Welcome to the Public Beta for our next major release! For the best experience with this program, you should read this post in its entirety; it will answer many questions and provide the information you require to successfully participate.
Before we get started, we need to have a Morpheus matrix-type talk. We provide public betas early before they are ready for production use. If you choose the red pill, you get to download and try out our awesome new features and ideas. You can share your results with us, and have a hand in shaping the final release. However, the Beta has areas which are not finished or fully tested. Some things will be added, some will be changed, and some may be removed entirely. You should not use this Beta as an indication of final quality, stability, or use it a promise of capability. Bugs will be found (and fixed) throughout the coming months. You should expect crashes and problems. While we love real-world results, using this in a production environment that requires stability is a bad idea, especially since the Beta is not supported in any way by our support team - all help and questions are handled in this forum only! If this is a problem, you should take the blue pill and stay in wonderland. [:)]
With that said, let’s begin. The product has undergone various naming and branding changes as a result of Astaro being acquired by Sophos last year. While we’ll list everything in the release notes, for now the most prominent change is the change from Astaro Security Gateway to Sophos UTM. As such, this is the official public beta of ‘Sophos UTM 9’, and I am excited to show you what we have been hard at work creating.
Full release notes, the manual, and all associated documentation/materials will not be ready until GA release (currently scheduled for June 2012). Keep reading for initial feature information, download links, and license keys.
Enjoy, share your results, and have fun.
[SIZE=2]Download Information[/SIZE]
**Please always refer to the separate sticky "Download Information" thread for the most current download links for the Beta.**
The UTM 9 Beta begins at version 8.900 for appliances, hardware, and virtual machines. Download and install the image using CD or an Astaro Smart Installer, then either configure from scratch or restore an ASG V8 backup. This will not be a way to begin using the Beta via Up2Date. Once you have installed a Beta release, you can Up2Date to new Betas, then eventually the GA version.
We have new time-limited licenses available for use where all features are enabled, and these keys will completely expire in at the end of this Beta. They are attached (and updated if necessary) in this posting below.
[SIZE=3]Sophos UTM 9 Feature Overview[/SIZE]
Major New Features
- Endpoint Protection
- Wireless Captive Portals
- HTML5 VPN Portal
- Sophos Anti-Virus Engine
- New WebAdmin GUI Look
Minor New Features
- Apple iOS Support for WebAdmin
- YouTube for Schools
- 1:1 NAT Rules
- New Appliance LCD Functions
- HA/Clustering Cold-Standby During Up2Date
- Constant Live-Log Button
- Customizable Dashboard
- New Listbox Functionality
- Network Definition Ranges
- Download and Distribution of User VPN Configurations
- Multiple Objects in Firewall Rules
- Creation of Interface Group Objects
- Extended support for more Dynamic DNS Providers
- Path-Based Routing for WebServer Protection
Other Changes and Enhancements
- Naming & Labeling
- All instances of “Security” as it relates to subscriptions have been renamed to “Protection” (Eg. Web Security becomes Web Protection).
- Instances of “Astaro” and associated products have been updated with Sophos naming. (Eg. Sophos Authentication Agent). *Some may change slightly throughout the Beta.
- The ICMP settings of Network Protection have seen “Firewall” renamed to Gateway.
- All instances of “Security” as it relates to subscriptions have been renamed to “Protection” (Eg. Web Security becomes Web Protection).
- Support for popular and most-requested DHCP options has been added to the DHCP server configuration.
- 3G Modem Support has been extended to include more devices worldwide, including some 4G devices
- The SSL VPN Client can now be run without administrator rights. (Windows requires that it be installed initially as Admin however)
- Support has been added for Solid-State Drives (SSD). When installed on an SSD, appropriate performance and maintenance tuning packages will be configured to maximize the benefit of these popular and fast-performing devices.
- The Sophos Authentication Agent (previously the AAA) now has the option to save the entered password, disable the splash screen, and be prevented from starting up with the client PC during boot.
- The title of the browser tab for WebAdmin can now be customized in WebAdmin Settings, allowing for easier management and clearer identification (especially when managing multiple installations simultaneously).
- In the customization section of WebAdmin, the many options and choices have been condensed using “+” expanders. This removes the need to scroll down at length to see all possible options in this section.
- Hovering over the currently logged-in administrator name at the top of WebAdmin will now display other active admin sessions.
- The NAT tab has been slightly reorganized with crisper layout which better assists rule creation.
- The overall WebAdmin performance of the user change log on the management section has been greatly improved.
- Administrators can now select to receive notifications when Mail Protection has blocked an outgoing message.
- If you have multiple BGP Uplinks, load sharing between them can now be performed.
- Quality of Service has had various improvements applied to make it more effective and powerful. More details on specifics will be published in a future release.
- IPv6 can now be used with Dynamic Interfaces, and support for NAT has been added.
- IPv6 DHCP can be restricted to clients with static mappings only.
- The DHCP Server now has a relay mode option.
- Netflow/IPFIX records can now be exported.
- The SSL VPN now supports international character sets & spaces, removing restrictions previously encountered for usernames/passwords in various markets.
- Web Application Security has been renamed to Webserver Protection
- As part of the new Webserver Protection path based routing, you can configure session "stickyness", which locks a session to the destination server once established. This removes errors you might encounter on some setups when using multiple backend servers and the integrated load balancer of Webserver protection.
- Spanning Tree Protocol (STP) is now supported for bridged configurations. (You will find this option in the bridging section under "Advanced")
- The transmit power of Wireless AP's can now be configured per-radio. Edit the Access Point and this be adjusted under the "Advanced" section)
- The delimiter for exported reports can be selected from Reporting Settings-->Settings. You may choose between a comma or a semicolon.
- When creating definitions, the "Bind to Interface" option has been moved down under an advanced separator to avoid users commonly setting this parameter. (Needed only in very specific networking situations for precise use cases)
- Update 8.930: Most popup windows throughout webadmin can now be moved in order to avoid them hiding configuration you are trying to work with.
- Update 8.930: Ever-envious of it's popular counterpart, the Userportal has studied hard and learned from WebAdmin how to disable the auto-caps of the first letter entry when using iOS.
- Update 8.930: The Firewall rules page has been extensively re-worked with a crisp new design.
- Update 8.930: The Wireless Overview Status Page has been overhauled with many tweaks and usability improvements.
- Update 8.930: The Web Security block and downloader pages will now be centered and have new visuals, along with some final polish still to be applied in a future Up2Date.
