Version 3.0.0

April 2025

Compatibility and Installation Notes

• Most popular browsers are supported, but Google Chrome is preferred for the real-time graphics display on the Dashboard.
• A MySonicWall account is required.
• Refer to Network Security Manager for OnPrem and SAAS- System Requirements for the latest information on hardware requirements, operating systems, and browser levels.

What's New

NSM 3.0 is a major release that contains multiple enhancements around templates, commit and deploy, reporting, and analytics. These enhancements improve operational efficiency and admin time management using bulk configuration workflows. Here is a list of key enhancements in this release:

• Template Enhancements:

  • Firewall Password Change: Admins can now change admin passwords across multiple firewalls using templates. They can use template variables in the Change password field.
  • Time and Firewall Cloud Backup Configuration: Admins can configure firewall cloud backups and change firewall time within templates.
  • Upload DPI SSL exclusion list: Users can now upload the DPI SSL exclusion list in templates.
• All Tenants level Commit and Deploy​: Admins can now create templates at the All Tenants view. They can perform commits from the All Tenants level. ​ It streamlines updates across all tenants, ensuring consistency, efficiency, and faster deployments.​
• Synchronize Multiple Out-of-Sync Firewalls: This feature allows Admins to synchronize all out-of-sync firewalls across tenants with one click. ​
• Product Lifecycle information in NSM Inventory​: Admins can view the Last Order, ARM Begin, LRM Begin, LOD, and End of Support dates for firewall models on the NSM Inventory page. They can also track key lifecycle dates within NSM, helping them with better inventory management and timely upgrades.​
• Ability to see firewall configuration when it is offline:​ Admins can view the firewall configuration pages that have a static configuration in NSM even when the firewall is offline. ​ It allows continuous access to firewall configurations for troubleshooting and management.
• VPN Activity Report: Admins can view VPN Activity report in NSM. SSL VPN reports provide visibility into remote access VPN usage, enhance security and compliance. Report is available only for Gen 7 and Gen 8 firewalls with advanced reporting and analytics license.​
• Attack Report: Admins can generate attack report on Gen 7 and Gen 8 devices.​ Attack reports provide visibility into potential security incidents, allow admins to investigate, respond, and enhance network security measures to prevent future breaches.​ This feature requires Advanced reporting and analytics license. For firewalls with an existing license, Reconfigure Reporting and Analytics from NSM Inventory action menu for Attack Reports to work. NSM will auto-configure it for newly added firewalls.
• Tenant and Group Level logs: NSM now supports group and tenant level log view. This enables Admins to view system logs, authentication logs, attack logs and change logs for all firewalls in a group or tenant.
• Migration: Admins can migrate configurations from old firewalls to new firewalls using this functionality. NSM 3.0 supports migrations from SOHO to TZ80.​
• Firmware Upgrade Improvements:​ Admins can view out-of-date firmware information on the NSM inventory page. ​They can also group by firmware version to view firewall versions running on their firewalls in Inventory.
• Firewall Configuration Change logs: Admins can now view in NSM the configuration changes done to a firewall. They can also create a report of configuration changes performed by logging in directly on firewall or changes performed on firewall from NSM. This feature requires Advanced reporting and analytics license. For firewalls with an existing license, Reporting and Analytics, Reconfigure Reporting and Analytics from NSM Inventory action menu for Change logs to work. NSM will auto-configure it for newly added firewalls.
• Reporting Template: Admins can now create a master reporting template for all the individual reports available in NSM. This removes the need of creating each report one-by-one.

• New Licensing options: NSM Licensing model has changed. There are now new tiers of licensing which provides more flexibility. This new licensing is only applicable to Gen 7 and Gen 8 firewalls. Here are the new tiers:

  • Device management only license: Comes with all the firewalls with active support.
  • 7-day basic reporting: Included in the Firewall EPSS bundle.
  • 7-day advanced reporting and analytics: Included in the Firewall APSS bundle.
  • Add-Ons/Al-a-carte: 7, 30, 90, and 365 days or Advanced Reporting and Analytics.
• Firewall Monitoring Tools: NSM now support firewall monitoring tools packet monitor, connections, core 0 processes, and packet replay.
• Web Activity Report: NSM Admins can generate Web Activity Schedule PDF report to analyze websites visited by the users

• SonicOS 7.2 Support: NSM 3.0 will support SonicOS 7.2. This will enable NSM users to configure new SonicOS 7.2 features:

  • SAML Single Sign-On for User identification, Firewall administration, and Remote Access VPN (SSLVPN)
  • SonicOS NTP Server
  • WPA2/WPA3 Enterprise Support on TZWs Station Mode

• User Experience Improvements:

  • Retain column customization in NSM Inventory: Column customization in NSM Inventory page is now retained for users even after logging out.
  • Custom Filter: User entered search criteria will now be saved with custom filter created in session and authentication log windows.

Resolved Issues

Issue ID	Description
NSM-26052	Drill-down search was only accepting IP addresses on the Firewall View | Monitor > Details > Applications list view. Now, the issue has been resolved.
NSM-26148	Resolved the issue of threat data mismatch in different views within NSM.
NSM-26401	Resolved the issue of showing the users (local) registered with email as domain users in NSM.
NSM-29171	The search restriction to 8000 displayed entries is removed on the Firewall View | Monitor > Logs > System Logs. If you have more than 8000 entries, now, the search will work for all entries.
NSM-29204	Resolved the issue in setting the Custom Time range on the Firewall View | Monitor > Logs > System Logs page.
NSM-29243	Resolved the issue in adding or removing countries to the allowed or blocked list on the Firewall View | Policy > Security Services > Geo-IP Filter page.
NSM-29284	Data was missing in the CTA report generated in the NSM. Now, the issue has been resolved.

Known Issues

Issue ID	Issue Description
NSM-23369	SD-WAN Topology commits fail for Branch to Data Center traffic type with Tunnel Interface VPN Topologies.
NSM-29413	The results displayed on the Firewall View > Monitor > Logs > System Logs page do not match the Time Slider and Custom Date range.
NSM-29437	Multiple failed commits occur when a golden configuration template is applied.
NSM-29485	AppFlow configuration for the Scheduled Report is unavailable in the Firewall View or the Template View.
NSM-29540	Address Object is not getting added to the template details after deleting and re-creating inside the template.
NSM-29726	Generating false alert notifications when a rule is added for CPU usage of more than 90% on the Firewall View | Monitor > Alerts & Notifications > Rules page.

Additional References

NSM-29414, NSM-29411, NSM-29205, NSM-29202, NSM-28915, NSM-28790, NSM-28326, NSM-28184, NSM-28138, NSM-27020