We are excited to announce the release of NethSecurity 8.0 final.
This is a special day because 8.0 is the first stable release of the NethSecurity project. 
What’s NethSecurity?
NethSecurity is a fully-featured Open Source Linux firewall that streamlines network security deployment in just a few clicks. (spin-off of the NethServer project)
It combines multiple security features into a single platform including firewalling, intrusion detection/prevention, antivirus, multi-WAN, DNS and content filtering, and more.
Download and use it! 
Key Highlights 
New Dashboard
Interfaces and devices
Aliases
MultiWAN
New DPI filter
Apply changes
DNS and DHCP and left menu
Threat Shield Panel
It keeps you safe by blocking attacks from known malicious IP addresses. These addresses are compiled into blocklists, each with a clear name that tells you its purpose and who maintains it. The confidence score is a value from 1 to 10 that indicates the quality of the list.
Modernized Login Experience
Enjoy a redesigned login screen
Certificate and Reverse Proxy Management
Navigate a dedicated page for easy management of certificates and reverse proxy settings. The import process for both configurations has been significantly improved. Now, you can also use DNS verification to request Let’s Encrypt certificates, supporting wildcard certificates.
Firewall Rules Configuration
Added a new page for configuring firewall rules, offering enhanced control. Users are encouraged to use this page for compatibility and optimal performance.
Quality of Service (QoS) Configuration
Tailor your network traffic management with a newly introduced QoS configuration page, ensuring a seamless online experience.
IPsec tunnels
OpenVPN tunnels
Factory reset
Updates
Backup, restore and migration
Hotspot
New NethSecurity Controller
The NethSecurity Controller is an application for NethServer 8 (NS8) that allows remote control of multiple NethSecurity installations, called units.
It provides centralized management, secure communication, easy configuration, monitoring and logging, metrics visualization, and web-based SSH access.
Web-based SSH client through controller
SSH access to the unit is possible through a web-based SSH client. Users can connect using a username and password or an SSH key pair. All operations performed on the controller are logged to the NS8 log.
What’s next
While NethSecurity 8.0 covers all main use cases, it has not yet reached full feature parity with version 7. Key features that are still missing and require significant effort include Firewall Objects, Reporting, and IPS integration. We are actively working on these and more.
We plan to release a major update in the coming months, which could include:
- Firewall Objects
- Reporting
- Conntrack UI
- Admin User Management from the UI
It’s important to note that this roadmap is still in its early stages and may evolve based on the feedback collected over the coming months. Your input is invaluable in shaping the direction of NethSecurity, and we appreciate your continued support and engagement.
We are committed to continuous improvement and appreciate your patience as we work to deliver these critical features.
Download and use it!
We need your feedback
Your feedback is still very important to further refine NethSecurity for the next releases.
Join us in shaping the future of IT security.
Please open a new topic in the NethSecurity category
Add tags like feature bug support
New Features and Improvements since RC2
- Routes: IPsec rules are now non-editable, ensuring configuration stability.
- IPsec: Added a validator for remote and local networks to prevent misconfigurations.
- Autoreload VPN Pages: VPN pages now automatically reload for real-time updates.
- DHCP: Introduced a network scanning feature to simplify network management.
- IPsec: Improved handling of multiple networks within a single tunnel, enhancing flexibility.
- DHCP: The force option for DHCP is now available in the UI for better control.
- Threat Shield: Enterprise list is now removed upon subscription removal for better resource management.
- DPI: Premium signatures are removed upon unregistering, keeping the system clean.
- Subscription: Enhanced the unregister modal for a smoother user experience.
- Inventory: Basic usage statistics collection to help improve future versions.
- IPsec: Better exposure of the PFS option for advanced configurations.
- Dashboard: Added a notification for new available versions to keep your system updated.
- Firewall Rules: Improved overall page readability for easier rule management.
- Zones and Policies: Enhanced the drawer for the WAN zone for better navigation.
- Dashboard: Display a warning if DNS is not configured, ensuring network functionality.
- NAT Helpers: All NAT helpers are included in the image but disabled by default, offering more options without cluttering the interface.
Bug Fixes
- FlashStart: Resolved DNS resolution failures after disabling the service.
- FlashStart: Fixed initial configuration issues.
- Let’s Encrypt: Certificates are now properly created.
- FlashStart: Corrected ineffective redirect rules.
- Firewall: Fixed issues with ipset not updating after removing an address.
- Migration: Host groups now import correctly into firewall rules.
- Firewall Rules: Custom IP addresses can now be inserted.
- Threat Shield: Immediate application of changes to the allowlist.
- Migration: IPsec tunnel editing issues resolved.
- OpenVPN Road Warrior: Users can now be re-created from the LDAP database.
- OpenVPN RW: Resolved issues with hosts being unreachable in bridged configurations.
- MultiWAN: Track IP is now updated correctly.
- Reverse Proxy: Allow IP list is no longer mandatory.
- Controller: Units can now connect even if the UI is disabled on port 443.
- Subscription: Community subscription registration issues resolved.
- Install from USB: Fixed bad partition table issue.
- Migration: PPPoE interface start issues resolved.
- Threat Shield: Fixed empty subscription feed issue.
- Auto Updates: Cron job now starts during the night as expected.
- Threat Shield: Can now be started from the UI.
- Migration: Threat shield IP migration issues resolved.
- EFI: Free space can now be used as extra storage.
- Zone: Enforced lowercase creation for zones.
- OpenVPN Road Warrior: Resolved VPN disconnection issues after one hour with OTP authentication.
- NAT Helpers: Active FTP sessions now transfer files correctly.
Detailed changelog can be found here.
Why NethSecurity?
With the release of NethServer 8 we abandoned the UTM firewall module included in version 7. Still, we wanted to continue helping those who used NethServer as a firewall gateway in their network. So we decided to create a new Linux open-source project that is highly focused on the firewall, and NethSecurity was born, which is basically a NethServer spinoff with a completely new technological stack.
