[製品情報] EdgeFire v1.2.11 公開のお知らせ:サポート情報 : トレンドマイクロ
EdgeFire v1.2.11 を以下の通り公開いたしました。
■公開開始日
2022年1月11日(火)
■新機能
EdgeFire v1.2.11 の新機能等につきましては こちら のページよりダウンロードできる Release Note(英語)をご覧ください。
■入手方法
こちら のページからファームウェア更新用パッケージをダウンロードすることができます。■導入手順
サポート情報 : トレンドマイクロ
導入手順につきましては Online Help Center からダウンロードできるクイックセットアップガイド(英語)や管理者ガイド(英語)をご参照ください。
■製品サポート
製品に関してご不明な点がございましたら、製品をご購入された販売代理店までお問合せください。
A. Supported Features
• [New Feature] - Added Independent MGMT Setting (for WAN Port2)
- [New Feature] - Added High Availability Feature in [High Availability] Page.
- [New Feature] - Added Port Mirror Feature in [Port Mirror] Page.
- [New Feature] - New protocol support in [Protocol Filter Profiles] page:
- 33 OT protocols supported in protocol level. (via IPS pattern update)
- HART-IP
- OPC-UA
- OPC-Classic
- BACnet
- DNP3
- IEC-104
- GE-SDI
- GE-SRTP
- HL7
- DICOM
- ROS SimpleMessage
- Emerson ROC
- CODESYS
- Emerson DeltaV
- GE EGD
- GE iFIX
- TriStation
- ICCP TASE.2
- IEC 61850-R-GOOSE
- IEC 61850-R-SV
- IEC 62056
- IEEE C37.118
- KNX
- CN/IP
- Niagara Fox
- LonWorks/LonTalk
- CoAP
- ADDP
- RTPS
- MDLC
- Ether-S-Bus
- EtherSIO
- Moxa Protocol
- 10 general protocols supported in protocol level. (via IPS pattern update)
- 1 general protocol supported in advanced level.
- SMB
- [New Feature] - MELSOFT protocol advanced filtering:
- Added 10 new command codes
- (0x0401) Device Batch Read
- (0x0402) Device Random Read
- (0x0403) Device Random Read
- (0x0410) Device Memory Read
- (0x0411) Device Random Read
- (0x0412) Device Random Read
- (0x1401) Device Batch Write
- (0x1402) Device Random Write
- (0x1410) Device Memory Write
- (0x1411) Device Random Write
- Added new 51 device codes for selection when one of the above 10 command
code is chosen in MELSOFT protocol advanced filtering.
- [New Feature] - Added File Filter Profiles in [Object Profiles] Page
- [New Feature] - Added Policy Rule Auto Learning (ICS Foresight Strike)
- [New Feature] - Basic and Advanced Filter supported in [Policy Enforcement Rule] page.
- [New Feature] - Device Rule List and Master Rule List supported in [Policy Enforcement
Rule] page.
- [New Feature] - Added search bar in [Policy Enforcement Rule] page.
- [New Feature] - Suspicious Objects supported in [Suspicious Objects] Page.
- [New Feature] - Device Profiles and Master Profiles supported in [IP objects], [Service
objects], [Protocol Filter Profiles], [IPS Profiles] and [File Filter Profiles] pages.
- [New Feature] - Default IPS profile will be generated when the setting is factory default
setting.
- [New Feature] - Support packet capture triggered by IPS in [Packet Capture] Page
- [New Feature] - Added File Filter Log and Suspicious Objects Log.
- [New Feature] - Support SNMP
- [New Feature] - Support CLI command for the below feature
- System Information
- Network > Network Interfaces
- Network > Operation Mode
- NAT > NAT Rules
- Routing > Static Route
- Object Profiles > IP Object Profiles
- Object Profiles > Service Object Profiles
- Security > Policy Enforcement
- System Management
- ODC Setting
- SNMP
- Time and Date
- Device Reboot
- Switch Firmware Partition
- [New Feature] - Zero Configuration supports the below actions from the front panel of EdgeIPS
- On-demand configuration backup to USB drive
- Load pattern from USB drive to EdgeFire
- Load configuration from USB drive to EdgeFire
- Load firmware from USB drive to EdgeFire
B. Improvements
- [Enhancement] - Added Bandwidth Utilization and Packet Transmission Status in [System] page
- [Enhancement] - Added configurable ports in Port Mapping Feature.
- Independent MGMT Port (for WAN Port2),
- HA Port (for Port 7)
- Mirror Port (for Port 8)
- [Enhancement] - Added LLDP settings in [Operation Mode] page.
- [Enhancement] - New protocols by signature update in [Protocol Filter Profile] page.
- [Enhancement] - Release note download in the pattern update page
- [Enhancement] - IPS Rule metadata download in pattern update page
- [Enhancement] - Support pattern encyclopedia and MITRE ATT&CK ID in pattern update page
- [Enhancement] - USB Zero Configuration Enhancement (Cfg Backup/Restore, FW Upgrade via USB disk drive)
- [Enhancement] - Support two models of USB disk drive.
- Innodisk USB driver 2SE
- Apacer USB 3.0 16GB
- [Enhancement] - Support remote access from ODC-VA to the device.
- [Enhancement] - Support enable/disable ping in [System Management] page
- [Enhancement] - User Experience Improvement in IPS Profile
- User can select multiple items in IPS profile for configuration instead of be limited to select to the item in one page for editing.
- [Enhancement] - Added “Accept and Log” option in the action list of Policy Enforcement and Protocol Filter Action.
C. Bug Fix
- [TXN-4120] - [Network Interface]After EdgeFire changes the interface IP with a new IP, the old IP is not cleared, the interface can still be connected with the old IP successfully
- [TXN-4122] - [VLAN] User can't access EdgeFire when the VLAN is enabled and the Bridge port is selected as management port under Bridge mode.
- [TXN-4142] - [CLI] EdgeFire disconnects after user modifying time zone setting.
- [TXN-2001] - In EdgeFire bridge mode, the blocked port status is not displayed WEBGUI when STP function is enabled.
- [TXN-4187] - [CLI] source IP/destination IP info doesn’t display in policy enforcement rules
- [TXN-4190] - [CLI] wrong display for vlan in policy enforcement rule
- [TXN-4462] - [Port Settings] WAN1 Link speed locked at 10 Mbps Half Duplex
- [TXN-4466] - [CLI] the commands “save force”, “done force” and “exit force” do not work.
D. Known issues
[https://files.trendmicro.com/products/Trend_Products/TXOne_Networks/EdgeFire/IEF_1.2.11/[Firmware]%20TXOne%20IEF_T01%20Release%20note_1.2.11.pdf:title]
- [TXN-1255/2070] - [Upgrade] The EdgeFire web console gets "something went wrong" or "An unexpected error occurred" even the user refreshes the browser.
- [TXN-2113] - [Account] Firmware upgrade will be failed w/o error messages if the network is unstable.
- [TXN-4443] - [HA]The HA management IP still can be used for WebGUI after restoring config of disabled HA
- [TXN-4405] - [HA] The secondary DUT will stay logged in with the original account after the configuration synchronization.