[MUSIC] This module covers SMP, the Security Management Portal, SMP Cloud-Based Management is a single platform to manage multiple customers can be monitored by the network operation center, easy, powerful and intuitive. There is a web interface to work with. Also we can reduce operational and maintenance costs with zero touch deployment and schedule reporting. It's a very robust architecture it's capable of managing up to 30,000 gateways in a single setup. With SMP management becomes simple, cloud based interface that allows access from anywhere, provides unified management, monitoring and analysis. Simplified group based security provisioning using plans so multiple customers can be assigned to a particular plan. Different features on the device can be enabled pair plan, providing a single platform to manage multiple customers extensive logging, reporting and monitoring capabilities are built into the product. Really designed well for helpdesk and Support Centre environments to manage large, huge numbers of gateways. This is very granular role based administration. So your administrator has enough different permission levels based on your needs. We support multi domain administration and there is easy deployment with zero touch provisioning. There is a separate knowledge base solution for SMP. It's a scale 11 0 2 16, the SMP domain also called service domain or poorly name that would be the top line here. The SMP plans will be similar to the earlier version LSM profile, which was a wired scale management profile. SMP uses plans to manage those gateways and share the same features or security settings. So if you were to deploy a device that may be have VPN enabled, but other device didn't you can have those on separate plans. Each gateway gets assigned to a plan. The gateway uses the plan settings by default. However, each service blade setting can be unlocked from the plan, and managed on the gateway locally, or via the security management portal. There is an activation key that's similar to SIC, that allows the gateway to connect to the SMP. There are three different ways to do that, SMP IP address and DNS, the gateway name and service domain that's the quickest and easiest method to do. Also there is a registration option which first auto generated and then can set by the owner, the SMP user interface. So we have an overview that shows you the gateways that are connected. The number of plans that we have, the users that are logged into the management portal and more. We also can generate reports on that. The screenshot on the right here is an example of one of those reports. We also have a map and this will allow you to see where your SMP appliances are deployed in. If you have multiple SMP appliances in the area, those will show up with a number associated with them. All configured gateways within the domain enter current status will show up here as well. Plans, each plan can be configured with different blades. Moving gateways involved to another plan is very easy to achieve. You can see we have some examples of the different plans here. And what they include and which blades are enabled on each plant. The Gateway status each setting blade or service can be managed on plant level, gateway level or locally. And so this shows you the security software blades that are enabled. We can also generate command CLI, command scripts can be added to a plan or at the gateway level. It's also very easy to add new users. So we can just go ahead users new add the user provide the user ID name email, select the roll password and to select whether you want to enable or disable two step authentication we'll get to that later on. New users with different permissions based on their defined role can easily be added allowing them to have different role. So with inside of a service domain, you can have multiple users and permission levels. We can have externally managed gateway in VPN communities option for full mesh community. We support permanent tunnels and different encryption methods. Membership from the VPN can be managed on the community plan or gateway level. We also support nested communities or VPN hierarchy. Full mesh and star communities are supported with this as well. We have the ability to block undesired applications from the predefined lists. Just in the application control URL filtering that can be deployed over the entire environment, SSL exceptions. We can manage the exceptions and bypass rules on a global level for all of the gateways that you manage. We can manage exceptions and bypass rules, define which SSL log will be generated, select other inspection bypass applications, and add custom bypass rules via CLI. We can do firmware upgrades, or remote scheduled firmware upgrades we can define per gateway the target release the number of stages, percentage of duration between each stage, this ensures the firmware upgrades run smoothly. You can see some examples here, 3,700 and 1,400 appliances have our 7,720 host accumulator. The1500 appliances have the our 8020 version. Email notifications, if we activate email notification service via ICMP, we can supply the following services, periodic reports, firmware upgrades, dynamic DNS and send cloud notifications. We can select which notifications are going to be sent like security incidents, networking events, operational events. We can select the recipients that will be receiving notifications. Put their email address in the box here with semi-colon separating them. Receiving email notifications would look like this, the device reconnects to your network last seen seven days ago, security operations center, cyber views. We can see the attack trends, male protections and map view of the attacks where they're coming from the events timeline very interesting. This allows us to track security incidents, infected hosts trends and more in cyber view now embedded in the SMP. With a cyber fuse, we can go to the infected hosts stab. It's going to show us the number of hosts that are infected. The command and control connections, gateways that reported infected hosts. If you click on any of the widgets, it will give you the detailed information on that specific detected attacks. We can see the number of users receiving malicious emails hosts downloading malicious files hosts access malicious websites, all those are summarized right here. Two step authentication so we can use multi factor authentication, two factor authentication, we can have that activated on the service domain level. So once we have the QR code we can scan with Google Authenticator or mobile app to register, and the user will receive a two step authentication email for the SMP, So upon logging into the SMP, you will add your admin credentials followed by the one time code from the app. Unified threat prevention for the 1500 series only. We have this applicable for the antivirus, anti bot, IPS and threat emulation configurable policies tracking options to To log alert or none, so we can set up the unified Threat Prevention policy again, only on the 1500 series appliances. The Gateway logs, we have our source, source port destination interface security blade, the traffic went through on which policy gateway rule all of that shows up on the SmartView logs when we click on one of the entries The detailed outputs is here on the right for the entry that is highlighted and selected so we can see all the information we need about this specific connection. SMP cloud services allow you to review the functionalities, services, monitoring, reporting, alerting cyber views, all of that. In the additional materials, there will be a link that you can try out this SMP portal to take a look at it for yourself. Productivity applications we can configure notifications at the server domain level showed you this earlier in another slide. The security incidents, networking events or operational events, you can get all of this information sent to you. Gateway report, we can configure reports based on your needs. We also can customize the logo shaped like we have a classic report that gets generated by the gateway extended report that is going to be based on log analysis. You can determine what's in your report what language is going to be on it and the desired time zone. And then how often are we going to send the reports, daily, weekly, or monthly. Security Management Portal has custom alerting enabled so that we can configure which alerts meet your requirements. They are cloud reporting on service domain, gateway or plan, we can generate reports based on that. The SMP cloud services retry mechanism. So after the first failure, gateways are going to wait for two minutes after the second failure, the gateway will wait for four minutes. Then 8 and then 16 minutes on the fourth attempt, then it's going to try and activate the cloud services automatically every 16 minutes until cloud services are successfully activated. The active ports for the SMP from the gateways to the SMP the incoming ports they're all listed here. The outgoing ports from the SMP to the gateway are listed down here also and what their function is all about. This is an example of the Security Management Portal network configuration where we would have customer with a particular plan. Another customer would have a different plan. Self provisioning through the API. We also have zero touch API for deployment in the gateways. The SMP service provider will determine what blades are going to be enabled. How long is it going to work with their management that would be detailed in the service domain. The SMP management interface service providers security operation center, and then the back end LDAP directory. This is a live SMP. This is a live Security Management Portal environment. It's a demo environment but still let's go ahead and log in and see all of the features that we saw in screenshots now and live. So this is the overview page, we can see how many devices are currently connected, how many devices are currently not connected disabled, and so on. How many plans we have, how many users are currently logged in, and if we'll go ahead two sessions I can see the actual users that are currently logged in currently, just me, Hey, this is me say Hi, the application and the source IP that I'm using. Here we have the plans. So we have the basic plan, the default plan, gold plan, initial and finally the premium plan. You can see that each plan is slightly different in terms of the different delays that are enabled or disabled on each of them. We can deploy these plans for different gateways, move the gateway in between the plans, it's really flexible. This is the map option, it's going to show you where are the gateways you deployed, what's connected? What's this connected and we can select a gateway and get some more information. So if I'll take this one for example, I can see the name status, IP address description, and of course, a live address which is quite nice. The gateways tab, these are the different gateways that we have set up. And if we click on one of the gateways, it will give us additional information about that. So example, I can see the location, who the owner is status law associated with this gateway, the different services are enabled. You can see ally scripts that are set from that gateway and more, you can expand it and see a lot of more information. Here we can see the users that we have defined on this demo environment, communities for VPN. So right now we don't have any and the service Domain we can take a look at the logging, DNS information and custom fields that mail for the alerts, framework bales that we have available certificates, any notifications Four gateways, reports, user summary messages, all of those are listed right here. Setting up custom alerts, we can go here and set up a new custom alert if we want to it's very easy two factor authentication API access, radius. For authentication, all of that can be configured right here. Here we have the different roles from the administrators. So we can take a look and see super user for example, that can view and modify any object in the service domain. So here under logs, we have the gateway logs. It will let us see the logs from all the different gateways that we manage. You can go ahead and open one of the androids. I can see the origin of this log, I can see traffic information. So source, destination, service that was being used as source port, and a lot more information. The system logs view allows us to get information about the actual system. So for example, I can see all of my sessions, log in again. In this case, I only have read only access, but if I made changes, I could have seen those appear here as well. Here I have the activity logs, he will go to cyber views so under infected hosts. So currently it's a demo setup so everything is cleaned. But of course if you will have an infected device, we'll be able to see it here the prevented attacks. So once again, for now it's all clean and nice. But if you will have any attacks that were successfully prevented, you'll be able to get any information here detected attacks. Once again, you'll have all of that information right here. And finally, the attack trends. So you have a nice timeline here so we can have really great insights about what's going on in your organization. This concludes the SMP session. Thank you. [MUSIC]
