One of the new interesting features of SP1 is the Traffic Simulator.

Using the Traffic Simulator you will be able to try out your rules to see if they match your intentions.

The Traffic Simulator is a new tab in the Troubleshooting node.

The way it works is that it “injects” the scenario into the actual engine, and therefore we can only run the simulations on a server where firewall service is running. So it’s not possible to do this remote.

The result is in my opinion still a bit “short”. It simply states the result and show the rule causing the result. If I for example have a rule that requires authentication to access internet. The results will be.

1: Traffic sent from this user:

2: Traffic sent from anonymous user:

And as you can see the information you get from the denied is only that it got stuck on the rule, but it is so far up to you to realize that it is because of authentication requirements. I have filed a change request for more info in this case, hopefully it will make it into RTM.

In all this is yet another great new feature of SP1 that i believe many customers have wanted for some time.