Bug: The issue causing the allowed traffic records to be displayed in Block reports was resolved, improving visibility and user experience.Bug: The issue preventing the Block Notification page from being displayed correctly due to incorrect flow direction and local/remote addresses is resolved.Improvement: Enhanced engine to parse DNS requests/responses over TCP, improving analysis for more accurate insights.Improvement: Improved TLS landing page with added Subject Alternative Name (SAN) information to the certificate in the engine.Improvement: Netmap emulated mode performance has been improved on Linux-based systems.New Feature: Internal CA certificates are now supported, enhancing security in packet inspection.New Feature: Improved threat detection and data exfiltration prevention capabilities by identifying tunnels over the DNS protocol.New Feature: Community ID Flow hashing is now supported, enabling integration and collaboration between other network security tools.Users can now define a policy to restrict Untrusted devices from accessing the network. Detected devices can be categorized as Trusted and Untrusted. New Feature: The device access control feature is now available for paid Editions.Devices are automatically detected and device details, such as hardware vendor, operating system, device name, hostname, IP address, MAC address, and device category, are provided. New Feature: The device identification feature is now available for enhanced network visibility and management.This is a major software release including new features, improvements and bug fixes. This includes release notes and detailed version information. This section contains information about past and present release of Zenarmor. After typing the new security zone name, such as vpn, click Add button.Zenarmor Software Updates - Release Notes To add a custom security zone tag, click the Custom button in the Set Security Zone drop-down menu. You may set a custom security zone name or select one of the options available, such as DMZ, LAN, guest, wifi, or wan. To do so, click on an interface and use the right or left arrow buttons to move it to the protected/unprotected interfaces combo box.įor detailed information on “Deployment Modes”, see here.Ĭlick the Set Security Zone drop-down menu to assign a tag for the interface. Select the Ethernet Interface(s) to protect. You may disable this setting depending on your requirements by clicking on the Do not pin engine packet processors to dedicated CPU cores option. Because if the process wanders between CPU processors, CPU cache misses occur, which has a negative impact on performance. By default, Zenarmor is pinned to a dedicated core in order to prevent CPU context-switching overhead. Zenarmor has a setting to make CPU pinning optional, giving you more flexibility in how you configure your system for optimal performance. Since the Hardware Offloading feature is incompatible with Netmap. You may find detailed information in the “Deployment Modes Guide”, see here.īefore selecting Netmap driver deployment options, make sure that the hardware offloadings are disabled on your node. By default, the Routed mode with emulated netmap driver option is selected on OPNsense. Select the deployment mode depending on your topology and requirements. You may follow the instructions for Zenarmor deployment mode and interface selection: 3- Deployment Mode & Interface Selection ¶
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |