Hi All,
I migrated my home box from MR7 to v17 and all good.
In my case, the IPS did not start automatically after the reboot.
The other thing is the UI is faster than v16 but the Network menu is very slow compared to the others. I have only 2 NICs and 2 VLAN.
Last thing, where is the policy test?
In my experience, you are lucky enough to have all the bug requests acknowledged/fixed during the beta. Any feature requests will not be added to the current release which is too bad.Mark H said:Why not v17 GA or v17.1? : )
Giordano,
I do not like the static dashboard too and the wasted space is really horrible at the moment, but in Sophos they have other priorities like custom SSL VPN port, MTA improvements, objects, etc.
NAT should be placed in the same Firewall menu and Firewall rules should have icons like before. I like the new Firewall UI but having more than 50 firewall rules with the same icon makes confusion.
I reverted back to v16.5 because DNS is not working at all on XG (both XG, or public DNS traffic).
Let's see!
Thanks Alda.
See this thread:
I am on v16.5 because of this issue.
Hello luk,
Thanks for the warning. Unfortunately, I can confirm that identical errors are recorded in my three XG v17 Beta-1 installations too. But none of my installations is so affected that web browsing does not work.
Does anyone have similar problem, could you check the log file /log/fqdnd.log in your v17 ?
Regards
alda
the mentioned log errors aren't related to the problem luk was describing. they're just informational, and not indicative of a problem at all. (we'll hide them in future) so don't expect to see any failures, just because you see those logs.
I luk,
i did not spoke about static guy.
We need to know (remotely) if there are some problem on Hard Disk or on power supply. There is no place to find this type of errors... or by walking on server room...
Our customer ha more that 50 NAT rules only.... so this is why we need to separate... It's a different concept: ACL you need them to do security and allow/block some traffic, NAT Rules you need when you need to publish some services on External.
New UI is good, but i think there are no changes like v16.5. We are waiting SF17 and we wait some changes that show Sophos is on the right way not on same way like before ;-)
Giordano
Billybob said:
In my experience, you are lucky enough to have all the bug requests acknowledged/fixed during the beta. Any feature requests will not be added to the current release which is too bad.
I don't know that we really set feature expectations in this beta, so I'll try to set them now. We follow an Agile development model, which allows us to be pretty flexible in the grand scheme of things, but realistically turning around significant features in a matter of weeks, is almost impossible. We put 9 months into developing the features you see in v17. Actually more like 6 or 7, as we slowed down feature development while focusing on quality improvements through the start of the year. So you can extrapolate a bit, how long it can take to develop a significant feature.
For smaller features, the primary cost may not be the development of the feature, but in writing unit tests to make sure that it doesn't break any existing functionality, test automation to ensure it works in all expected configurations, and then testing for, and fixing the inevitable number of bugs that are found in testing. So turning around features in a 4-6 week beta period, is seldom possible, if you want to release quality code. We can often accommodate smaller changes, like improving layout, or tweaking workflows in a normal beta like this one, or we can do as we did in v16, and go for a much longer beta. Even there, the number of features added in a very long beta, was relatively small.
The end result, is that your feature feedback is welcome, and encouraged - but bigger items will more likely shape future changes, than the current release.
AlanT said:We put 9 months into developing the features you see in v17.
Ugh.
So realistically we're still years away from seeing feature parity with UTM, such as better IPv6 support and decent mail protection.
If that's the case put a moratorium on dicking around with UI changes and get actual NGFW features added.
Hi Alan,
Totally appreciate and understand the development methodologies you're using as well as the incumbent problems you've had with the Cyberoam Development teams but this is quite disappointing to hear. There is so much missing and still keeping the UTM relevant and areas causing fundamental hold backs from it being the truly viable UTM replacement.
The issue that arises to my eyes is that there has been so much focus on the knifepoint that the shaft of the blade is being ignored. These are the areas that engineers and customers who use the system day in and day out slowly get to a point of irritation and eventually (for some customers) threatening to drop the system losing us business.
I would be very interested to discuss my thoughts with you over email if they can be at all relevant.
Emile
