This is an old version. We strongly recommend upgrading your appliance to the latest version to ensure optimal performance and security.
Upgrading to the latest version provides enhanced security features, bug fixes, and overall improvements, safeguarding your system against potential vulnerabilities.
Features & Improvements
A new 64-bit kernel has been implemented. The previous kernel has also been upgraded to version 4.14. This is especially important when installing the appliance in a virtual environment; it will no longer be possible to boot your virtual AXS Guard appliance with a virtual machine that has been configured for a 32-bit guest OS.
The upgrade process may take over 30 minutes to complete. It is recommended to upgrade your appliance during off-peak hours or during a maintenance window to avoid service interruptions.
A new NAT option has been added to the Personal AXS Guard service to allow administrators to use the same subnet for multiple PAX units. Some minor changes were also made to the server-side user interface, making DHCP and passwords easier to configure.
A drag and drop feature has been implemented allowing administrators to easily change the order of rules in system policies, such as firewall policies.
A new reverse proxy back-end has been added to support Awingu version 4.0 and above.
The AXS Guard documentation is constantly updated to reflect the various updates and improvements in the software and the product as a whole. Documents are available in PDF and HTML formats.
The following guides have been updated:
AXS Guard PAX Installation Guide
AXS Guard Reverse Proxy Guide
AXS Guard Firewall Guide
AXS Guard PKI Guide
AXS Guard Virtual Appliance Guides
Kernel updates introduce fixes which close up previously discovered security vulnerabilities and are the most important reason to upgrade your system.
Updates will also include support for new hardware, new functionalities and improve the stability and speed of your system.
IPsec netkey and VTI interfaces
The IP security (IPsec) stack is switched to the native linux implementation called netkey. In order to facilitate this transition, AXS Guard makes use of virtual tunnel interfaces (VTI), which provide routable ipsec software interfaces that support multicast, bandwidth management and load balancing, similar to the KLIPS IPsec stack used before.
The switch to netkey IPsec stack offers active development and support, a larger selection of cryptographic algorithm support, cryptographic offloading and parallel processing.
New PAX NAT Option
A new Translate Remote LAN option has been added, allowing administrators to reuse the same subnet for multiple PAX units.
Reverse Proxy support for Awingu 4.0
The reverse proxy has been refactored to support Awingu 4.0 and later versions. To configure the reverse proxy for use with Awingu 4.0, just select the "awingu-v2" back-end.