my 0.02$ for v7:
1.) rule tester for firewall (like barracuda does). if u have a bunch of firewall rules and even not sure if your existing rules are 'enough' for your new application to work, just put your credentials (like source ip, destination ip, tcp/udp - port ...) in the ruletester and see, if the connection would already work, without creating a new rule.
2.) dynamic dns names in firewall rules with continuous lookups (like every minute...), if there is a new IP address for a DNS string.