UserGate UTM 5 - What's new?

UserGate UTM 5.0.6R12 Release (build 5.0.6.4825R12, 18/06/2021).

Important! This update will change VPN settings if applied on versions 5.0.6R5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Added ability to export certificate and whole chain.
  • Added support for Path MTU Discovery.
  • Improved check for MAC address to prohibit using of address 00:00:00:00:00:00.
  • Improved checking for valid pre-shared key symbols, added underscore as valid symbol.
  • Improved L7 engine stability.
  • Improved VPN stability on non-stable networks.
  • Improved web browsing speed when ICAP enabled.
  • Fixed problem with access to web console at address auth.domain:8001 via explicit proxy.
  • Fixed crash when fast mode proxy is on.
  • Fixed crash when updating big list with URLs.
  • Fixed problem with API service on zone which can be unintentionally disabled in some cases.
  • Fixed problem with consumption of memory when uploading big file.
  • Fixed problem with excessive disk space usage by updates.
  • Fixed problem with incorrect export of overridden domains.
  • Fixed problem with no username and IP address are shown on blocking page in cluster, if external balancer is used.
  • Fixed problem with opening sites if ICAP server is configured with option Send and ignore.
  • Fixed problem with route disappeared when secondary IP address is added/removed on interface.
  • Fixed problem with saving DHCP relay configuration.
  • Fixed problem with scenarios where condition is based on virus check trigger.
  • Fixed problem with sending data to ICAP server if Preview option is set to 0.
  • Fixed problem with showing Warning page for content filtering rules with action warning, which happened if blocking content is embedded into another page.
  • Fixed problem with SSL inspection for domains in capital letters.
  • Fixed procedure of updating nodes in cluster.

UserGate UTM 5.0.6R11 Release (build 5.0.6.4729R11, 30/03/2021).

Important! This update will change VPN settings if applied on versions 5.0.6R5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Added ability to close RDP session connected via web portal if authentication time has expired.
  • Added ability to create bridge interface based on bond interfaces.
  • Added ability to renew certificates.
  • Added ability to use tunnel interfaces in OSPF routing.
  • Improved IDPS allow rules. Allow IDPS rule can be created without IDPS profiles only.
  • Improved memory consumption when processing big URL lists. Any changes made to big URL list may take more time to apply in rules.
  • Improved memory consumption when updating big IP lists.
  • Improved performance of L7 engine.
  • Improved stability of Site-to-Site VPN connections.
  • Improved VPN connection for Windows clients.
  • Removed applications condition from IDPS rules as non-relevant.
  • Fixed crash which can happened if enable L7 module in CLI.
  • Fixed crashes which can happened sporadically.
  • Fixed error with saving OSPF router properties.
  • Fixed high memory use if configured many DNS servers with long response time.
  • Fixed logging error for some changes in VPN network.
  • Fixed logic of BYOD rules processing. Any condition is considered as any device type now instead of no devices.
  • Fixed potential XSS vulnerabilities on some console pages.
  • Fixed problem when user connected several times to VPN and logged out from one connection, all connections are closed.
  • Fixed problem with access to application published by web portal direct domain and allowed for a specific LDAP group.
  • Fixed problem with authentication by certificate in Reverse proxy.
  • Fixed problem with authentication user for specific URL list set in Captive portal.
  • Fixed problem with authentication user via NTLM or Kerberos for specific URL categories set in Captive portal.
  • Fixed problem with excessive logging of VPN logout events.
  • Fixed problem with filtering web access events by user, which showed no records.
  • Fixed problem with firewall rule with time restriction is active while should not be active.
  • Fixed problem with geo-IP added to the NAT rule if rule moved to another position in the rules list.
  • Fixed problem with getting empty page after UserGate initialization has finished.
  • Fixed problem with http-cache is always on.
  • Fixed problem with inability to return to internal block page in content rule after changing it to external page.
  • Fixed problem with incorrect DHCP options provided to client, if there are several DHCP pools configured at one interface.
  • Fixed problem with incorrect error message when duplicating URL in the URL list.
  • Fixed problem with no application detected for traffic, which was allowed by rule without application specified.
  • Fixed problem with PPPoE connectivity happened in some cases.
  • Fixed problem with scenario does not work if it is applied to rules with LDAP groups.
  • Fixed problem with time restriction is not applied to bandwidth rules.
  • Fixed problem with transit traffic lost while applying of network or firewall changes.
  • Fixed problem with VPN server crashes in some cases.
  • Fixed problem with zone is not assigned to bridge interface after creation.
  • Fixed TCP balancing problem which prohibited to use ports 80 and 443 in balancing.
  • Fixed timer for opened session if proxy f-mode is on.
  • Fixed problem with ability to delete reverse proxy certificate which is in use.

UserGate UTM 5.0.6R10 Release (build 5.0.6.4577R10, 22/12/2020).

Important! This update will change VPN settings if applied on versions 5.0.6R5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Added GARP message in Active-Passive HA cluster to be sent every minute.
  • Improved warning page for some sites.
  • Improved setting for TCP window scale for http/s traffic.
  • Improved scenarios processing.
  • Improved publishing of some web sites on web portal.
  • Improved web portal work with Microsoft SharePoint servers.
  • Changed HA cluster behavior (cluster continues to operate) if one or more interfaces disconnected on all cluster nodes.
  • Improved firewall work with large number of rules.
  • Improved VPN stability when transferring big volumes of data.
  • Improved HA cluster stability.
  • Improved stability of VPN connectivity of Windows 10 users.
  • Improved stability of L7 module.Fixed incorrect logging of VPN users logged in with more than one auth method.
  • Fixed problem when block page cannot be displayed if URL contains symbol less.
  • Fixed problem with cleaning VPN users which may lead to high CPU utilization.
  • Fixed problem when you cannot use network 172.16.0.0/12 in web portal publishing rules.
  • Fixed problem with restoration of backup created earlier.
  • Fixed problem with uploading to web console certain type of certificate.
  • Fixed problem with source zone is not considered in port forwarding and DNAT rules if SNAT option is enabled.
  • Fixed problem with incorrect gateway state when connectivity checker is configured and when administrator opens Gateways page in web-console.
  • Fixed problem with no software updates available while they are available for installation.
  • Fixed problem when revert packet can go to non-original gateway, if there are more than one gateway.
  • Fixed CLI errors when Cyrillic symbols entered.
  • Fixed problem with absent of arp response from UserGate while network mapping.
  • Fixed memory leak when updating L7 signatures.
  • Fixed refresh NIC function in boot menu.
  • Fixed problem with interruption of network flow over 10Gbps network card in high load.

UserGate UTM 5.0.6R9 Release (build 5.0.6.4452R9, 06/10/2020).

Important! This update will change VPN settings if applied on versions 5.0.6R5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Fixed problem with update of heuristic virus engine.
  • Fixed memory leak in log ftp export.
  • Increased DNS timeout for more stable resolving over slow DNS servers.
  • Improved stability of VPN connection.
  • Improved statbility of L7 module.

UserGate UTM 5.0.6R9 Release (build 5.0.6.4447R9, 17/09/2020).

