Changes in UserGate 7

UserGate 7.1.0 (Release Candidat build 7.1.0.1605RC, 16/11/2023).

Сhanges in new version:

  • [UGDNS-4674 ] Added logging of SMTP(S) traffic.
  • [UGDNS-9695 ] Improved search for rules using ipSource, ipDest and user filters.
  • [UGDNS-10672] WAF (Web Application Firewall) functionality has been implemented.
  • [UGDNS-12355] Added restriction of sessions from one IP address.
  • [UGDNS-13043] Added a mechanism to disconnect managed devices from the MC.
  • [UGDNS-13347] Added a timer to automatically close the admin session.
  • [UGDNS-13769] Added the ability to write custom signatures and L7 applications using UASL (UserGate Application and Security Language).
  • [UGDNS-14725] Added the ability to create L2 and L3 bridges simultaneously.
  • [UGDNS-14987] Added the ability to select the required elliptic curve algorithms in SSL inspection profiles.
  • [UGDNS-15167] Added the ability to configure work with an LDAP connector on a non-standard port.
  • [UGDNS-15517] Added UserID functionality for transparent authentication using Active Directory and Syslog logs.
  • [UGDNS-15397] Added dark interface theme.
  • [UGDNS-15960] Added compliance-based access control for end devices with installed UserGate Client software to the network.
  • [UGDNS-16093] Added OSPF monitoring to the web console.
  • [UGDNS-16687] Added an Alias field in the interface properties for working with SNMP.
  • [UGDNS-16918] Added DNS query logging when DNS filtering is enabled.
  • [UGDNS-16931] Improved processing of DNS queries by the IDS module.
  • [UGDNS-17072] Added the ability to control the fastpath module via the CLI.
  • [UGDNS-17216] Added the ability to monitor access to DNS servers via API.
  • [UGDNS-17475] Added the ability to allow individual application traffic.
  • [UGDNS-17591] Added the ability to specify the VPN server address in FQDN and CIDR format.
  • [UGDNS-17881] Added support for SHA-2 family hashing algorithms for SNMP manager authentication.
  • [UGDNS-18093] Added the ability to add sections to favorites and display only these sections in the web interface.
  • [UGDNS-18146] Added the ability to receive Unix system events via TCP and UDP protocols simultaneously.
  • [UGDNS-18253] Added support for client certificate authentication on the Captive portal, web portal, for accessing resources published through a reverse proxy, logging into the web console, and connecting via VPN.
  • [UGDNS-18587] Added VPN Split tunneling feature for UserGate Client end devices.
  • [UGDNS-18775] Enhanced CLI and PMC CLI functionality.
  • [UGDNS-19427] Added the ability to use Unicode characters to specify names and descriptions of rules and objects.
  • [UGDNS-20340] Added logging of emergency conditions of the PAC system in the PMC CLI.
  • [UGDNS-20396] Added support for the IKEv2 protocol with the ability to authenticate using certificates or login/password (EAP-MSCHAP v2).
  • [UGDNS-20484] Added a URL category for blocking resources with neural networks.
  • [UGDNS-20671] Added the ability to run packet capture in the CLI without creating a rule.

UserGate 7.0.1 (hotfix build 7.0.1.1007R, 23/09/2023).

Сhanges in new version:

  • [UGDNS-18036] Fixed error filtering events log entries by user.
  • [UGDNS-19288] Fixed a bug in the CLI that occurred when trying to change the ip address during active ssh sessions.
  • [UGDNS-20298] Improved clock accuracy for the C150 HWA.
  • [UGDNS-20700] Fixed a bug that occurred when importing a configuration using geoip.
  • [UGDNS-20782] Fixed problems with video content loading when SSL inspection is enabled.
  • [UGDNS-20793] Fixed an error in determining the default gateway when rebooting or switching a cluster.
  • [UGDNS-20939] Improved system stability when SSL inspection and IDS are enabled simultaneously.

UserGate 7.0.1 (hotfix build 7.0.1.989R, 31/08/2023).

Сhanges in new version:

  • [UGDNS-17874] Fixed a problem where operations with groups for a local user already authorized by IP address lead to violation of authorization.
  • [UGDNS-18599] Fixed the forming of traffic on the upstream device when creating several VRFs and routing between them.
  • [UGDNS-19074] Fixed HSC front panel functionality.
  • [UGDNS-19148] Fixed problem with loss of interface settings changes after reboot. 
  • [UGDNS-19199] Fixed configuration with Cloud-init.  
  • [UGDNS-19312] Fixed a bug where accessing updated URL lists using the https protocol results in the "BADCERT_NOT_TRUSTED" message.  
  • [UGDNS-19326] Fixed problems with video content loading when SSL inspection is enabled.
  • [UGDNS-19950] Fixed a bug that occurred when editing the "neighbor" BGP in VRF in the not default Event Log.
  • [UGDNS-20275] Fixed C150 HSC crash that occurred after update.
  • [UGDNS-20315] Fixed the deleting of network zone access control and firewall rules from database.
  • [UGDNS-20376] Fixed incorrect import of SNMP configuration from version 6, which causes the error "Error connecting to the server".
  • [UGDNS-20486] Fixed OSPF metrics update when OSPF enabled on Active-Passive HA cluster slave node. 
  • [UGDNS-20579] Improved system stability for C100 platform.
  • [UGDNS-20599] Fixed problem with authentication by certificate on reverse proxy if user is specified in the rule.
  • [UGDNS-20709] Fixed errors that occurred when re-requesting synchronization from NGFW if the configuration generation on the MC takes a long time. 

