Skip to content

AXS Guard UTM Release Notes

The release notes provide information on new product features, improvements, known issues, and bug fixes for each AXS Guard version.

Individual software components are documented in the product manuals section. Carefully review this document to avoid configuration difficulties.

Version 11.1.3 - Latest

Introducing the all-new Comfort Threat Protection Pack!

Formerly known as Cont. Scan Plus, our enhanced protection suite is now packed with even more robust features to shield you from cyber threats. And here's the best part: it's all yours at no extra cost!

  • DNS Filtering: Explore the web with confidence as our advanced DNS blacklists, centrally managed in the AXS Guard Cloud, ensure a safer browsing experience.
  • GeoIP Filtering: Take command of your network traffic by selectively blocking connections to and from specific regions.

Firewall Updates

  • The classification of DNS resolving failed for firewall rule status messages has been adjusted from error to notice.
  • DNS over TCP is now permitted within the default secure and forward policies.

MAC Address Spoofing

MAC address spoofing is now accessible in the administration tool. This feature enables you to replace devices without needing to update the authorized MAC address with your service provider. The original MAC address can be viewed on the Network > Status > Devices page. If the MAC address change process encounters an error, it will be shown on the dashboard.

OpenVPN Certificates

OpenVPN now records certificate usage, simplifying the identification and updating of outdated certificates within the PKI > Certificates section.

Viewing Certificate Information

Other Improvements & Bug Fixes

  • DHCP client errors now on the dashboard: Easily identify issues with DHCP clients directly on the dashboard.
  • OpenVPN status page improved: See traffic in Mb/Gb, country flags for connections, and relative timestamps for a more user-friendly experience.
  • Authentication log streamlined: Less clutter in the authentication log with the removal of some debug messages.
  • The CPU statistics now accurately reflect the current time.
  • Mailbox upgrades: All mailboxes will be automatically upgraded to the latest metadata version.
  • IPv6 disabled for legacy VPNs: SSTP, L2TP, and PPTP VPN.
Version 11.1.2

Web-based Configuration Tool

Any field that accepts network information input will now feature a calculator icon. Hovering over this icon will reveal comprehensive details about the network.

AXS Guard Cloud Advanced Threat Protection

  • Enhance performance by optimizing requests to the AXS Guard cloud.
  • Include transaction timing information for Cloud anti-virus.
Version 11.1.1

Lock down your admin account with free 2FA:

We're pleased to offer a free OATH license (1 token) in this release, which can be used to secure your administrator account. This enables you to activate 2FA for logging in to the web-based administration tool.

Web-based Configuration Tool:

Changes made in configuration pages with an Edit as list button will now be saved automatically, eliminating the need to save the field separately before saving the entire page.

OpenVPN & PAX:

Improve network stability for VPN connections by increasing the default Dead Pear Detection values. This leads to less unneeded reconnections when ping packets are accidentally dropped. The new default values are shown below.

Web Access:

Include timing information in Web Access logs for every request processed by the AXS Guard proxy. This feature assists in troubleshooting slow proxy issues.

Version 11.1.0

Increased SSL/TLS security:

Support for legacy protocols such as SSLv3, TLS 1.0, and TLS 1.1 has been removed. Only TLS 1.2 and 1.3 are now supported, along with HIGH-type ciphers. This may affect AXS Guard configurations where old Windows versions and clients are still being used (Windows Vista/Server 2008 and older). Navigate to System -> Security -> TLS for details.

Extended root partition:

The AXS Guard root partition size has been increased from 10GB to 15GB, to mitigate disk space issues and warnings.

Updated Base System:

Various software packages have been updated to their latest versions for improved security, performance, and stability.

Package Removals:

The following legacy features have been removed and are no longer supported:

  • SSL Web Portal (Adito)
  • SSL VPN (SSL explorer)
  • Sumo Logic SIEM

Reverse Proxy:

The following backends are deprecated and have been removed:

  • OWA2003
  • OWA2007
  • OWA2010