MSP 2.7.0, 2.7.1 & 2.7.2 are now available to all MSP Beta users!
(We are doing a 7-day phased release, all Firewalla MSPs will be updated to 2.7.2 by Dec 10.)
To join our beta program:
- Click the Switch to Beta button on your MSP Dashboard
- Alternatively, you can go to your MSP Settings page, located at the top right corner of your MSP interface. Then scroll down to MSP Update and click the Release dropdown. Choose Beta. Your MSP instance will upgrade automatically within 1-2 minutes.
Firewalla Managed Security Portal (MSP) is our web interface designed for security and infosec professionals to manage multiple Firewalla boxes easily. Learn more about MSP here, and sign up at firewalla.net/plans.
New Features
- MSP Active Protect
- Network Editing: LAN, NAT Settings, and Link Aggregation
- Rules API: Get Rules
1. MSP Active Protect (Early Access)
MSP Active Protect is an extension of the Firewalla Box Active Protect. By leveraging extended data visibility (30-day or 180-day flows) and Firewalla Intelligence running inside your MSP instance, the MSP Active Protect can help you with the following:
- Improving accuracy by archiving alarms identified as normal behavior, reducing false positives
- Performing deeper behavioral analytics to identify anomalies, further protecting your network
MSP Active Protect is enabled by default. You can click Active Protect on the left navigation bar to turn on/off Alarm Optimizer and Advanced Behavioral Alarm for different boxes separately.
Please note that this feature is only available to boxes in 30-Day Flows and 180-Day Flows seats.
When Active Protect is on, the page will display a chart showing the number of alarms archived or generated over the past 30 days. You can click on the chart to drill down and view the corresponding alarms.
For most archived alarms, you’ll find a tab called Active Protect Analysis, which displays statistics on flow counts between the device and its destination, as well as between all devices on that box and the destination.
MSP Active Protect is still in the Early Access stage. Since alarms can be generated or archived in multiple ways, we continue refining how the analysis results are presented.
2. Network Editing: LAN, NAT Settings, and Link Aggregation
Since MSP version 2.5.0, we've introduced the ability to display network configurations and status. In this release, we’ve expanded support to include:
- Creating, editing, and deleting local networks
- Creating, editing, and deleting Link Aggregation Groups
- Editing NAT settings, including Source NAT and Source Networks, NAT passthrough, UPnP, DMZ, and Port Forwarding
To edit local networks or link aggregation, click the Edit button in the top right corner to start.
WARNING:
- Editing or creating WAN connections is not supported, as doing so may cause internet connectivity issues that could be difficult to resolve or troubleshoot remotely if not done properly.
- Network Editing is not available to boxes in bridge mode yet, but it will be supported in upcoming releases.
3. Rules API: Get Rules
We've expanded the MSP API by adding the ability to get rules by rule ID, status, action, or the device, group, or box to which the rules are applied.
For example:
curl --request GET \
--url "https://${msp_domain}/v2/rules?query=box.id:00000000-0000-0000-0000-000000000000" \
--header "Authorization: Token ${your_personal_access_token}"
Response:
{
"count": 1,
"results": [
{
"id": "00000000-0000-0000-0000-000000000001",
"action": "allow",
"direction": "bidirection",
"gid": "00000000-0000-0000-0000-000000000000",
"notes": "",
"status": "active",
"ts": 1730447709.791,
"target": {
"type": "domain",
"value": "firewalla.com",
"dnsOnly": true
},
"scope": {
"type": "device",
"value": "AA:BB:CC:DD:EE:FF"
}
}
]
}
For more information, please consult our API Documentation.
Enhancement
MSP has also been updated with the following enhancements to be compatible with the latest Firewalla App release, version 1.63.
- Supported new categories: Violence, Drugs & Alcohol
- Supported new target lists: NRD - newly registered domains
- Mute Apps or Users from alarms
Bug Fixes
- Fixed an issue with the incorrect linking of the localization file. (Fixed in 2.7.2)
- Fixed an issue where the top region map on the dashboard might not appear when the internet is slow. (Fixed in 2.7.1)
- Fixed an issue where the MAC address of the Wi-Fi interface was displayed incorrectly in the box settings.
- Fixed an issue where flows for a group or user might fail to load when redirected from the group or user detail page.
- Fixed time zone inconsistencies in the flow and alarm stats charts.
- Fixed an issue where the QR code for adding boxes might not be recognized by certain Android phones.
- Fixed an issue where, in some modes, network performance test results or settings might display incorrectly.
- Fixed several rule synchronization issues.
- Fixed various UI display issues.
Comments
4 comments
Team,
When switched to 2.7 the map disappeared
2.6.0
2.7.0
Thanks for the feedback. I've forwarded to the dev team.
May I know which browser did you use?
I tried All Chrome, Firefox, Edge, they all have the same behavior. So it goes like this, once you log on, the map is not there, you click on another side menu or refresh the page couple of times, the map starts showing up.
Hi, Mina; I have created a ticket for you. I have hidden your post as well, it does have sensitive data top right corner.
Please sign in to leave a comment.