Skip the Best Practice checks for “Failed Attempts” and “Lockout Time” on SAML Authentication Profiles and Authentication Sequences BP Checks for only SAML Authentication Profiles.
When a user selected a SAML Authentication Profile under the Device tab, they were not given an option in GUI to configure “Lockout Time” and “Failed Attempts.” “Lockout Time” and “Failed Attempts” Best Practice checks for SAML Authentication Profiles will now be skipped. If multiple types of Authentication Profiles exist in addition to SAML, then all Authentication types will be processed except for SAML.
Inaccurately calculating the adoption of DNS Sinkhole and URL Filtering in the Heatmap section.
When a user has a URL Filtering and DNS Sinkhole configured in a Security policy, adoptions were being miscalculated and the Rule Detail tab in the Best Practice Assessment shows them as disabled. Application Filters and Application Groups that were previously ignored are now accounted for.