NethSecurity 8.5 Updates: Enhanced Firewall Features & Security Fixes 🛡️🔒

Announcements Release Notes
,
1

NethSecurity Update Summary :rocket::shield:

Hello NethSecurity Community!

We’re excited to share the latest updates with you! Over the past two weeks, our team has been hard at work to enhance your experience with NethSecurity. Below are some of the most important features and bug fixes we’ve rolled out.

New Features

Sudo Mode :crown:

A new “sudo mode” has been introduced! This feature enhances security by requiring users to re-enter their password for sensitive actions, such as configuring two-factor authentication (2FA) and managing SSH keys. This additional security layer remains active for 5 minutes after your last authentication.

Custom DHCP Options

Our DHCP server now supports custom options, enabling administrators to set advanced configurations directly through the interface. This feature improves flexibility for more complex network setups.

GRE Protocol Support for Port Forwarding

We’ve added support for the GRE protocol in the port forwarding UI. This enhancement expands your network configuration options alongside existing protocols like TCP and UDP.

Static Leases Table Improvements

  • Sorting Arrows: The Static Leases table now includes clickable arrows for column sorting, making it easier to organize your data.
  • Column Position Adjustment: The “Reservation Name” field has been moved to the last column for improved readability.

Alerts For non-Encrypted Backups

In the near future, the Nethesis remote servers (my.nethesis.it and my.nethserver.com) will prevent the upload of not encrypted backups.
If the machine has a valid subscription, and the backup is not encrypted, the system will raise an alert: backup:config:notencypted.
More info are available inside the doc.

Bug Fixes

  • OpenVPN Client Import: Resolved an issue where importing OpenVPN client configuration files from NethSecurity 8.x into 7.x displayed incorrect Remote IP information. This fix ensures proper compatibility across versions.

  • IPSec Connection Reliability: IPSec connections will now continue retrying indefinitely if the remote peer is unresponsive, enhancing connectivity in unstable network conditions.

  • WAN Monitoring Display: Fixed incorrect IP display on the WAN monitoring page, ensuring all public IPs are shown accurately for multiple WAN configurations.

  • Snort Rule Management: Disabled Snort rules now take effect immediately without needing a manual download or restart, stopping alerts as intended.

  • Certificate Deletion Safeguards: Users will now receive a warning when attempting to delete certificates that are actively in use, ensuring configuration integrity.

  • Backup Alarms: We’ve improved the backup system to send alarms to my.nethesis.it if a passphrase is missing.

We hope these updates enhance your experience with NethSecurity. Thank you for your continued support and feedback! As always, feel free to reach out with any questions or suggestions.

Happy Networking! :globe_with_meridians:

5 Likes