Important! This update will change VPN settings if applied on versions 5.0.6R5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Added ability to NAT all own UserGate's traffic.
  • Added additional check to applied update, to make sure that update is suitable for the version of UserGate.
  • Added support for ftp protocol in firewall.
  • Added ability to use several netflow profiles.
  • Added support for TLS GOST for SSL inspection.
  • Fixed problem with device hangs due to L7 module crashes happened in some cases.
  • Fixed agent of terminal server to work with Skype for business.
  • Fixed CLI catlog command.
  • Fixed crash when enabling interface in mirror mode and IPS enabled.
  • Fixed digital signature for Terminal server agent installation file.
  • Fixed incorrect applications list in filter by application in traffic log.
  • Fixed incorrect value of NAT source IP in traffic log.
  • Fixed intermittent problem when web console unexpectedly closes connection.
  • Fixed loosing zones when applying security update on UserGate version 5.0.6.4072.
  • Fixed memory leak when L7 signatures get updated.
  • Fixed problem when deleted route remains in the system.
  • Fixed problem with disabling module L7 on all cluster nodes.
  • Fixed problem with disappearing services on zones when enabling netflow for more than one interface.
  • Fixed problem with downloading prepared report.
  • Fixed problem with getting URLF category for some sites.
  • Fixed problem with inconsistent VPN interfaces setting which may happen in cluster.
  • Fixed problem with incorrect cookies modifications for Outlook web access published over web portal.
  • Fixed problem with incorrect cookies modifications for some sites published over web portal.
  • Fixed problem with loosing static addresses on VLAN interfaces created on bond interface with IP address obtained by DHCP.
  • Fixed problem with redirecting guest user to original web page after captive portal login.
  • Fixed problem with routes which are not applied to Windows clients connected over VPN.
  • Fixed problem with session syncing in HA cluster if it is built on different physical interfaces.
  • Fixed problem with SNI and host mismatch in web portal https requests.
  • Fixed problem with updating heuristic virus protection module.
  • Fixed problem with updating shaper rules when applying security update which may brick UserGate.
  • Fixed problem with VPN if there are more than 2 client VPN connections configured.
  • Fixed problem with emergency admin login after installing security update.
  • Fixed problem with unloading L7 module from CLI console.
  • Fixed problem with naming of new PPPoE interface which was in use by another PPPoE interface.
  • Fixed incorrect displaying of filtering result in L7 applications.
  • Fixed sameSite attribute error in Firefox when connecting to web console.
  • Fixed problem with decrypting of TLS 1.0.
  • Fixed problem with applying firewall rules with user's groups to cluster nodes.
  • Fixed problem with creating bandwidth pool happening in some cases.
  • Fixed problem with getting emails from gmail servers.
  • Fixed problem with deleting of Netflow profile.
  • Fixed problem with adding application to the application group.
  • Fixed problem with loosing all IP addresses assigned to the interface used in HA cluster, when interface is disabled and server rebooted.
  • Fixed problem with booting server up after creating backup of system partition.
  • Fixed problem of incorrect blocking of https://youtube.com if SSL inspection rule set to block sites with incorrect certificates.
  • Fixed problem with incorrect groups sent to statistics module for users.
  • Fixed problem with HA cluster stability if it uses VLANs on bond interfaces.
  • Fixed problem with displaying of network interface in the web console, if interface has DHCP mode, but no DHCP server in the network.
  • Fixed problem with interruption of Skype for busines if terminal server agent is installed.
  • Fixed problem with DHCP relay does not work in some cases.
  • Fixed problem with applying of firewall rules for users groups connected via VPN.
  • Fixed problem with applying of shaping rules with scenarios to groups of users.
  • Fixed problem with not all VLAN interfaces are up in bond, if bond disabled and then enabled again.
  • Fixed problem with disabling interfaces in bond after changing bond mode form fast to slow.
  • Fixed problem with creating routes over PPPoE interface.
  • Fixed memory leak in L7 module during signatures update.
  • Fixed problem of restoring UG OS kernel from backup.
  • Fixed problem with web publishing over web portal with direct domain when incorrect SNI was created.
  • Fixed incorrect displaying of bar charts in Dashboard.
  • Fixed syn-proxy crash happened in some cases.
  • Fixed file system permissions for debugging logs.
  • Removed obsolete backup command from CLI.
  • Improved displaying of DHCP leased addresses.
  • Improved logging of changing password for terminal server agents.
  • Improved nodes failover in HA cluster.
  • Improved security update applying procedure (speed up).
  • Improved procedure of applying settings to cluster's nodes.
  • Improved notification processing, reduced CPU usage.
  • Improved procedure of deletion of HA cluster.
  • Improved publishing of web resources over reverse proxy and web portal, added changes to some cookies.
  • Improved publishing of web resources over reverse proxy and web portal, added changes to some headers.
  • Improved L7 module stability.

UserGate UTM 5.0.6R8 Release (build 5.0.6.4337R8, 25/06/2020).

Important! This update will change VPN settings if applied on versions 5.0.6R5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Added ability to backup configuration partition only.
  • Added ability to clear system logs and install update from Support menu.
  • Added ability to revert back to local Log Analyzer.
  • Added ability to run remote admin in case of UserGate crash.
  • Added check of external storage required to complete backup of UserGate.
  • Added NTP server role to UserGate.
  • Added protection of system partition from overloading with system logs.
  • Added support for VLANs in L2 bridge mode.
  • Added information about NAT translation to Netflow protocol.
  • Improved connection of UserGate to Log Analyzer.
  • Improved memory consumption in kernel modules.
  • Improved PPPoE login length to 22 symbols.
  • Improved procedure of deletion VLAN interface, if it is used in gateway.
  • Improved processing of changes of IP addresses on bond interface with VLAN's.
  • Improved speed of configuration changes application.
  • Improved wrdp service to use explicit port range.
  • Optimized memory consumption for UserGate C model.
  • Removed CLI access from unconfigured UserGate appliance.
  • Fixed incorrect date in web-portal.
  • Fixed POP3 proxy crash happened in some cases.
  • Fixed POP3S decryption.
  • Fixed problem with showing interfaces in route list in CLI.
  • Fixed problem with authentication by certificate to web console.
  • Fixed problem with deletion of WCCP rule.
  • Fixed problem with destination zone which was ignored in content filtering and Captive portal rules.
  • Fixed problem with displaying of pop-up menus in web access log in some cases in Chrome browser.
  • Fixed problem with exporting routes in diagnostic and monitoring tab.
  • Fixed problem with frozen VPN sessions.
  • Fixed problem with ICAP rules which affects reverse proxy traffic.
  • Fixed problem with incorrect adding of gateways obtained from dynamic routing protocols.
  • Fixed problem with IP reserving in DHCP if no domains are configured in DHCP lease.
  • Fixed problem with L7 app detection if SSL inspection is enabled.
  • Fixed problem with L7 engine, which may cause UserGate to crash on some signatures.
  • Fixed problem with L7 memory leak.
  • Fixed problem with netflow profiles, which were enabled by default even if it is not in use.
  • Fixed problem with NTLM auth in transparent mode.
  • Fixed problem with VPN driver happened in some cases.
  • Fixed problem with VPN, if administrator changes tunnel interface mode from static to dynamic.
  • Fixed problem with WCCP configuration interpretation.
  • Fixed problem with disappearing of IP address of cluster interface after disabling/enabling of interface.
  • Fixed problem with inability to import configuration from cluster to standalone node.
  • Fixed problem with not applying default route to PPPoE interface.
  • Fixed problem with non-working shaper rules for L7 applications.