UserGate 7.0.1 (hotfix build 7.0.1.949R, 02/08/2023).

Сhanges in new version:

  • [UGDNS-18114] Fixed a bug with "blinking" interfaces when working with bond. 
  • [UGDNS-19040] Fixed TCP socket leak causing memory leak.
  • [UGDNS-19367] Fixed the "ICAP is Down" error that occurrs if ICAP server response sent in multiple packets. 
  • [UGDNS-19911] Fixed VPN disconnect issues caused by incorrect VPN client responses to DPD packets. 
  • [UGDNS-19916] Changed the order of selecting the synchronization interface in the failover cluster. The interface marked "Cluster" in the failover cluster properties now takes precedence.
  • [UGDNS-20248] Fixed the problem that caused the C150 device to become inoperable after restoring a backup made earlier by regular means.

UserGate 7.0.1 (hotfix build 7.0.1.905R, 05/07/2023).

Сhanges in new version:

  • [UGDNS-16989] Fixed problem with processing some specific requests over reverse proxy.
  • [UGDNS-18553] Fixed the behavior of SSL inspection rules with Decrypt and forward action.
  • [UGDNS-18663] Fixed incorrect working of ICAP in load balancing mode.
  • [UGDNS-18726] Fixed incorrect operation of the mechanism for transferring Url lists from the Management Center.
  • [UGDNS-18992] Fixed non-optimal distribution of interrupts between interfaces under high load.
  • [UGDNS-19180] Added support for L2 HA cluster.
  • [UGDNS-19265] Fixed an issue where the system might crash on boot on VMWare platform.
  • [UGDNS-19276] Fixed multiple errors in configuration import via API.
  • [UGDNS-19367] Fixed the ICAP is Down error that occurrs if ICAP server response sent in multiple packets.

UserGate 7.0.1 Release (build 7.0.1.826R, 27/04/2023).

Сhanges in new version:

  • Absolutely new version of UGOS. Lightweight and specially designed for high loaded purposes.
  • Added support for new UserGate appliances based on new CPU architectures - UserGate C150, X10.
  • New high performance IDPS engine which allows to create a custom signatures (in future versions).
  • Added cloud-init support.
  • Added ability to use Terraform in cloud init for deploying in VMware vSphere.
  • Introduced UserGate Policy Language (UPL) which is used for defining of security policies from CLI.
  • Absolutely new CLI, which allows to manage every settings of device from a CLI.
  • Added new CLI commands for diagnosis and troubleshooting.
  • Added CLI commands for ARP table managing.
  • Added hit counters for firewall rules.
  • Added ability to dump ingress and egress network traffic.
  • Added ability to send decrypted TLS traffic to external systems (SSL tap).
  • Added ability to save traffic for triggered IDPS events.
  • Added ability to scan encrypted TLS traffic by IDPS engine.
  • Added ability for inspecting of tunnels - GRE, GTP-U and IPSec with no encryption.
  • Added ability to show blocking page over https.
  • Added additional validation checks for software updates and security update.
  • Added ability to create system backup (snapshot) online.
  • Added ability to roll back software updates.
  • Added support for a nested groups of IP addresses.
  • Added support for a nested groups of services.
  • Added partial support for VMWare tools.
  • Added support for QEMU Guest Agent.
  • Added ability to monitor disk I/O utilization via SNMP.
  • New licensing platform.
  • Added support for RestAPI.
  • Added support for LLDP protocol.
  • Improved stability with handling of large number of vlans.
  • Improved security by enabling IOMMU.

UserGate 7.0.0 Release Candidate (build 7.0.0.735RC, 01/09/2022).

Сhanges in new version:

  • Absolutely new version of UGOS. Lightweight and specially designed for high loaded purposes.
  • Added support for new UserGate appliances based on ARM CPU - UserGate C150, X10.
  • New high performance IDPS engine which allows to create a custom signatures (in future versions).
  • Added cloud-init support.
  • Introduced UserGate Policy Language (UPL) which is used for defining of security policies from CLI.
  • Absolutely new CLI, which allows to manage every settings of device from a CLI.
  • Added new CLI commands for diagnosis and troubleshooting.
  • Added hit counters for firewall rules.
  • Added ability to dump ingress and egress network traffic.
  • Added ability to send decrypted TLS traffic to external systems (SSL tap).
  • Added ability to save traffic for triggered IDPS events.
  • Added ability to scan encrypted TLS traffic by IDPS engine.
  • Added ability for inspecting of tunnels - GRE, GTP-U and IPSec with no encryption.
  • Added ability to show blocking page over https.
  • Added additional validation checks for software updates and security update.
  • Added ability to create system backup (snapshot) online.
  • Added ability to roll back software updates.
  • Added support for a nested groups of IP addresses.
  • Added support for a nested groups of services.
  • Added partial support for VMWare tools.
  • New licensing platform.
  • Added support for RestAPI.
  • Added support for LLDP protocol.
  • Improved stability with handling of large number of vlans.
  • Improved security by enabling IOMMU.