Zenarmor 1.10 MAC address exemption?

[athurdent]

Hi @mb,
thanks for the new version, still exploring all the new features! :-)

I have noticed though that I cannot seem to exempt a MAC address in configuration? While the policies have that possibility now, we can't seem to use it to disregard a MAC completely?
BTW, in the past I have noticed that if I put an IP there, it's not counted anymore, but running a speed test from that IP, Sensei would still use vast amounts of CPU. So it seems that feature did not stop Sensei from processing the packets, just not apply anything to them anymore? Would be cool if we could have the engine bypassed completely for something entered there.

[mb]

Hi @athurdent,

It's our pleasure. I hope you are liking it so far.

Yes, MAC addresses have been introduced to Policies and Reporting. Not yet for bypassing the traffic. A bit of information there:

The reason you're still seeing CPU activity even though you've bypassed an IP address is that it still hits the packet engine.

Although the engine does not apply packet inspection and/or filtering etc, netmap still has to process it, deliver it to the zenarmor engine and re-transmit it to the network stack. This sometimes might be another bottleneck.

[athurdent]

Hi @athurdent,

It's our pleasure. I hope you are liking it so far.

Yes, MAC addresses have been introduced to Policies and Reporting. Not yet for bypassing the traffic. A bit of information there:

The reason you're still seeing CPU activity even though you've bypassed an IP address is that it still hits the packet engine.

Although the engine does not apply packet inspection and/or filtering etc, netmap still has to process it, deliver it to the zenarmor engine and re-transmit it to the network stack. This sometimes might be another bottleneck.

Hi @mb,

As always, thank you for you valuable input and explanations!
I really like the new name and the new functions!

If I had 3 wishes, they would be:

- a few more policies for the home subscription, to make your average network security admin happy, who's coming home from working with Checkpoint and Cisco. This way we could cover the basics, with a policy each for guest, IoT, kids and parents. Plus one or two to experiment with.
- an iPhone app to view statistics and configure, or at least a couch-friendly mobile cloud website view for a smartphone. ATM, I fail to unfold the "Firewalls" menu using Safari with an iPhone 13 Pro, so I cannot use the cloud view at all.
- Icons for the services (e.g. Netflix, Youtube, Twitter, etc.) would be a great eye candy.

Anyways, thank you for being so active on the forum!

Edit: I failed to mention that I don't want anything for free, I'd pay for a "Home Plus" subscription and also for an app of course... ;-)

[JasonJoel]

- a few more policies for the home subscription, to make your average network security admin happy, who's coming home from working with Checkpoint and Cisco. This way we could cover the basics, with a policy each for guest, IoT, kids and parents. Plus one or two to experiment with.

This times 1000. ZenArmor identifying traffic is next to useless if you can't actually use that introspection to DO SOMETHING. And with only 3 policies available, you can't do much of anything if you have a main,  guest, and IoT VLAN - which many people do these days...

Throw in kids vs adult policy needs and you definitely can't do what you need in 3 policies... This is 100% a deal breaker/will not renew my subscription issue for me. So I guess after 11/28 you won't have to put up with my complaining any more.

[mb]

@athurdent, @jasonjoel thanks for the feedback and suggestions.

I've informed the team about them. Quick question:

What would be the top 3 functionalities you'd like to see in a mobile-friendly cloud portal?

As for the home subscription & number of policies. All noted. We've done a user survey and attempted to create a solution to be able to offer an extended home subscription. So far, it turned out to be a bit difficult to differentiate the SOHO and Home version. This is likely to change later in the coming year; and we hope to get back with good news.

[athurdent]

Hi @ mb,

Thank you for your feedback and for listening, highly appreciated!

While it would be great to have a full mobile experience, I'd mainly use it for viewing statistics and drilling down to hosts. In general, the home view (the one with the bar graphs, you get when repeatedly clicking on Home) could be pretty mobile friendly. I also like that it shows traffic usage in e.g. GB, that is pretty useful. Top X clickable bar graphs seem a good choice, hovering over something with a touch display is always a bit user unfriendly on mobile.

So, my top 3:
- quickly identify threats/blocked traffic and see which hosts are affected (bar graphs, like the current landig page/Home view)
- check reports and DPI statistics, get an overview of apps/urls/accumulated traffic used by hosts. Like the current Home view, but it should have drill down functionality for hosts and apps (also with bar graphs)
- firewall health and statistics

Would also be cool to generally have an email functionality that instantly reports compromised hosts or severe threats, so we can act quickly on them.

[mb]

@athurdent, thanks, all noted.

Instant Notifications (UI/Email) for Important Threat Alerts are on our agenda. 1.10 laid a great deal of the groundwork for us.

[athurdent]

@mb, awesome thank you very much!

[hemirunner426]

- a few more policies for the home subscription, to make your average network security admin happy, who's coming home from working with Checkpoint and Cisco. This way we could cover the basics, with a policy each for guest, IoT, kids and parents. Plus one or two to experiment with.

This times 1000. ZenArmor identifying traffic is next to useless if you can't actually use that introspection to DO SOMETHING. And with only 3 policies available, you can't do much of anything if you have a main,  guest, and IoT VLAN - which many people do these days...

Throw in kids vs adult policy needs and you definitely can't do what you need in 3 policies... This is 100% a deal breaker/will not renew my subscription issue for me. So I guess after 11/28 you won't have to put up with my complaining any more.

Your multiple x 1000 again.