UserGate UTM 5.0.6R7 Release (build 5.0.6.4229R7, 21/04/2020).

Important! This update will change VPN settings if applied on versions 5.0.6R5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Added MFA for VPN authentication.
  • Added ability to create GRE, IP-IP and VXLAN tunnels.
  • Added ability to filter SNMP traffic.
  • Added support for external Log Analyzer server.
  • Added ability to use scenarios in NAT and routing rules.
  • Added ARP proxy for Natted networks.
  • Added CLI commands to enable/disable IDPS, L7, h.323, sunrpc modules.
  • Added events for VPN user connected, disconnected to the event log.
  • Added extended WCCP settings.
  • Added firewall support for sunrpc, h.323 protocols.
  • Added ability to aggregate packets on zone level from different IP addresses for DoS protection.
  • Added ability to check filesystem to Support menu.
  • Added ability to clear DNS cache on UserGate.
  • Added exclusion for using TCP ports 9000-9100 for using in user defined rules.
  • Added gratuitous ARP packet to send on interface up.
  • Added negate option for IP spoofing rules.
  • Added option to support menu to allow increase log partition size.
  • Added sorting to VPN users in monitoring page.
  • Added SSL inspection result in web access log.
  • Added support for NCS2-IGM806B network module.
  • Added VPN interfaces to Diagnostics and monitoring page.
  • Added logging of RDP and SSH applications launched via web portal.
  • Fixed console error when administrator enables many ethernet ports at once.
  • Fixed console error when searching for elements in Alert rules.
  • Fixed displaying of incorrect speed for bond interface.
  • Fixed error in the event log - Invalid controller number which caused by absence of RAID controller.
  • Fixed error of selecting and showing working gateway with configured connectivity checker.
  • Fixed error which prohibits to set 0 for number of connection attempts in PPPoE.
  • Fixed format CEF of sending logs to external servers via syslog.
  • Fixed high CPU utilization by L7 module.
  • Fixed incorrect expiration date for Mail security module license.
  • Fixed logging error of changes of firewall rule's logging.
  • Fixed problem of file corruption when downloading it via web portal.
  • Fixed problem of self-disabling of bridge interface in some cases.
  • Fixed problem showing blocking page from ICAP server.
  • Fixed problem when setting many ports in reverse proxy rule.
  • Fixed problem with master role set on node, which is not supposed to be master, if both nodes are restarted at the same time.
  • Fixed problem with adding user from FreeIPA directory to UserGate.
  • Fixed problem with applying content filtering rules to LDAP groups if more then one LDAP domain configured.
  • Fixed problem with applying new VPN tunnel IP address on second cluster node, when it was changed on the first node.
  • Fixed problem with applying rules to LDAP groups if LDAP domain name is without dot.
  • Fixed problem with authentication by captive portal and terminal or windows agent from the same computer.
  • Fixed problem with authorizing by user group in VPN rules.
  • Fixed problem with case sensetivity in DNS static records.
  • Fixed problem with case sensetivity in path rewrite records in Reverse proxy rules.
  • Fixed problem with copying logs to ftp servers.
  • Fixed problem with displaying of web portal page when connecting to reverse proxy published server.
  • Fixed problem with duplicating VPN user session in monitoring.
  • Fixed problem with error when deleting a local group.
  • Fixed problem with error when selecting URLF category in captive portal rules.
  • Fixed problem with GeoIP doesn't work for DNAT and portmapped rules.
  • Fixed problem with getting error when searching in BYOD devises list.
  • Fixed problem with guest user, who can continue connecting after his TTL has expired.
  • Fixed problem with HA cluster if no DNS servers are configured in UserGate.
  • Fixed problem with importing lists from IE browser.
  • Fixed problem with inability to send request to change host's category.
  • Fixed problem with incomplete information in web access log for content filtering rules with morphology.
  • Fixed problem with incorrect memory value in the Dashboard performance widget.
  • Fixed problem with incorrect speed for bond interfaces.
  • Fixed problem with incorrect speed for bridge interfaces.
  • Fixed problem with incorrect SRTT for unreachable DNS servers.
  • Fixed problem with initializing some ethernet ports.
  • Fixed problem with mask /24 is always set for VPN interface.
  • Fixed problem with memory leak in L module.
  • Fixed problem with missing an event in event log for changing IP address for an interface.
  • Fixed problem with negative memory values in Dashboard.
  • Fixed problem with no application for email traffic in traffic log.
  • Fixed problem with no logging for some firewall rules when logging is on.
  • Fixed problem with no routes applied to client side in Site-to-Site VPN connection.
  • Fixed problem with no SNMP trap for gateway changed event.
  • Fixed problem with no space left on the system partition when traffic capture is enabled.
  • Fixed problem with no username in whitelist requests for terminal servers' users.
  • Fixed problem with ping and traceroute error if host has capital letters.
  • Fixed problem with restoring system of UserGate from backup.
  • Fixed problem with saving files with names with national alphabets via ftp-over-http proxy.
  • Fixed problem with saving password for SMTP server in SMTP notification profile.
  • Fixed problem with showing 0.0.0.0 as VPN user's address in event log.
  • Fixed problem with some lists got incorrect ids after settings import.
  • Fixed problem with SSL injection for certificates issued with alternative unicode coding.
  • Fixed problem with stop working of settings scheduled export after reboot.
  • Fixed problem with updating lists if UserGate activated in offline mode.
  • Fixed problem with VPN client with static VPN IP address reconnection to VPN server.
  • Fixed problem with VPN server ignores IP sources in VPN rules.
  • Fixed problem with VPN tunnel over PPPoE link in some configurations.
  • Fixed problem with web socket data and ICAP enabled.
  • Fixed several problems with no connectivity in VPN client mode.
  • Fixed SNMP type for PhysAddress counter.
  • Fixed problem with applying security policy to users based on their groups in some cases.
  • Fixed problem with transferring some dhcp packets in VPN tunnel.
  • Fixed problem with Kerberos authentication in a domains with some DC unavailable.
  • Fixed problem with bond interface gets broken in some cases.
  • Fixed problem when applying session sync setting require reboot.
  • Fixed problem with incorrect mail security counters and graphs in the Dashboard.
  • Fixed problem with adding Cyrillic domains to cache exclusions.
  • Fixed problem with service web-console which may hang in some cases.
  • Improved balancing for reverse proxy servers according with clients IP source address.
  • Improved description of gateway changed event.
  • Improved displaying of VPN client's status.
  • Improved HA cluster master node displaying state in web console.
  • Improved master role handover in HA cluster.
  • Improved OSPF behavior in HA cluster.
  • Slave node has higher routes cost.

  • Improved procedure of applying big number of firewall rules.
  • Improved processing of Reverse proxy rules.
  • Improved sorting of tunnel interfaces.
  • Improved VPN server behavior if lack of IP addresses for VPN is assigned.
  • Improved VPN stability.
  • Improvement - added underscore to the allowed list of characters for domain names.
  • Numbers of small web console improvements.

UserGate UTM 5.0.6R6 Release (build 5.0.6.4072R, 11/12/2019).

