What's New

These are the new features and improvements in the Security Analytics and Logging (OnPrem) release v3.1.0.

New Features and Functionality

Branding Update

We've rebranded the deployment options from Single-node and Multi-node to Manager only and Data Store. This update is to avoid confusion due to similar terms in Secure Network Analytics.

Multiple Flow Collector Support for Data Store Deployment

Secure Firewall Management Center v7.2 supports sending Firewall events to up to 5 Flow Collectors, that are configured for Data Store, using the Security Analytics and Logging (OnPrem) wizard. For more information on how to configure multiple Flow Collectors, refer to the Configure the Secure Firewall Management Center to Send Event Data to a Data Store Deployment section of the Security Analytics and Logging (On Premises) v3.1: Firewall Event Integration Guide.

Secure Network Analytics Multi-Telemetry Support

Previously, Security Analytics and Logging (OnPrem) required a separate deployment of Secure Network Analytics due to telemetry ingest restrictions. In Secure Network Analytics v7.4.1, the Data Store deployment supports ingest of the following telemetry types simultaneously:
  • Firewall events

  • NetFlow

  • Network Visibility Module (NVM)

For more information, refer to the Secure Network Analyics Release Notes v7.4.1.

Secure Network Analytics Single-node Data Store

The Data Store deployment now supports 1 Data Node versus the minimum of 3 required in previous releases. For more information, refer to the Secure Network Analyics Release Notes v7.4.1.

EMBLEM Logging Format Support

EMBLEM logging format is now supported in Secure Network Analytics v7.4.0 and v7.4.1. To configure, refer to the ASDM Configuration to Send Syslog Events from ASA Devices or the CSM Configuration to Send Syslog Events from ASA Devices sections of the Firewall Event Integration Guide.


Note

For v7.4.0, you will need to download and install the Flow Collector NetFlow Patch Rollup007 or later. For more information, refer to the Patch Readme.