Kaspersky SD-WAN
Contents
Contents
What's new
Kaspersky SD-WAN has the following new and improved functionality:
- GOST traffic encryption is supported on CPE devices of the KESR model.
- Improved link monitoring on CPE devices.
- Improved user authentication window.
- CPE device deletion method selection is now supported.
- The URL with basic CPE device settings now includes information about NTP servers.
- Added support for the vKESR-M1 model of CPE devices for KVM / ESXI hypervisors.
- Added support for the vKESR-M2 model of CPE devices for KVM / ESXI hypervisors.
- Added support for the vKESR-M3 model of CPE devices for KVM / ESXI hypervisors.
- Added support for the vKESR-M4 model of CPE devices for KVM / ESXI hypervisors.
- Added support for the OpenFlow dump utility for requesting dump-flows and dump-groups generated by virtual switches of CPE devices.
- Added support for link monitoring on CPE devices using the Connectivity Fault Management (CFM) functionality.
- Added support for resuming CPE device registration in case of an error.
- Added support for viewing the topology of CPE devices on the self-service portal.
- Added support for using a backup orchestrator when the primary orchestrator fails. You can specify the backup orchestrator when configuring the connection of the CPE device to the orchestrator and controller.
- Improved security of Docker containers of solution components.
- Added support for creating OpenFlow ports mapped to network interfaces on virtual switches. This allows establishing L2 connectivity between CPE devices.
- Added support for editing common firewall zones and firewall templates.
- Added support for editing kernel settings related to virtual routing and forwarding tables for a CPE device. This is necessary for correct operation of network services in user-created virtual routing and forwarding tables.
Known limitations
Kaspersky SD-WAN has the following limitations:
- Firewall rules do not work in user-created virtual routing and forwarding tables.
- When static routes are modified, the FRR daemon is restarted.
- NetFlow flows are not distributed across network interfaces.