Important! We have updated our End User License Agreement (EULA). New terms are available at https://www.usergate.com/usergate-eula.
Important! This update will change VPN settings if applied on versions 5.0.6R5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Added support for TLSv1.3 inspection.
  • Introduced new URLF 4.0 database. Improved speed, accuracy and flexibility.
  • Changed VPN design. Added VPN interfaces, added HA clustering support.
  • Added ability for deployment automation of UserGate server via API.
  • Added ability to apply offline update for updatable lists.
  • Added ability to create morphology list from content filtering rule.
  • Added ability to detect applications in standard HTTP/S traffic.
  • Added ability to set TCP port range in SCADA services.
  • Added Basic authentication method for proxy.
  • Added status Reconnecting for VPN, if client server is reconnecting.
  • Added ability to log only selected filtering rules.
  • Added ability to log session start in firewall, NAT, DoS rules.
  • Added ability to reset all authenticated users.
  • Added ability to search for content in rules.
  • Added ability to send anonymous statistics to UserGate to improve URL filtration quality. This option can be disabled.
  • Added ability to support legacy HTTPS cipher algorithms, such as TLSv1.0.
  • Added ability to users to override URLF categories.
  • Added authentication method based on VLAN ID.
  • Added CLI command to set ICAP server waiting timer.
  • Added detailed information to event log and notifications about gateway changed.
  • Added error in web console and record to event log about LDAP server unavailability.
  • Added event about exporting/importing lists.
  • Added fallback support for remote admin service to port TCP 80.
  • Added interfaces of types VLAN and Bond to dashboard widgets.
  • Added interfaces types VLAN and bond to dashboard graphs.
  • Added logging of SSL decryption error in web access log.
  • Added new updatable list of domains for RKN prohibited sites.
  • Added new URLF category - Updates.
  • Added support for L2TP VPN with Windows XP clients.
  • Added support for Netflow statistics.
  • Added support for SCADA protocols: Modbus, DNP3, MMS.
  • Added support for WCCP protocol as WCCP client.
  • Added validity check for imported URL and IP lists.
  • Fixed assignment of destination zone and destination IP for explicit proxy connections.
  • Fixed block-page problem if set auth.captive in mixed case letters.
  • Fixed compatibility issue with Dr.Web ICAP server.
  • Fixed error with displaying routes in CLI which were created in web-console.
  • Fixed error with exporting lists from edit rule dialogue.
  • Fixed firewall rule, which does not send ICMP unreachable message.
  • Fixed high memory consumption by L7 module in some cases.
  • Fixed incorrect case for some http headers which prevents some web-sites to load correctly.
  • Fixed incorrect ICAP preview 0 and eof commands which led to incorrect processing of content by ICAP server.
  • Fixed intermittent problem with certificate intercept when no decryption configured.
  • Fixed NTLM authentication problem if set LDAP domain in capital letters.
  • Fixed problem with ability to delete interface which is in use by BGP.
  • Fixed problem with adding route in CLI.
  • Fixed problem with authenticating user by auth agent on active cluster's node only.
  • Fixed problem with CAPTCHA is not updated after incorrect password.
  • Fixed problem with captive portal rule with IP source or IP destination are set.
  • Fixed problem with capturing traffic on specific network interface.
  • Fixed problem with capturing traffic on VLAN interfaces.
  • Fixed problem with checking log export configuration rule eporting to external ssh server.
  • Fixed problem with classifying URL if port is specified.
  • Fixed problem with CLI over serial port not working.
  • Fixed problem with creating bridge interface on VLANs.
  • Fixed problem with deleting scenario which is in use in rules.
  • Fixed problem with DHCP server settings are lost after applying update.
  • Fixed problem with DNS resolution on newly added to cluster node.
  • Fixed problem with DNS resolution on terminal servers with installed auth agent and several network adapters. Required to update terminal services auth agent.
  • Fixed problem with factory reset cannot restore factory state in some cases.
  • Fixed problem with FQDN for time server is limited to 20 symbols.
  • Fixed problem with FTP over HTTP if non-standard port is used for FTP.
  • Fixed problem with incorrect Cyrillic encoding in MFA messages.
  • Fixed problem with incorrect processing of URLs beginning with dot.
  • Fixed problem with incorrect showing speed for 10Gbps interfaces in web console.
  • Fixed problem with Log Analyzer cannot start after reboot in some cases.
  • Fixed problem with no notification sent about white list request.
  • Fixed problem with offline registration for licenses with unlimited number of users.
  • Fixed problem with offline registration in configuration cluster.
  • Fixed problem with opening of some web sites which use sophisticated DDoS protection.
  • Fixed problem with processing of DNS request which has many records in response.
  • Fixed problem with removing expired authenticated users.
  • Fixed problem with routing issues when creating a configuration cluster for nodes in different IP networks.
  • Fixed problem with sending reports over SMTP.
  • Fixed problem with shaping Tor application with scenario.
  • Fixed problem with slow opening of some web sites.
  • Fixed problem with some interfaces lost after importing configuration.
  • Fixed problem with static DNS record which cannot be disabled.
  • Fixed problem with static DNS records are not resolved if DNS cache is off.
  • Fixed problem with static IP address assignment for network interface from CLI which is reverted to DHCP after reboot.
  • Fixed problem with synchronization CRL to all cluster's nodes.
  • Fixed problem with syncing of users' states on cluster's nodes for terminal users.
  • Fixed problem with syncing of users' states on cluster's nodes.
  • Fixed problem with update distribution to all cluster's nodes with no Internet access.
  • Fixed problem with uploading file to FTP server over explicit proxy.
  • Fixed several issues which can lead to high memory consumption in some cases.
  • Fixed SMTP notification for new white list requests.
  • Fixed Unable to connect error on some pages.
  • Fixed error with BGP configuration with empty list (any).
  • Fixed problem with displaying L7 apps in traffic log.
  • Fixed problem with downloading big file over SSL with legacy SSL decryption mode enabled.
  • Fixed problem with HTTP keep alive processing.
  • Fixed problem with ICAP doesn't process rules with mime-type conditions.
  • Fixed problem with log start session only logging mode does not log ICMP ping requests.
  • Fixed problem with loosing some updatable UserGate's list when upgrading from older versions.
  • Fixed unrealistically high peaks of traffic in Dashboard.
  • Improved application library dialogue.
  • Improved AV database for speed, accuracy and flexibility.
  • Improved clustering on slow links. Increased timeout for cluster initialization.
  • Improved compatibility with FreeIPA directory services.
  • Improved displaying status of active node in HA cluster.
  • Improved firewall performance.
  • Improved GeoIP module stability.
  • Improved installation procedure of proxy agent.
  • Improved IP lists processing. Added additional check procedure for uploaded addresses.
  • Improved license check. Increased timers used for license suspend.
  • Improved logging of administrator's actions on network interfaces.
  • Improved memory use by Log Analyzer when receiving huge bulk of data.
  • Improved processing of authenticated users in cluster when one node is rebooting.
  • Improved processing of authentication requests from Radius accounting and terminal users, eliminated excessive LDAP searches.
  • Improved processing of high volume radius accounting requests.
  • Improved publication rules processing. Rules apply in the following order: DNAT rules, reverse proxy rules, web portal rules.
  • Improved SCADA filtering in bridge L3 mode.
  • Improved some GUI input fields in port forwarding rules.
  • Improved stability of URL lists processing module.
  • Improved stability of VPN links on busy networks.
  • Improved version check during importing old version configuration.
  • Improved view of active node in VRRP cluster.
  • Improved working with dashboard settings. Settings are saved to administrator's profile.
  • Several firewall performance improvements.
  • Improved Log analyzer stability when receiving huge amount of data from nodes.
  • Improved system loading time on nodes in cluster.
  • Improved time for applying of L7 rules.

