Probably OLD and not interesting Q... but.. When SNX came out it was WOW factor... especially for those who managed to make AD/SMS 2-fa work. As time went by it became more and more unreliable. Is there any plans on CP dev team to make mobile clients be AD integrated and SMS compatible for 2-fa authentication? Certificates was good idea but it seems does not work with enterprise PKI, only FW internal.