Supermicro server-class motherboard / IPMI intelligent platform remote management interface (IP KVM) / New 64-bit OS, distributed hardware architecture

Internal hardware RAID with hot-swapping support [4TB*2 SSD primary data disks RAID 0] / Built-in backup hard drive (enterprise-grade 8,000GB*1)

No account restrictions / Personal email mailbox capacity up to 100GB (configurable from 1MB to 100GB)

Built-in email gateway filtering system, multi-domain independent email system, Plush Mail, AD account integration, bulletin board, HA hardware hot standby

AI Sapm / Dedicated iOS/Android Mail App for sending and receiving emails / Responsive Webmail / Supports Wake-on-LAN

Built-in Kaspersky antivirus or AI Spam 1-year warranty (choose one) / Threat intelligence dashboard [Dashboard] / With dedicated slider / Recommended number of users: 1,000~1,500 people

A 500W DC power supply with 48V and 120V input is also available. Special specifications are sold separately.

Optional items: Dual RAID models / Dual-port 10GbE SFP+ fiber optic models [GBIC (RJ45 / Single-mode / Multi-mode) optional] Dual-speed 10G & 1G / Kaspersky antivirus (1 year or 3 years) / AI Spam (1 year or 3 years)

Applicable Versions
3.1.5.1 (1747016540/1749509317)

Notes
After the software update, the system will automatically restart and resume any suspended services.

Updates

==========

[Spam Management]
[Basic Settings]
● Adjustments
※ "AI Module" not working in some cases
[WebMail]
[Mail]
● Fixes
※ Attachment download or preview errors in some cases
※ Attachment name display errors in some cases
※ Some emails do not display the content correctly due to formatting issues
※ The sender field displays incorrect information in some cases
※ Images do not display correctly in emails forwarded from [New Webmail]
[Newsletter]
● Fixes
※ Some tasks do not complete in some cases
※ When using eml files in [Add/Edit] > [Upload File], garbled characters are sometimes generated
[Other]
● Fixes
※ Some bulletin board content icons do not display correctly

[Other]
[System]
● Fixes
※ The login page of the management interface may lead to an unauthorized remote code execution vulnerability
※ [WebMail/New WebMail] Some interfaces have injection vulnerability issues.
※ High availability services do not properly validate information, potentially exposing injection vulnerability issues.

==========

ZTA VPN is a login program that allows you to securely connect to your company's intranet from anywhere. Even from home or elsewhere, you can access ERP or other intranet-only systems. Data is encrypted to prevent interception or decryption during transmission, enhancing information security.

In addition, system administrators can configure user access permissions based on their needs, including resource access time periods and bandwidth limits, enhancing overall control efficiency.
ZTA VPN is easy to use; simply download the program and certificate from your company's NGS firewall, install it, and connect.

ZTA VPN primarily uses Wireguard as its primary connection protocol architecture. Wireguard is a secure and efficient VPN protocol, but due to its streamlined architecture, it lacks management and logging mechanisms. This allows for transmission speeds up to six times faster than IPSEC VPN and four times faster than PPPTP, L2TP, and SSLVPN. ZTA VPN also incorporates comprehensive mechanisms such as authentication, logging, and VPN tunnel maintenance to ensure highly secure and efficient VPN functionality.

Supported Models
NGS 1315HE / 1351HF / 3542HTG / 3572HF / 5752HF / 5772HG / 5792HF / 5952HTG / 5972HG

[Mail Management]
[Mail Filtering and Logs]
● Fixed an issue where blocking would still occur even when the [SMTP Block IP] function was disabled.
[Spam Filtering]
● Fixed an issue where the language of the notification message in [Spam Notification] was incorrect.
[Mail Log Query]
● Fixed an issue where the [Allow] command did not work properly in some cases.
● Fixed an issue where the "File Size" information in [Details] > "Attachment Files" was incorrect in some cases.
● Fixed an issue where USB log data could not be retrieved in some cases.
● Fixed an issue where sender information was not displayed correctly in some cases.
[SMTP Log Query]
● Fixed an issue where a blank page appeared in [Smtp Communication Log Query Results] > [Details].

[Content Logs]
[Web Logs]
● Fixed an issue where the IP address in [Today's Web Virus Log/Web Virus Log Query] was incorrectly displayed in some cases.
● Fixed an issue where the "Internet Authentication Account" field did not display correctly.