UserGate UTM 5.0.6R5 Release (build 5.0.6.3624R, 11/06/2019).

New in version:

  • Added event to event log about deleting URLF group.
  • Added ability to add blocked URLs from tracing rule to white list.
  • Added ability to apply saved configuration settings from old UTM version to new versions of UTM.
  • Added ability to authorize local users of terminal servers (no AD mode).
  • Added ability to create tabs in the dashboard.
  • Added ability to show request for white list on block page only for unknown category.
  • Added compatibility with SNMP tools Dude and Zabbix.
  • Added new types of license - unlimited users per device with ability to limit device performance.
  • Added new URL filtering categories - Online training and tools, Legal, Local Information.
  • Added numbers of new widget for Security Operation Center and Network Operation Center in Dashboard.
  • Added SCADA log.
  • Added Security operation center and Network operation center in the Dashboard.
  • Added sorting for URL lists in content filtering rules.
  • Added support for CAA DNS records.
  • SSL VPN renamed to Web portal.
  • Extended default disk's size for virtual appliance to 100Gb to avoid low disk space issues.
  • Improved in DHCP options, domain is not obligatory field any more.
  • Improved PBR in cluster.
  • Improved stability on high number of concurrent sessions.
  • Improved bridge deletion procedure if bridge has bypass enabled.
  • Improved connection to remote assistance service, no DNS is required.
  • Improved Geo IP database accuracy.
  • Improved management of DHCP reservations.
  • Improved memory management of web sockets processing.
  • Improved routes with auto interface behavior. When interface is deleted, route exists but disabled.
  • Improved rule move dialog, added search.
  • Improved SSL VPN logout dialog.
  • Improved SSL VPN portal page.
  • Minor improvements in configuration of Terminal server auth agent.
  • Fixed problem with entering urls in 10.x network in web-portal bookmarks
  • Fixed problem with LDAP auth configuration lost during update to the latest version.
  • Fixed problem with OSPF and BGP configuration lost during update to the latest version.
  • Fixed problem when some libraries elements cannot be shown.
  • Fixed problem with authenticated by NTLM user is set to known instead of specific.
  • Fixed problem with filtering by referrer.
  • Fixed problem with opening Logs and reports in IE browser.
  • Fixed problem with region selection in offline registration.
  • Fixed ARP table overflow problem which may happen in some cases.
  • Fixed error with enabling proxy S-mode.
  • Fixed error with enabling radmin from CLI on VLAN interfaces.
  • Fixed incorrect number of vCPU in the Dashboard.
  • Fixed memory leak in agent for terminal servers.
  • Fixed minor problems in ICAP client.
  • Fixed network subsystem which can deadlock in some cases.
  • Fixed problem when appliance lost VGA signal in some cases.
  • Fixed problem when scenario for traffic volume does not work.
  • Fixed problem with active scenario if it was deleted.
  • Fixed problem with deleting some routes when creating others.
  • Fixed problem with entering VPN key in Cyrillic.
  • Fixed problem with incorrect blockpage for explicit proxy users, if they try to open http://utm_ip:80.
  • Fixed problem with no DNS server are assigned to PPPoE interface.
  • Fixed problem with no notification for request to white list, if site has Unknown category.
  • Fixed problem with no record in webaccess log for blocking by URL, and when decrypting is off, and users are in transparent mode.
  • Fixed problem with opening reports created earlier.
  • Fixed problem with PBR rule doesn't work if no default gateway specified.
  • Fixed problem with PPPoE interface stopped working after reboot.
  • Fixed problem with report generation which has Cyrillic letters in name.
  • Fixed problem with SCADA processing on several ports.
  • Fixed problem with scenarios which has domain group in rule condition.
  • Fixed problem with sending notifications to SMTP servers with multiline response.
  • Fixed problem with SNAT for explicit proxy users.
  • Fixed problem with SSL VPN doesn't work if ICAP rule configured.
  • Fixed problem with static DNS records.
  • Fixed problem, when client received SSL VPN portal certificate if connected to servers published via reverse proxy.
  • Fixed several problems with SCADA protocol processing.

UserGate UTM 5.0.6R4 Release (build 5.0.6.3494R, 30/03/2019).

New in version:

  • Added ability to provide service name to PPPoE.
  • Added ability to drop user from Monitoring page.
  • Improved web interface for small-sized monitors.
  • Fixed problem with periodic network subsystem hangs in some cases.
  • Fixed problem with uploading kerberos keytab with AD with inactive or unreachable domain controllers.
  • Fixed problem with navigation on filtered logs.
  • Fixed problem with incorrect time counting for SSL VPN connections.
  • Fixed problem with incorrect IP mask assigned to a record of IP list after edit.
  • Fixed problem with ignoring of source IP address in VPN server rules.
  • Fixed problem with duping routes for VPN devices.
  • Fixed problem with blocking ftp over ftp traffic by IDPS.
  • Fixed problem with authentication users if 2 ore more LDAP domains configured.
  • Fixed problem with AD users are not shown in reports.
  • Fixed memory leak in network subsystem.
  • Fixed incorrect limit for virtual router ID.

UserGate UTM 5.0.6R3 Release (build 5.0.6.3466R, 12/03/2019).

New in version:

