Safire™ Release Notes
Release Date: March, 2021
Welcome to March 2021 Safire version 2.4.1 release. There are a number of updates in this version. Some of the key highlights include:
- Users can now change a firewall profile’s access method.
- Users can now change the port number of a firewall profile’s SSH CLI access method.
- Error Percentage is renamed to Packet Loss Rate.
- A firewall under test created from an existing one failed to remove NAT (source or destination) and SSL Decryption (inbound or outbound) features.
Change firewall profile’s access method
Firewall under test’s access method is used by Safire to query the firewall’s CPU and memory usage, as well as clearing its session table between test iterations. Safire supports SSH CLI and REST API for firewall access.
In the previous releases, if the user wants to modify the firewall under test’s access method, the user has to create a new one. This enhancement lets users directly change the access method of the firewall under test.
Change the port number of a firewall profile’s SSH CLI access method
Safire is able to query the firewall’s CPU and memory usage, as well as clearing its session table between test iterations using SSH CLI method. An SSH connection is established between the management ports of Safire and the firewall.
Some firewalls have the SSH access on a port number other than the default 22. To support such a special case, this enhancement lets users change the destination port number of the SSH connection.
Error Percentage replaced by Packet Loss Rate
To increase packet loss sensitivity, Error Percentage is replaced by Packet Loss Rate.
Packet Loss Rate is measured as the parts per million (ppm) of packets lost with respect to packets sent by both clients and servers.
TCP packet loss is calculated by the sum of timer-based retransmitted packets, fast retransmitted packets, retransmitted SYN packets, and retransmitted FIN packets.
UDP packet loss is calculated by the difference between packets sent and packets received.
A firewall under test created from an existing one failed to remove NAT (source or destination) and SSL Decryption (inbound or outbound) features. This issue prevented users from quickly creating a firewall under test correctly from an existing one.
Contact and Support
For contacting support, or to open a support case, refer to https://support.xenanetworks.com/hc/en-us.
For managing device licenses, refer to https://license.xenanetworks.com/.
To provide feedback on the documentation, please write to us on:
Xena Networks Aps
March 15, 2021