Supports configuring custom deny policies to specify the ingress and egress blocklists for policy objects.
Provides the security policy logging function. Once enabled, you can collect, download, search, or transmit policy logs via Syslog to view relevant data flow information of security policy hits.
Provides the security policy hit count function, which displays the count of secured and denied data flows hitting a security policy. You can configure related email notifications to periodically summarize hit counts for all security policies.
Allows querying all quarantine policies, custom allow and deny policies, as well as global security policies that match a virtual machine, either as a source or destination.
General
Supports associating an Arcfra Network Service (ANS) service with an observability service of version 1.3.0 to receive service alerts.
Supports automatic synchronization of system time between the ANS system service virtual machines and the NTP servers configured for Arcfra Operation Center (AOC).
Improvements
Supports entering multiple IP addresses, IP address ranges, and CIDR blocks When specifying IP addresses in the blocklist or allowlist of security policies.
When associating or disassociating clusters with the distributed firewall, provides risk warnings and requires secondary confirmation to avoid operations during business hours, thus preventing network packet loss.