  • Added extended search capability for UTM logs.
  • Added ability for creating VLANs on bridge interfaces.
  • Added ability to block traffic by firewall rule with sending ICMP reject message.
  • Added ability to enable SSL VPN portal on the specific zones only.
  • Added ability to exclude computers from NTLM authentication.
  • Added ability to reset selected user's sessions in traffic monitoring page.
  • Added ability to search for content in URL lists in rules.
  • Added ability to set NTLM auth server in FQDN format.
  • Added ability to upload and use optional certificate's chain to all certificates.
  • Added PAP authentication method for PPPoE.
  • Added services for BGP/OSPF for zone access control.
  • Added support for IPSec VPN for Ubuntu OS.
  • Added support for sorting content of IP libraries by IP address.
  • Added support for transparent basic authentication to published resource if connected over SSL VPN.
  • Improved memory usage.
  • Improved display of service with more than 1 port.
  • Improved event description for LogAn server unavailable.
  • Improved IDPS performance.
  • Improved Kerberos authentication in domains with multiple AD controllers.
  • Improved logging, added administrative profile field when creating new administrator.
  • Improved OSPF routing in cluster.
  • Improved performance with high number of rules.
  • Improved security for XML-RPC API.
  • Improved SSL VPN to use assigned certificate if reverse proxy is also configured.
  • Improved system settings for better network performance.
  • SNMP dialog improved.
  • Fixed error 400 when publishing OWA over SSL VPN.
  • Fixed error when administrator tries to delete himself.
  • Fixed IDPS start in cluster.
  • Fixed incorrect event recorded to event log in case of unsuccessful VPN login.
  • Fixed minor errors with time range editing.
  • Fixed problem with static DNS records are not synced in cluster.
  • Fixed problem when gateway's MAC was not updated during cluster failover, if UTM does not have access to gateway from IPs of real interfaces.
  • Fixed problem when not all user's groups provided via Kerberos.
  • Fixed problem with user Unknown logged if administrator from domain group made configuration changes in UTM.
  • Fixed problem when UTM loses fragmented packets over VPN links.
  • Fixed problem with arp cache overflow in some cases.
  • Fixed problem with creation a bridge with duplicate name.
  • Fixed problem with disabling bypass mode on bridge while deleting it.
  • Fixed problem with displaying services with more than 4 ports.
  • Fixed problem with DNAT rule if destination IP is set and SNAT.
  • Fixed problem with DNS filtering applied for a specific user.
  • Fixed problem with firewall rules disappeared after import configuration.
  • Fixed problem with high CPU load caused captive portal pages.
  • Fixed problem with incorrect addressing for VPN (IKE) devices.
  • Fixed problem with incorrect applying filtering policy to a LDAP group, if 2 ore more LDAP domains configured.
  • Fixed problem with incorrect dhcp configuration for VPN clients.
  • Fixed problem with incorrect filtering policy applied for members of local groups.
  • Fixed problem with incorrect ports selected for bypass for UTM D appliance.
  • Fixed problem with Kerberos keytab upload in some cases.
  • Fixed problem with LDAP group cannot be used in filtering rules after update to 5.0.6R2.
  • Fixed problem with memory high usage if UTM connected to KATA over ICAP.
  • Fixed problem with memory leak if websockets are used.
  • Fixed problem with PBR rules in cluster.
  • Fixed problem with removing all VLANs in cluster, if all nodes are rebooted at the same time.
  • Fixed problem with removing VPN profiles after removing nodes from cluster.
  • Fixed problem with reporting vCPU load.
  • Fixed problem with shaper rule does not apply after reboot.
  • Fixed problem with some NIC are in bypass mode by default when power is off.
  • Fixed problem with syncing static DNS records to all cluster nodes.
  • Fixed problem with terminal server authorization agent, which does not send auth information in some cases.
  • Fixed problem with VPN client crashes sometime.
  • Fixed problem with adding temporary users to group during bulk user creation.
  • Fixed several incorrectly defined timezones.
  • Fixed sorting by port in services library.

UserGate UTM 5.0.6R2 Release (build 5.0.6.3395R, 01/02/2019).

Important! This update will change settings of your LDAP connector and kerberos keytab if updated on version 5.0.5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Update includes all changes made in version 5.0.6R1.
  • Added ability of transparent authentication to SSL VPN published servers via Kerberos.
  • Added ability of transparent authentication to SSL VPN published servers via NTLM.
  • Added ability to add LDAP users to rules in bulk.
  • Added ability to exclude IP addresses from use by Terminal server agent. Required to update Terminal server authorization agent.
  • Added additional configuration settings for SMMP notification profiles.
  • Added provider specific L2 modes.
  • Fixed problem with applying rules to users Known.
  • Fixed problem with reverse proxy published servers with redirects.
  • Fixed problem with sending reports, containing Cyrillic letters in message body.
  • Fixed problem with updating AdBlock module in cluster configuration.
  • Fixed users authentication in case there are 2 or more LDAP domains configured.

UserGate UTM 5.0.6R1 Release (build 5.0.6.3384R, 23/01/2019).

Important! This update will change settings of your LDAP connector and kerberos keytab if updated on version 5.0.5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Update includes all changes made in version 5.0.6R.
  • Added ability to log all packets directed to UserGate or over UTM in the firewall Default block rule.
  • Added block page for SSL VPN, if user does not have any bookmarks.
  • Added check for incorrect http headers.
  • Added Virtual CPU load in Dashboard and SNMP monitoring.
  • Improved configuration cluster stability.
  • Improved gateways display in policy based routing rules.
  • Improved search history log.
  • Improved some web-console dialogs.
  • Improved stability for systems with high number of VLAN interfaces.
  • Improved UserGate performance when ICAP client is configured in Redirect and ignore mode.
  • Improved UserGate performance with high number of content filtering rules.
  • Fixed big file upload with PATCH method over UserGate with ICAP server enabled.
  • Fixed incorrect behavior of content filtering rule with referrer.
  • Fixed problem of PPPoE interfaces lost after updating system.
  • Fixed problem when UserGate loses information about interface settings.
  • Fixed problem with default interface language setting dos not apply after logoff.
  • Fixed problem with inability to connect to VPN server in some cases.
  • Fixed problem with incorrect option Preview processing in ICAP client.
  • Fixed problem with Negate option in MIME types of content filtering rules.
  • Fixed problem with resetting TOTP key for user with Cyrillic letters.
  • Fixed problem with self registration of users via email or SMS, if Cyrillic letters are used in message body.
  • Fixed problem with UserGate crashed sometime.
  • Fixed with TOTP and QR code not shown on Captive portal page.

UserGate UTM 5.0.6 Release (build 5.0.6.3335R, 05.12.2018).

Important! This update will change settings of your LDAP connector and kerberos keytab if updated on version 5.0.5 or earlier. It is highly recommended to check these settings after update.

New in version:

  • Update includes all changes made in version 5.0.6RC-3.
  • Added ability to use MAC address in routing rules (PBR).
  • Added ability for a user to provide reason in request for white list.
  • Added ability to add bond interfaces to bridge.
  • Added ability to apply DoS protection for known or unknown users.
  • Added ability to clear users information cache via CLI command.
  • Added ability to narrow search in AD domain, when adding user or group to filtering rules.
  • Added ability to set URI for ICAP servers as icap://server:port/path
  • Added ability to use one TCP port for SSL VPN and reverse proxy service.
  • Added block page for SSL VPN users who are trying to access restricted bookmarks.
  • Added offline updates capability.
  • Added proxy configuration for fast mode and SYN mode.
  • Added support for log export formats - BSD syslog protocol (RFC - 3164), syslog protocol (RFC - 5424), CEF (ArcSight Common Event Format).
  • Added support for national domain names in DNS requests in Diagnostics and monitoring.
  • Added useragent for UserGate proxy client.
  • Changed Entensys to UserGate in all default certificates.
  • Changed default boot mode to UTM Core (serial console).
  • Improved error message if administrator is adding a user with e-mail address, which is already assigned to another user.
  • Improved remote assistance service.
  • Improved security update procedure.
  • Improved UserGate stability.
  • Removed All categories group from URLF groups.
  • Fixed error when HTTPS site is unavailable for user if authentication is required.
  • Fixed error with NTLM authentication after logout via logout.captive.
  • Fixed error with NTLM authentication and cookie method.
  • Fixed incorrect status of security update after installation.
  • Fixed kernel crash, which happens in some cases.
  • Fixed number of XSS vulnerabilities.
  • Fixed problem if username for ICAP server contains letters of national alphabets.
  • Fixed problem when shared key was lost when editing security profile.
  • Fixed problem when SSL VPN bookmark with direct domain cannot be opened if access was restricted for group of users.
  • Fixed problem when zone assigned to an interface via CLI command disappeared after reboot.
  • Fixed problem when zone is removed from the interface.
  • Fixed problem with accessing SSL VPN bookmarks with direct domain if SSL VPN portal uses specific port.
  • Fixed problem with blocking of DHCP requests over L2 bridge.
  • Fixed problem with expiration of static DNS records.
  • Fixed problem with failover over PPPOE connected gateway.
  • Fixed problem with NTLM authentication after user's authentication is expired.
  • Fixed problem with sending UDP packets of the same connection over different gateways in balancing mode.
  • Fixed problem with loosing routes in some cases.

