This is a slide from CPX 2020 SMB Presentation:

Hope it is ok to show it as it is soon 1 year old 8)

This really had been discussed once, a sales collegue told me - the 910 pimped with 10GbE WAN port for Maestro. For me, SMB is an appliance best positioned on the admin desk - no fan, LEDs and console port at hand 8).

SMB in a Maestro configuration!??!

I nearly died laughing man 🤣

You must think of this in a sales context 🤠 But yes, makes no sense at all, of course...

The datasheet and faq has been on the site for a few days. 🙂
Dated from the 15th.

Also available since December 10th: 1600 / 1800 Appliance R80.20.XX Getting Started Guide

1600: Two WAN ports, one DMZ port, each of which is a combo port of SFP and RJ45 (on the right). Only one can operate a time when plugged in and connected. RJ45 - supports 10/100/1000MbE / SFP - supports 1000MbE. LAN ports 1-16 - support 10/100/1000MbE, LAN 1 and LAN 2 (Sync) also support 2.5GbE.

1800: Two WAN ports, each of which is a combo port of SFP and RJ45 (on the right). Only one can operate a time when plugged in and connected. RJ45 - supports 10/100/1000MbE / SFP - supports 1000MbE. One DMZ port, also  a combo port of SFP and RJ45, RJ45 - supports 10/100/1000/2500/5000MbE and 10GbE, SFP - supports 10GbE. One Management port - supports 10/100/1000MbE. LAN ports 1-18 - support 10/100/1000MbE, LAN 1 and LAN 2 (Sync) also support 2.5GbE. The 1800 also has two PSUs and SSD storage memory.

Define "poor visibility"

That is still the case, yes, and now I remember the conversation we had on this 🙂

sk166552 All LAN ports/switches and their associated VLANs share the same MAC address in 700/900/1200R/1400/1500 SMB appliances explains that for all SMB platforms excluding the 1200R, it is possible to override the default MAC address with any other MAC configured manually.This should add the visibility you want, i assume, as both port and client MAC should be visible then.

I don't think we're talking about the same thing. I'm talking about the MAC address of a client that is connected to a given port, not what MAC the firewall has attached to a given layer 3 interface. 

For example on a cisco switch

NotTheLab# show mac address-table address b8:ca:3a:67:41:a4
Mac Address Table
-------------------------------------------

Vlan Mac Address Type Ports
---- ----------- -------- -----
14 b8ca.3a67.41a4 DYNAMIC Gi2/0/21
101 b8ca.3a67.41a4 DYNAMIC Gi2/0/21
Total Mac Addresses for this criterion: 2
NotTheLab# 

Note: This is not the arp table. 

I understand what you mean. Yes, this is no Cisco Switch 8)

Its also not a d-link or netgear or like.. any managed switch really. Its a pretty basic feature of a managed switch.

These appliances never have been equipped with manageable switches, and the large GAiA appliances also get connected to a stack of manageable switches instead of featuring them. I do not remember that other companies SOHO firewalls have that included...

Every SMB firewall does in fact have a built in switch. This is why traffic going from LAN1 to LAN2 (by default) doesn't pass through the firewall. If it did you would get terrible performance and the CPU would go nuts. And it is indeed a managed switch as you can very easily segment the switch into multiple vlans. This is unique to the SMB devices. If that isn't enough proof even the driver used is called a switch. Oh I don't know if this is still the case but l found on the 1400 there was also no layer 2 loop detection.  

[Expert@500]# ethtool -i LAN1
driver: marvell switch port
version: 1.0
firmware-version:
bus-info: switch SMI bus
supports-statistics: yes
supports-test: no
supports-eeprom-access: no
supports-register-dump: no
supports-priv-flags: no
[Expert@1500]#