In Release 6.0.0, the Enhanced Firewall Services (EFS) functionality supports URL Category Filtering, URL Reputation Filtering, and Malicious IP Filtering in addition to Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) services on VMware SD-WAN Edges. The following enhancements are introduced for the EFS functionality:

• URL Filtering and Malicious IP Filtering - The URL Filtering and Malicious IP Filtering services are powered by VMware’s award-winning Security components, empowering IT administrators to reduce their system’s attack surface. Through URL Filtering, web traffic is filtered based on Category and Reputation. Integrating the capabilities of VMware Security with VMware SD-WAN Edge platforms enables clients to confidently remove legacy firewalls at branch locations without compromising security and experiencing the benefits of streamlined network and security operations. Additionally, clients leverage VMware's investment in threat intelligence. The solution also provides extensive traffic and threat visualization through improved security dashboards. To configure and manage URL Filtering and Malicious IP Filtering, see the following topics:
  • Configure Enhanced Security Services
  • Configure Profile Firewall
  • Configure Edge Firewall
  • Configure Firewall Rule
• Security Service Groups - Security Service Groups are organized collections of security service settings that are offered as part of the Enhanced Firewall Services. These settings include URL Category, URL Reputation, Malicious IP, and IDS/IPS. These groups are designed to simplify firewall policy management by enabling the creation and reuse of predefined security service configurations across multiple firewall rules. This approach eliminates the need to create and maintain multiple individual security service settings for each firewall rule, thereby streamlining the process and enhancing efficiency. To create a Security Service Group using the pre-configured security services and associate that Security Service Group with the Firewall rules, see Configure Enhanced Security Services.
• Monitor Security Overview - The Security Overview page is enhanced to display the overall impact summary of configured Security services, like IDS/IPS, URL Categories, URL Reputations, and Malicious IP for all Edges within an Enterprise, based on the metrics collected using the various EFS engines (IDS/IPS/URL Filtering/Malicious IP). For more information, see Monitor Security Overview.
• Improved Firewall Logging - The Firewall logging feature presents a comprehensive pane view for each log record selection, encompassing both Firewall and Enhanced Firewall Service engine-related data. Furthermore, new intelligent filters have been integrated to facilitate the searching of logs based on specific engines, including Firewall, Intrusion Detection System/Intrusion Prevention System (IDS/IPS), URL Category, URL Reputation, and Malicious IP. For more inforamtion, see Monitor Firewall Logs.
• To support configuration and monitoring of URL Filtering and Malicious IP Filtering on Edges, new events, alerts, and troubleshooting tests are added. For more information, see Enhanced Firewall Services Alerts and Events and Troubleshooting Firewall.