UserGate UTM 5.0.6 Release candidate 3 (build 5.0.6.3290RC, 14.11.2018).

Important! This update will change settings of your LDAP connector and kerberos keytab. It is highly recommended to check these settings after update.

New in version:

  • Update includes all changes made in previous versions.
  • Added support RFC non-compliant proxy mode required for some bad designed applications.
  • Added ability to export all requests to white list.
  • Added ability to connect to resource VPN directly over SSL VPN.
  • Added ability to assign more than one IP address for high availability cluster.
  • Added ability to create routes with equal metric for balancing.
  • Added ability to enter username and password for FTP sites via FTP over HTTP.
  • Added ability to get user's group from custom field ERX-Service-Session for Radius accounting.
  • Added ability to provide specific updates only for selected clients.
  • Added ability to show history for week, month, year in dashboard.
  • Added additional consistency check for all updates before applying them.
  • Added bridge bypass mode for UserGate D, E, F network appliances.
  • Added DoS protection feature.
  • Added more details to SMTP notification for requests for white list.
  • Improved filtering of network packets with invalid TCP flags.
  • Improved some web-console dialogs.
  • Improved traceroute tool in diagnosing section.
  • Changed protocol for NTLM authentication from SMBv1 to SMBv2.
  • Fixed captive-portal template for Russian language.
  • Fixed error with incorrect event recorded to Event log for route deletion.
  • Fixed error with incorrect MAC address for high availability cluster in some cases.
  • Fixed firewall logging for clients with explicit proxy.
  • Fixed problem when SNAT doesn't work if UTM has more than one Internet connections.
  • Fixed problem when UTM shows speed 0 for some network interfaces.
  • Fixed problem with error when changing administrator's password.
  • Fixed problem with firewall rule with source address and explicit proxy.
  • Fixed problem with showing blocking page with long URL.
  • Fixed some reports which cannot be generated.

UserGate UTM 5.0.6 Release candidate 2 (build 5.0.6.3239RC, 10.14.2018).

Important! This update will change settings of your LDAP connector and kerberos keytab. It is highly recommended to check these settings after update.

New in version:

  • Update includes all changes made in version 5.0.6.3230RC.
  • Added VPN connection logging.
  • Added information about version of UserGate update installed to the event log.
  • Added ability to use IDS for mirrored traffic.
  • Improved IDS performance.
  • Improved license check for cluster.
  • Improved update revocation mechanism.
  • Fixed problem with assignment of more than 1 IP address to the HA cluster interface.
  • Fixed problem with Kerberos auth which is broken after auth TTL is expired.
  • Fixed HTTPS decryption problem if there are firewall rules allowing traffic only from specific IP and explicit proxy.
  • Fixed DNS filtering if UserGate is used as DNS server.
  • Fixed problem with filtering of FTP over HTTP.
  • Fixed problem with SSL certificates which can occur after upgrade.
  • Fixed incorrect display of list of users with Cyrillic letters in names.
  • Fixed problem with scenario which has virus detection as condition.
  • Fixed problem with applying HTTPS decryption for AD users.
  • Fixed error of bulk user import.

UserGate UTM 5.0.6 Release candidate (build 5.0.6.32303RC, 05.10.2018).

Important! This update will change settings of your LDAP connector and kerberos keytab. It is highly recommended to check these settings after update.

New in version:

  • Update includes all changes made in version 5.0.5.1.
  • Changed work with LDAP authentication servers. Optimized load, reduced excessive LDAP requests.
  • Added ability to filter web sites based on referrer value.
  • Added ability to use scenarios in content filtering rules.
  • Added Mirror type of interface.
  • Added net mapping rule to substitute network address in transit traffic.
  • Added new categories to UserGate URL filtering database:

    - Cryptocurrency Mining

    - Military

    - Reference and Research

    - Gay, Lesbian or Bisexual

    - Literature and Books

    - Nutrition and Diet

    - Pets and Animals.
  • Added ability to use virtual keyboard on Captive portal login page.
  • Added ability to add local users with Cyrillic logon names.
  • Added ability to choose LDAP domain on SSL VPN portal login page.
  • Added ability to copy MAC address from DHCP leases to DHCP reservations.
  • Added ability to use custom domain names in SMTP notification profile.
  • Added check for duplicates in import lists.
  • Added CLI command to show system logs.
  • Added column with IP addresses of auth servers in auth servers list.
  • Added compatibility for L2TP VPN on Windows XP.
  • Added status for LDAP connector.
  • Changed some web console elements.
  • Fixed problem with downloading of server statistics logs.
  • Fixed error in CLI command code-change-control.
  • Fixed incorrect log for user connect to VPN.
  • Fixed incorrect number of users' sessions in Network monitoring.
  • Fixed log message about exceeding limit of unsuccessful user authentication.
  • Fixed problem with creating a route with gateway 0.0.0.0.
  • Fixed problem with creating of network bridge.
  • Fixed problem with enabling/disabling several routes at once.
  • Fixed problem with identification user by IP+MAC.
  • Fixed problem with incorrect processing of Connection:close from web-servers when working with explicit proxy.
  • Fixed problem with no logs from IPS in log-only mode.
  • Fixed problem with NTLM auth with explicit proxy and non keep-alive connections.
  • Fixed problem with opening some sites with HTTP cache enabled.
  • Fixed problem with session reset during license check procedure.
  • Fixed problem with setting SMTP notification profile password in Cyrillic letters.
  • Fixed problem with uploading files to external resources if ICAP is enabled.
  • Fixed search by IP address in web access log and traffic log.
  • Fixed several Cannot connect to server errors.
  • Fixed sporadic kerberos user authentication loss.
  • Fixed problem with session reset during license check procedure.
  • Fixed sporadic memory leak.
  • Fixed sporadic UTM freeze.
  • Improved port mapping dialog.
  • Improved Reverse proxy rule configuration dialog.
  • Removed ability to use Cyrillic letters in VPN preshared key.

UserGate UTM 5.0.5.1 Release (build 5.0.5.2803R, 19.09.2018).

New in version:

  • Update includes all changes made in version 5.0.5.
  • Fixed problem with VPN connection from Android devices.
  • Fixed problem of switching cluster nodes when license is checking.
  • Fixed problem with interruption of youtube video when ICAP servers are enabled.
  • Fixed problem with reqmod mode for ICAP servers.
  • Fixed potential problem of blocking Captive portal traffic by firewall rule.
  • Fixed mistake in Captive portal processing rules excluding auth for specific URL lists.

