Network Security Manager 2.3 Release Notes

Version 2.3.1

August 2021

Compatibility and Installation Notes

What's New in NSM

  • Login to Unit (Gen 6/6/5 Firewalls): Allows users to directly log into SonicOS on a firewall and check the configuration in a read-only mode. User can login without authentication.

  • VPN Wizards Enhancements: Allows users to create VPN configuration for Full Mesh, Partial Mesh, and Point-to-Point deployments.

  • Device Certificate Management: Automates the process of the firewall certificate management lifecycle - request, retrieval, and renewal.
  • Common Access Card (CAC) Support: Allows common access card (CAC) support for user/admin authentication on NSM On-Premise.

What's New in Analytics

  • Custom Reports: Helps provide end-to-end flow so that you can create custom reports using data already available in the analytic system. You can create customized time graphs and report tables.

Resolved Issues - NSM

Issue IDDescription
NSM-9446For templates SSLVPN Access toggle is getting grayed out, if SSLVPN access is not enabled while creating the zone.
NSM-9338The VPN and Flow commits do not get created by NSM (ISA) FRA.
NSM-8935Zero Touch port config reverts to 21021 following reboot, after set to 21021, 443.
NSM-8746The Log > Settings screen shows no data.
NSM-8701NSM gets unregistered after importing Signature Files for Closed Network.
NSM-8595Configuring template variable for PPPoE/L2TP/PPTP Domain Name throws the error Please enter a valid Domain Name.
NSM-8555Some fields are not getting updated correctly for RBL Filter > Template view.
NSM-8508Selecting template variable for domain name throws error on the Network > Interface > Add or Edit Interface > DHCP mode.
NSM-8408Unable to add 4to6 Tunnel Interface on the Network > Interface page.
NSM-8383CONFIGURE LTE/5G fails to commit and throws error.
NSM-8318Provide sorting option on Group Firmware Upgrade screen.
NSM-8289The DHCP Scope does not reflect the changes made on Templates > System > interfaces. The Firewall View edits also fail to reflect.
NSM-8261DPI-SSL settings shows incorrect name compared to firewall.
NSM-8245Changing the excluded address for SonicWall CFS shows schema validation error after Commit and Deploy for Gen7
NSM-8222On the DPI SSL Enforcement page, the default values are missing.
NSM-8216The created DHCP Server does not show in the table.
NSM-8187Adding Virtual interface for SD-WAN Architect fails commit for GEN7.
NSM-8074Error while deleting Zone in Object > Zones.
NSM-8067Enabling the Toggle button shows an error message for VLAN trunking.
NSM-8060The Update button for Edit is not working for SD-WAN route policy in Template mode.
NSM-8010Delete All option for NSM > DHCP over VPN is throwing error for the central gateway.
NSM-7604NSM incorrectly identifies Local Users with @ in the domain user name, due to which unable to edit users.
NSM-7596Selecting App Rule and clicking on Delete All throws the error No app_rules.policy found.
NSM-7556Download SSO auth Log is not working on the Diagnostics > Tech Support Report page.
NSM-7203NSM does not show correct CATP location info.
NSM-7064Include firewall information for Firewall License Info in closed network structure.
NSM-6950After adding Address, Service Objects, or Groups, the entries do not appear in the address field or in the drop down.
NSM-6935The Zone fields for both Source and Destination are missing on the Editing Rules page for security policies.
NSM-6820Scheduling backup times are not in order.
NSM-6686Clone DHCP Scope shows Inherit DNS when Specify Manually is selected
NSM-6596NSM configs do not push down to NSa 3700. Also getting redeploy errors.
NSM-6504Scheduled Reports > Add Schedule > Delivering Configuration tab throws the error Cannot read property ID of undefined.
NSM-6133The DPI SSL Client SSL common name are listed as undefined in NSM for Gen6.
NSM-5888Adding SDWAN Path Selection Profiles throws the error Cannot read property 'status' of undefined
NSM-5590For Schedule Reports, the report for web categories is failing with the error No Report data found. [2CB8ED693540] even when the report is present.
NSM-5314Choosing Initialize Modem Connection Using AT Commands is not reflecting in UTM for 3G/4G Modem Settings.
NSM-5085Template to edit default WAN rules for management fails to deploy for GEN6.
NSM-4450On the Policy > Capture ATP > Settings page, while adding MD5 exclusion settings throws the error Empty Response of [get] to [].
NSM-4444On the High Availability > Advanced page, the synchronize firmware is throwing context deadline/upstream request timeout error.
NSM-3968Modifying the name of a Virtual Access Point Object in NSM results in two VAP's when the secondary HA unit is active.
NSM-3966Modifying a VAP Profile fails with error when the secondary HA unit is active.
NSM-2956On the NSM On-Premises Access Points > Wi-Fi Multimedia page, the WMM does not get deleted from NSM and firewall, after the commit and deploy.
The force one time password gets enabled after creating a Local user.
NSM-2142On the Network > System > ARP page, the ARP caches are not being displayed.

On the Network > SD-WAN > Rules page, the IP Version tag for the names (for example, IPv4) disappears when name length of the entries is more.

Resolved Issues - Analytics

Issue IDDescription
AAR-1781Changing left hand navigation name from Scheduled Reports to Reports, Report Rules, and Saved Reports.
AAR-1094Network Usage per Interface alerts are improper
AAR-1086NSM Capture Threat Assessment report does not show Capture ATP data.

Known Issues NSM

Issue IDIssue Description
NSM-9443For the Object > Users > Settings, SSO method configuration for bypassing SSO for Group-address object is failing.
NSM-9327NSM-Firewall view is not showing all the IPS signatures that were actually showing in the firewall GUI
NSM-9281 Unable to add comment to WAN interface, the deploy fails.
NSM-9218Source address of the default HTTPS Management Access Rule is not displayed correctly after configuring within template
NSM-9158Unable to increase the Virtual AP client limit for SOHO250W through NSM.
NSM-8502Cannot Configure VLAN over Wire Mode. The paired interface does not get displayed in SDWAN Orchestrator.
NSM-8138SD-WAN probe information does not display in NSM for ZT firewall If the object name contains space.
NSM-8064NSM shows incorrect High Availability status.
NSM-7862Acknowledging or deleting alerts fail on NSM (
NSM-7753Changes made to CFS Profile Object categories appear randomly.
NSM-7673Unable to TSR from NSM. Multiple customers are affected.
NSM-7306NSM does not use the SSL TLS option even if we configure for Notification.
NSM-7148Importing Root CA certificate throws the error Invalid file format.
NSM-7124Unable to remove/add countries from global list in Geo-IP settings.
NSM-7104Not able to see CATP information on NSM with NSM Essential License.
NSM-6526 When acquiring a new appliance to NSM on-prem via ZT and moving from a default tenant to another tenant, the appliance stays red.
NSM-3970Deleting a VAP Object while Secondary HA unit is active shows successful, but VAP object is not deleted from firewall.

Known Issues - Analytics

Issue IDIssue Description
AAR-1931The Log download does not contain website data.
AAR-1897Unable to see report based on SRC/DST country.
AAR-1710Web category based alerts are not working.

Additional References for NSM

NSM-8317, NSM-7994, NSM-7953, NSM-7369, NSM-4171.

Additional References for Analytics

AAR-1530, AAR-1344, AAR-1343, AAR-1335, AAR-1265, AAR-1194, AAR-1179, AAR-1106, AAR-1095.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.