StoneOS 5 .SG-6000-M6110 SG-6000-M3600 SG-6000-M3108 SG-6000-M3105 SG-6000-M3100 SG-6000-M2600 ...

download StoneOS 5 .SG-6000-M6110 SG-6000-M3600 SG-6000-M3108 SG-6000-M3105 SG-6000-M3100 SG-6000-M2600 ...

of 18

  • date post

    08-Nov-2018
  • Category

    Documents

  • view

    254
  • download

    1

Embed Size (px)

Transcript of StoneOS 5 .SG-6000-M6110 SG-6000-M3600 SG-6000-M3108 SG-6000-M3105 SG-6000-M3100 SG-6000-M2600 ...

  • StoneOS Release Notes

    1

    All rights reserved. Copyright 2015, Hillstone Networks SG-0415-5.5R1-02

    StoneOS 5.5R1

    Release Overview

    Release Date: April 15th, 2015

    This major release mainly supports innovative features of comprehensive visibility, intelligence,

    and threat prevention. All platforms begin to use a unified and optimized interface. A new license

    StoneShiled is issued to provide advanced threat detection and abnormal behavior detection.

    New virtual firewall (vFW) is released.

    Platforms and Images

    Platform Models Images

    SG-6000-G5150

    SG-6000-G3150

    SG-6000-G2120

    SG-6000-G2110

    SG-6000-M6860

    SG-6000-M6560

    SG-6000-M6115

    SG-6000-M6110

    SG-6000-M3600

    SG-6000-M3108

    SG-6000-M3105

    SG-6000-M3100

    SG-6000-M2600

    SG-6000-M2105

    SG-6000-M1600

    SG6000-M-5.5R1

    SG-6000-M8860

    SG-6000-M8260

    SG-6000-M7860

    SG-6000-M7360

    SG-6000-M7260

    SG-6000-E5960

    SG-6000-E5760

    SG-6000-E5660

    SG-6000-E5560

    SG-6000-E5260

    SG6000-M-2-5.5R1

    SG-6000-E3960 SG6000-M-3-5.5R1

  • StoneOS Release Notes

    2

    All rights reserved. Copyright 2015, Hillstone Networks SG-0415-5.5R1-02

    SG-6000-E3660

    SG-6000-E2800

    SG-6000-E2300

    SG-6000-E1700

    SG-6000-E1600

    SG-6000-E1100 (WLAN)

    SG-6000-E1100 (WLAN +3G-WCDMA)

    SG-6000-E1100 (3G-WCDMA)

    SG-6000-C1000

    SG-6000-X7180 SG6000-X7180-5.5R1

    SG-6000-X6180 SG6000-X6180-5.5R1

    SG-6000-X6150 SG6000-X6150-5.5R1

    SG6000-X6150-GS SG6000-X6150-GS-5.5R1

    SG-6000-VM01

    SG-6000-VM02

    SG6000-VM01-5.5R1

    SG6000-VM02-5.5R1

    SG-6000-T5860

    SG-6000-T5060

    SG-6000-T3860

    SG6000-T-5.5R1.iso

    SG-6000-G5150

    SG-6000-G3150

    SG-6000-G2120

    SG-6000-G2110

    SG-6000-M6860

    SG-6000-M6560

    SG-6000-M6115

    SG-6000-M6110

    SG-6000-M3600

    SG-6000-M3108

    SG-6000-M3105

    SG-6000-M3100

    SG-6000-M2600

    SG-6000-M2105

    SG-6000-M1600

    SG6000-UIF-5.5R1.bin

    SG6000-UIF-5.5R1.iso

    SG6000-UIF-5.5R1-disk1.vmdk

    SG6000-UIF-5.5R1.ovf

    SG6000-UIF-5.5R1.mf

    SG-6000-M8860

    SG-6000-M8260

    SG-6000-M7860

    SG-6000-M7360

    SG-6000-M7260

    SG-6000-E5960

    SG-6000-E5760

    SG-6000-E5660

    SG-6000-E5560

    SG-6000-E5260

    SG6000-UIF-2-5.5R1.bin

    SG6000-UIF-2-5.5R1.iso

    SG6000-UIF-2-5.5R1-disk1.vmdk

    SG6000-UIF-2-5.5R1.ovf

    SG6000-UIF-2-5.5R1.mf

  • StoneOS Release Notes

    3

    All rights reserved. Copyright 2015, Hillstone Networks SG-0415-5.5R1-02

    SG-6000-M8860

    SG-6000-M8260

    SG-6000-M7860

    SG-6000-M7360

    SG-6000-M7260

    SG-6000-E3960

    SG-6000-E3660

    SG-6000-E2800

    SG-6000-E2300

    SG-6000-E1700

    SG-6000-E1600

    SG6000-UIF-3-5.5R1.bin

    SG6000-UIF-3-5.5R1.iso

    SG6000-UIF-3-5.5R1-disk1.vmdk

    SG6000-UIF-3-5.5R1.ovf

    SG6000-UIF-3-5.5R1.mf

    Upgrading Notes

    Upgrading Notes for Each Platform

    Upgrading Notes for E/X Platform

    For different versions of E/X platform, note the following matters:

    To upgrade the versions before 5.0R3 to 5.5R1, Hillstone recommends you to first

    upgrade to 5.0R4P5, and then upgrade to 5.5R1.