[VPN]
[IPSec Tunnel]
● Adjustments "Multi-channel Mode" now displays status information for disconnected segments.
● Fixed an issue where, in some cases, the backup switch would not switch correctly when WWAN was selected as the backup link.
● Fixed an issue where, in some cases, the connection was established but packets were not transmitted properly.
[PPTP Server]
● Fixed an issue where the [PPTP Account List] account could be entered in Chinese, causing errors.
● Fixed an issue where, in the [PPTP Account List] > "Account Expiration Date" field, the actual expiration date was one day less than the set date.
[SSL VPN]
● Adjusted [SSL VPN Settings] > "Modify Server Settings" to add relevant field prompts.
● Adjusted [Client SSL VPN List] > "Re-obtain All Certificates" to add a prompt during execution to prevent repeated execution.
● Adjusted: When the server certificate expires, client certificate generation will be disabled and a prompt will be displayed.
● Adjusted: When generating client certificates, the expiration date will be adjusted according to the server certificate expiration date.
● Fixed a PHP error that occurred in [SSL VPN Settings] > "Certificate Information" > "Regenerate Certificates." Fixed an error message issue.
● Fixed an issue where account credential settings could not be downloaded when the Internet authentication group name in the [Client SSL VPN List] contained special characters.
● Fixed an issue where a PHP error message would appear in some cases when using [SSL VPN Log] > [Export].
● Fixed an issue where account credential settings could not be generated in some cases.
● Fixed an issue where sslvpn-gui (PC client) version 3.0.0.2 was updated.
Update Information:
● Fixed the CVE-2024-1305 issue and updated the virtual network card driver.
[L2TP]
● Fixed an issue where the actual expiration date in [Account List] > "Account Expiration Date" was one day less than the set date.
● Fixed an issue where encrypted authentication was not correctly used for L2TP connections in some cases.

[SD-WAN]
● Fixed an issue where the [Delete] setting was not correctly executed, causing SD-WAN service anomalies.
● Fixed an issue where packet transmission could not be performed properly in some cases, causing connection anomalies.

[Network Tools]
[Connection Test]
● Adjusted [DNS Query] to add the "Interface Address" function setting.
● Fixed an issue where [Ping] did not execute according to the "Interface Address" setting in some cases.
● Fixed an issue where [Port Scan] failed to connect due to routing errors in some cases.

[Logs]
[Operation Logs]
● Fixed an issue where [Management Target > Firewall Protection > Firewall Protection] > "Permanent Block" did not generate logs.
● Fixed an issue where [Management Target > Internet Authentication > Web Settings] logs were missing "Page Default Language" information.
● Fixed an issue where [Network Services > DHCP > DHCP Blacklist MAC Address] > "DHCP Flood Attack Protection" log information was incorrect.
● Fixed an issue where [VPN > SSLVPN Server > Client SSL VPN List] > [Retrieve All Certificates] did not generate logs.

[System Status]
[Connection Status]
● Fixed an issue where [Member List] displayed incorrect connection status in some cases.
[Traffic Analysis]
● Adjusted [Traffic Analysis Query] > "Query Conditions" to add the "Source Port:" feature.
● Fixed an issue where, in some cases, an error message would appear when clicking "Details" in [Traffic Quota Query].
● Fixed an issue where, in some cases, the "Application" field information would be inconsistent with the information displayed in the [Threat Intelligence Dashboard].
[Threat Intelligence Dashboard]
● Fixed an issue where, in some cases, data would not display correctly when switching dates in "Real-Time Information."
● Fixed an issue where, in some cases, items in [Threat Intelligence] would display "null."
● Fixed an issue where, in some cases, [Web Control] "Upload/Download File Extension Blacklist" displayed incorrect records.
● Fixed an issue where, in some cases, [DNS Lookup] displayed incorrectly when a large amount of data was present.
● Fixed an issue where, in [Report], the "CPU Load/Memory Load/System Load" report content did not contain any data.
● Fixed an issue where, in [Report], Thai text would not display in the report.

