Live logging in a popout window, and with color coded log lines, was released in v16. Further enhancements, such as a historical logs, a unified log viewer, and improvement of the contents within the logs is planned for v17.
I would also like this. For things like IP Phones we pass the DSCP tagging and other information to them and have all the phones use DHCP. When a user has a phone on a RED device we have to manually configure the phone so all the settings are correct. If we could simply pass through our existing DHCP server we wouldn't have to do this.
This is being implemented in v17 as a UI configurable option.
Note though, that PCI standards enforcing this requirement do not go into effect until mid-2018. Any audit failures due to crypto strength, prior to then, are premature.
@Alan Toews - After talking to support, and them having me manually edit the httpd file to disable 3DES, TLS1.0, & TLS 1.1 along with me turning off Trace/Track they said only the TLS 1.0 would be a UI option. Will TLS 1.1 and the cypers also be UI options? If not can those be added also? What about disabling Trace/Track? The thought of manually editing the httpd file each time a firmware update comes out doesn't make any sense.
@Alan Toews - That is great news but we are failing our compliance scans, our company is required to meet the standard thorugh our bank as of the first of this year. So every month I have to request a exception and show that on my actual servers we have TLS v1.0 and 64 bit cypers disabled. It's only been three months, and three exception requests, but its getting real old already.
Using a XG here. You guys pushed out a beta firmware 16.05 RC1 and disabled TLS v1.0 but then in the actual release, v16.05 MR1 & MR2 you enabled it!
This problem still exists, at least for WAF where I am failing PCI compliance scans because of it.
This should be disable by default with a option through the CLI or even the UI to enable/disable as we see fit along with other cypher's.
Coming from a TMG 2010 box I was able to easily edit the registry to turn on and off cyphers....I can't believe a product much newer doesn't have the same abilities.
How is this not already a option. Just failed my PCI scan due to this.
How is this not already a part of the XG? The XG is labeled as a TMG 2010 replacement but TMG had this ability and this doesn't? It needs to be added aSAP.
This lists as "under review" but I can add a port range using 3560:3575 and it works fine so not sure if this is now fixed. Using a XG with 16.01.02 firmware.