UserGate UTM 5.0.5 Release (build 5.0.5.2792R, 29.08.2018)

New in version:

  • Added ability to export logs to csv-files
  • Added Log analyzer service to the list of zone's services
  • Added ability to make fully routable Site-to-Site VPN connections
  • Added ability to use several IP addresses at terminal server to support more users for authentication agent. Require to update Auth agent for termial servers
  • Added additional allowed characters to SNMP community string
  • Added extended logging for SSL VPN connections to RDP and SSH
  • Added paging and filtering for generated reports page
  • Added premium support option to license
  • Added support for non-anonymous ftp over http connections
  • Added support for PPPoE interface type
  • Added VPN events to event log
  • Fixed error with ftp over http and decrypting SSL
  • Fixed apt-get update problem via UTM
  • Fixed base64 encoding for ICAP server
  • Fixed content filtering rules to work correctly for user groups
  • Fixed error when firewall rule is not applied if user log out and then log in
  • Fixed error when web access log does not show blocked MIME types
  • Fixed error with failed login of Administrator user if 2 or more AD domains configured
  • Fixed excessive CAPTCHA request for multifactor authentication
  • Fixed incorrect display of firewall route action in traffic log
  • Fixed incorrect duration shown for SSL VPN connected users
  • Fixed incorrect IDPS rule processing for modified rules
  • Fixed incorrect URLF categories for sites containing question mark
  • Fixed problem when SNMP service cannot start if its TCP port is busy
  • Fixed problem when custom domains for ftpclient.captive is not working
  • Fixed problem with creating cluster with several virtual IP
  • Fixed problem with firewall rules applied for specific time ranges
  • Fixed problem with heuristic module start if it has broken bases
  • Fixed problem with high CPU load caused by teamviewer
  • Fixed problem with low ftp over http download speed and high CPU usage
  • Fixed problem with renewing SSL certificates for sites, which has certificate expired and then renewed
  • Fixed problem with restoring UTM from backup
  • Fixed problem with showing users GUID instead of usernames in VPN and SSL VPN monitoring
  • Fixed problem with SNMP does not provide all information to queries
  • Fixed problem with SNMP server cannot start
  • Improved Active directory and Free IPA connectors
  • Improved captive portal to remove leading/following spaces from user name
  • Improved error dialog for login attempt with incorrect username or password
  • Improved http performance
  • Improved log analyzer to support processors without SSE 4.2 instruction set
  • Minor improvements in offline activation

UserGate UTM 5.0.4 Release (build 5.0.4.2343R, 04.07.2018)

New in version:

  • Added support for VPN and SSL VPN
  • Developed numbers of web, traffic and system reports
  • Added support for SCADA protocols
  • Added support for SOAR (Security Orchestration, Automation and Response) in security policies
  • Added support for routing protocols OSPF and BGP
  • Added support for Active-Active high-availability clustering
  • Added support for multi-factor authentication based on TOTP, SMS, email
  • Added support for publishing HTTP/S resources via reverse-proxy
  • Added support for new authentication methods - NTLM, FreeIPA, TACACS+, SAML IDP
  • Added support for network interfaces of types LACP (link aggregation control protocol), bridge
  • Added support for FTP over HTTP
  • Developed new proxy agent for Windows for applications without native proxy support
  • Added support for custom program code injection to web pages
  • Added support for role-based UserGate management
  • Added ability to perform traffic balancing
  • Revised and improved IDPS
  • Added ability to filter traffic sent to ICAP servers, added support for ICAP servers farm
  • Improved general performance.

UserGate UTM 5.0.3 Release Candidate (build 5.0.3.1279RC, 03.04.2018)

Not for production environment.

New in version:

  • Added SSL VPN functionality (beta)
  • Added support for power supply status change to web-console and notification
  • Added support for Radius accounting for user identification
  • Added support for RAID status change to web-console and notification
  • New L7 processing engine
  • Fixed minor BGP bugs
  • Fixed minor bugs with ftp over http
  • Fixed minor VPN bugs
  • Fixed problem with endless backup operation
  • Fixed problem with policy for Domain Users group
  • Fixed problem with STARTTLS decryption for SMTP traffic
  • Fixed SNAT problem if different source and destination ports used
  • Fixed SSL decryption errors for some web-sites
  • Improved certificates behavior for *.captive
  • Improved DoS protection
  • Improved scenarios (SOAR)
  • Fixed numerous small mistakes

UserGate UTM 5.0.2 Beta (build 5.0.2.705B, 07.02.2018)

Beta version UserGate UTM 5.0.2 Not for production environment.

New in version:

  • Built on new UG OS platform
  • Improved Reverse proxy logic
  • Added new reports
  • Added ability to use preview option for ICAP servers
  • Added ability to code to base64 data for ICAP servers
  • Added support for HA cluster in active-active mode
  • Added new conditions to scenarios
  • Added support for web-sockets
  • Introduced proxy agent for Windows
  • Changed network adapter type for ovf image
  • Improved SMTP proxy
  • Improved VPN
  • Fixed rules processing for groups of users
  • Fixed numerous small mistakes

UserGate UTM 5.0.2 Beta (build 5.0.2.152B, 13.12.2017)

Beta version UserGate UTM 5.0.2 Not for production environment.

New in version:

  • Added ability to search for content in libriries lists
  • Added ability to authorize reverse proxy users by certificates
  • Added additional fields to reverse proxy rules
  • Improved some web console views
  • Improved HA cluster management
  • Improved performance of appliance components
  • Updated driver for 10-Gbit network card
  • Improved linux kernel
  • Improved DNS transport
  • Fixed some scenarios errors
  • Fixed L7 crash
  • Fixed problem with logging limit in firewall rules

UserGate UTM 5.0.1 Alpha (build 5.0.1289A, 16.11.2017)

Alpha version UserGate UTM 5.0. Not for production environment.

New in version:

  • Added ability to join several network ports into one logical port (link aggregation/bonding)
  • Added ability to create network bridge
  • Added L2TP VPN server. Standard clients from most popular OS are supported
  • Added ability to create high-availability cluster for up to 4 nodes without external balancer.
  • Added support for OSPF and BGP dynamic routing protocols
  • Added TPROXY mode for proxy server
  • Added support for ftp over http
  • Added support for reverse proxy. Secure resource publishing with HTTPS support and load balancing for publishing servers
  • Added support for port mapping
  • Added support for granular access control for administrative access to the UTM console
  • Added support for LDAP users and groups to be added as UTM administrators
  • Added support for 2 factors authentication (2FA)
  • Added NTLM as user authentication method
  • Added ability to authenticate users in transparent mode (no explicit proxy) with Kerberos protocol
  • Redesigned support for ICAP protocol. Added support for sending selected traffic only the ICAP servers
  • Added support for sending traffic to the ICAP servers farm (ICAP balancing)
  • Added ability to send mail traffic to ICAP servers
  • Added support for filtering SCADA protocols
  • Redesigned IDPS rules. Added ability to create custom IDPS profiles
  • Added new HTTPS decryption options, such as blocking of incorrect, revoked, self signed certificates
  • Added ability to negate any condition in rules
  • Added ability to block selected HTTP methods (POST, GET,...) in content filtering rules
  • Added ability to filter traffic based on UserAgent
  • Added ability to use outgoing zone in content filtering rules
  • Added ability to make exclusions to ad block filtering
  • Added ability to inject custom code to web pages
  • Added additional monitoring capabilities
  • Added more diagnosis tools, such as tcpdump, ping, traceroute, tracing content filtering rules
  • Added new time range types
  • Redesigned WEB UI
  • Redesigned statistics and reports module. More information added to the web access log
  • Improved application detection performance