Kaspersky SD-WAN has the following new and improved functionality:
Centralized firewall management is supported with firewall template and DPI support. Now you can disable or enable DPI when specifying basic firewall settings and specify DPI marks to apply firewall rules to application traffic packets.
Now you can create DNAT and SNAT rules for firewall management if you want to use the Source Network Address Translation (SNAT), Destination Network Address Translation (DNAT), and Port Address Translation (PAT) mechanisms. You can centrally manage these mechanisms using firewall templates.
You can use up to 100 virtual routing and forwarding tables (VRF) on CPE devices. You can put BGP routes into one of the virtual routing and forwarding tables.
Now you can install certificate chains on CPE devices
Support for upgrading Kaspersky SD-WAN from version 2.1.3 to 2.2.0. If you are using a version lower than 2.1.3, you must first upgrade the solution to version 2.1.3, and then to 2.2.0. You must first upgrade the central components of the solution, and then the CPE devices.
The installation archive for quick deployment of Kaspersky SD-WAN is now available. The installation archive lets you modify elements of the orchestrator web interface, such as the displayed logo of your organization.
Optimized performance of the Controller and CPE devices.
Optimized recovery of a failed Controller node.
Now you can create IP address and subnet ranges for CPE devices (IPAM). You can use these ranges to centrally assign IPv4 addresses to network interfaces of CPE devices. You can also use IP address ranges to centrally assign IPv4 addresses to CPE router IDs.
CPE device names are now displayed in Zabbix monitoring system.