning and global configuration
SmartEvent Enhancements
- Enhanced speed, scale and accessibility with ability to analyze hundreds of millions of logs/day
- Smart Search functionality that allows free-text search of logs and events with auto-suggest and favorites
- Predefined graphical report templates for frequently used security metrics
- Customizable reports to address specific environment needs
IPS Enhancements
- IPS protections can be activated according to tags, enabling the customer to activate relevant protections such as protections related to components (eg. Apache) or vulnerability type.
- All protections are tagged for ease of use