13.1.0 Changelog

From Edge Threat Management Wiki - Arista
Revision as of 18:30, 22 August 2017 by Dmorris (talk | contribs)
Jump to navigationJump to search

Overview

13.1 is a major new release. It contains a new app, improvements to some apps, and general usability improvements.

Usability

v13.0 brough us a whole new UI. Since then we've had months of great feedback from users and found many usability issues. v13.1 has lots of quality-of-life usability improvements. There are also many performance improvements to make the UI faster and more responsive.

Now all user interaction (quarantines, reports, etc) use the new architecture. The old administrator interface has been removed.

Tunnel VPN

Tunnel VPN is a new application that allows your Untangle server to connect to remote VPN providers and leverage that tunnel for internet connectivity. This is useful for many scenarios:

  • SD-WAN applications where you wish to connect to a cloud security service.
  • Easily manage many small locations by redirecting all traffic through a central location.
  • Privacy or circumventing Geographical limitations

Some examples:

  1. Configure an Untangle at a small branch office to connect to your main site and send all internet traffic through the main site (for security, control, and reporting).
  2. Configure some traffic (public guest wifi) to be sent to a cloud security provider for special handling
  3. Configure traffic to use a Tunnel VPN privacy for certain privacy concerns, like visiting certain websites or using certain applications like bittorrent.

There is a configuration wizard to configure tunnel to many providers like another Untangle server, ExpressVPN, NordVPN, etc. There is also generic options which support mostly commonly available OpenVPN-based providers.

While many routers provide the ability to use VPN tunnel for internet connectivity, Tunnel VPN provides some unique ways determine what traffic uses the tunnel. A ruleset determines which traffic is sent through the tunnel which can be crafted to send all traffic or any given interface, host, subnet, port, etc.

Additionally, Tunnel VPN rules can leverage tags on hosts to determine which traffic uses the Tunnel. This allows for advanced dynamic scenarios based on tag usage. For example, if a user visits a certain website or uses a certain protocol, like bitorrent, the host can be tagged and automatically switched to using the Tunnel VPN. Once the application usage stops the tag will expire and the host will automatically switch back to regular routing.

This provides a hands-off way for Tunnel VPN to dynamically react and route traffic through Tunnel VPNs based on any taggable event or activity.

Captive Portal

Captive Portal now has the ability to authenticate users via google, facebook, or office365 accounts.

In this mode, the user will be redirected to the appropriate login (google, facebook, office365) and will authenticate directly with those servicse. This allows organizations using these services to easily authenticate and identify users without having to maintain separate directories for Captive Portal.

It also allows those offering public wifi services a way to easily identify and track users.

Application Control

Improved detection and over 350 new applications added including AIRBNB, FACETIME, SLACK and also many new adult-related applications like PORNHUB, YOUPORN, 4CHAN, etc.

Other Changes

  • Input Filter Rules have been renamed "Access Rules" (to avoid confusion with Forward Filter rules)
  • Forward Filter Rules have been rename "Filter Rules"
  • Security improvements
  • New "Month to Date" and "Week to Date" report template timeframes
  • Add "Client Tagged" and "Server Tagged" conditions to iptables-based rules
  • Change the sorting in Reports
  • AdminLoginEvent is now logged normally and can trigger alerts
  • Improvements to IPsec with dynamic IPs and status display