    You can upgrade 5.0R3 and its subsequent versions to 5.5R1 directly.

    The following versions support upgrading via WebUI: 5.0R4P6, 5.0R3P10, 5.0R4F4,

    5.0R3F5.2, and 5.0R4F4.1. For other versions, use CLI to upgrade versions.

    For different models of E/X platform, note the following matters:

    SG-6000-M2105 (512M) does not support 5.5R1.

    Due to storage limitation, Hillstone does not recommend you to upgrade the following

    models to 5.5R1: SG-6000-M2105 (1G), SG-6000-M1600, SG-6000-M3100,

    SG-6000-M3105, SG-6000-M3108. If needed, contact Service Line to obtain detailed

    upgrading guideline.

    Upgrading Notes for T Platform

    Upgrading T platform takes a long time and it will last dozens of minutes or several hours.

    During the upgrading, the device can normally forward the data in the data plane, but the

    WebUI of Dashboard, iCenter, and Monitor cannot display normally. For more detailed

    upgrading guideline, contact Service Line.

    After upgrading from 5.0R4 to 5.5R1, the original threat logs cannot display in iCenter

    due to threat database changes and new iCenter functions. To save the original 5.0R4

    threat logs, export them via WebUI in 5.0R4.

  • StoneOS Release Notes

    4

    All rights reserved. Copyright 2015, Hillstone Networks SG-0415-5.5R1-02

    Upgrading Notes for UIF Platform

    Upgrading UIF platform takes a long time and it will last dozens of minutes or several

    hours. During the upgrading, the device can normally forward the data in the data plane,

    but the WebUI of Dashboard, iCenter, and Monitor cannot display normally. For more

    detailed upgrading guideline, contact Service Line.

    After upgrading from 5.0R4 to 5.5R1, the original threat data cannot display in iCenter

    due to threat database changes and new iCenter functions. To save the original 5.0R4

    threat logs, export them via WebUI in 5.0R4.

    To upgrade E platform to UIF platform, you need to install the unified intelligence server

    license. To roll back UIF platform to E platform, you need to first uninstall the unified

    intelligence service license.

    For more information about UIF platform introduction, installation and upgrading, see

    Hillstone Unified Intelligence Firewall Installation Manual.

    Upgrading Notes for Each Module

    Separating Applications from Services

    From 5.0R4 release, applications are separated from services. For example, the old Service FTP

    is divided into Service FTP and Appication FTP. This change will affect these modules: policies,

    policy routes, NAT, QoS, session limits and statistics. If you update your system to versions higher

    than 5.0R4, there is no influence on your normal use (however, an unsupported command

    prompt may appear). Due to the separation, downgrading from 5.0R4 will not restore the old

    categorization. Please back up your configuration before upgrading to 5.0R4.

    Log Type Change

    From 5.0R4, StoneOS has moved alarm type logs to event logs (severity level higher than critical).

    If system is upgraded to versions higher than 5.0R4, the commands related to alarm logs

    (logging alarm/logging syslog...type alarm) will be deleted. If a system is downgraded from

    5.0R4 or higher, the event logs of (and higher than) critical severity will be lost.

    New Attribute for Address Books

    From 5.0R3, StoneOS has added an ID attribute for each address entry. When the system is

    upgraded to 5.0R3 from prior versions, the existing address book configurations will be processed

    smoothly without any effect to users; when the system is downgraded to versions below 5.0R3,

    all the existing address book configurations will be lost.

  • StoneOS Release Notes

    5

    All rights reserved. Copyright 2015, Hillstone Networks SG-0415-5.5R1-02

    Policy Default Mode Change

    From 4.5R1, StoneOS changed its policys default mode to the global configuration mode. When

    the system is upgraded to 4.5R1 or higher, the existing policy rule configurations will be

    processed smoothly without any effect to users; when the system is downgraded to versions

    below 4.5R1, all the existing policy rule configurations will be lost.

    Statistics Configuration Adjustment

    From 4.5R1, StoneOS has adjusted the configuration of statistics function. When the system is

    upgraded to 4.5R1 or higher, the existing statistics configurations will be processed smoothly

    without any effect to users; when the system is downgraded to versions below 4.5R1, all the

    existing statistics configurations may be lost.

    Interface Mirroring Configuration Change

    From 5.0R1, StoneOS changed CLI command for interface mirroring:

    Before 5.0R1 After 5.0R1

    mirror to interface-name [both | rx | tx] mirror to interface-name

    mirror enable {both | rx | tx}

    When the system is upgraded to 5.0R1 or higher, the command will be upgraded smoothly

    without any effect to users; when the system is downgraded to versions lower than 5.0R1, all the

    interface mirroring configurations will be lost.

    Attack Defense Configuration Change

    From 5.0R2, StoneOS does not support layer 2 IP address spoofing attack defense any longer.

    When the system is upgraded to versions of 5.0R2 or higher, the configuration of ad

    ip-spoofing will be lost.

    New QoS: iQos

    Intelligent Quality of Service (iQos) is added from version 5.5R1. When the system is upgraded

    fro