[Others]
[Admin Interface]
● Added the [ZTA VPN] [Client-to-Site] feature, providing VPN service application and control settings.
● Adjusted [System Status > Connection Status] > [Wireless Member List] to [AP Management Member List].
● Adjusted the names of some interface functions and unified the display (Chinese language adjustment only).
- [Management Target] > [Firewall Function] changed to [Firewall Protection]
- [System Status > Threat Intelligence Dashboard] > [WEB Control] changed to [WEB Control]
● Adjusted the "Data Source" function item to not display when the "USB Log Backup" source does not exist on the log page.
● Adjusted support for two-step verification codes for functions requiring password authentication.
● Adjusted the login page style and HTTP headers to reduce search engine indexing issues.
● Adjusted the IP query interface to support wildcard and mask format queries.
● Fixed an issue where blocked IP addresses would still display login failure logs.
● Fixed an issue where multiple devices could be logged out when switching between management interfaces.
● Fixed an issue where traffic information was not displayed on the [Homepage] network interface in some cases.
● Fixed an issue where the [Homepage] homepage displayed an expired authorization message when the app version had not been updated.
● Fixed an issue where domain information could not be saved properly in some interfaces due to a formatting error.
● Fixed an issue where a prompt was not displayed correctly when switching to a specified page and the maximum number of pages was exceeded.
● Fixed an issue where some English text was incorrectly or incompletely translated.
● Fixed an issue where password verification failed when a function required password verification and a password containing a backslash ('\').
● Fixed an issue where the text "test" could not be entered for configuration in some interfaces, triggering an error.
● Fixed an issue where some input fields could not be saved properly due to a space filtering error.
[Console]
● Fixed an issue where an error message would appear when shutting down or restarting the computer.
[System]
● Adjustments: Enhanced system security by adjusting connection request data filtering and interface input restrictions.
● Adjustments: Updated regional IP addresses. Database.
● Adjusted and updated the database for Apple devices compatible with Mac.
● Adjusted the default certificate regional information changes.
● Adjusted the import of SSL certificates to support EC (Elliptic Curve) certificates.
● Fixed an issue where some internal services could not run properly or crash due to application package interference.
● Fixed an issue where the USB offline update function did not properly check the integrity of uploaded files.
● Fixed an issue where some handlers did not properly release resources, causing the program to stop unexpectedly.
● Fixed an issue where some exceptions occurred during service restarts, causing the management interface to become disconnected.
● Fixed an issue where blocking attack sources through policies did not reduce the load caused by the attack.
● Fixed an issue where weak scans could detect open web services when enabling web-related filtering services.
● Fixed an issue where line detection functions did not run correctly in some cases.
● Fixed an issue where the import of SSL certificates could freeze due to an abnormal check process.
● Fixed an issue where importing SSL certificates could freeze due to an exception in the check process. Certificate-related functions were unable to properly import files using the UTF-8 BOM format.
● Fixed an issue where, in some cases, large packets could cause the system to shut down unexpectedly when processed by the IPS.
● Fixed an issue where the upper limit for "AP Management/SSLVPN" settings was incorrect on some models.
● Fixed an issue where, in some cases, the DNS Server-related service could cause abnormal CPU load.

==========

[Management Target]
[Address Table]
● Added a new [Address Table Group] with a new [Search] function.
● Adjusted the "Address Table Group" [Add/Edit] "Region" to add a "Custom IP" filter option.
● Adjusted the "Address Table Group" [Add/Edit] to optimize the "All Members" filter and add an "IP Address" > "Custom" option.
● Fixed an issue in [Address Table] where the prompt was not displayed correctly when some settings could not be changed due to the application of regulations.
● Fixed an issue in [Address Table] where the "External Link List" setting was not updated regularly in some cases.
● Fixed an issue in [Address Table] where the domain set in "User Custom Domain/External Link List" was invalid in some cases.
● Fixed an issue in [Address Table] where the MAC address setting "00:00:00:00:00:00" could not be saved.
● Fixed an issue in [Address Table Group] where duplicate IP+MAC addresses were set .
● Fixed an issue where the address table settings applied to [Control Rules] were invalid in some cases.
● Fixed an issue where incomplete settings would occur after importing [IPv6] [Address Table] > [Address Table Import].
[Schedule]
● Fixed an issue where settings without applying rules would still affect connectivity.
● Fixed an issue where settings would appear blank in some cases.
[Bandwidth Management]
● Fixed an issue where, in the [Network Settings > Zone Settings] interface, a notification was not displayed when removing enabled bandwidth management.
[Application Control]
● Added a [Whitelist] setting to [Application Control] to exclude IP addresses from analysis and filtering.
● Added an "Automatically Check Package Version" feature to [Application Control].
● Adjustments: Display "Application Version" information and provide a prompt to update the version information.
● Adjustments: Optimize the [Add/Edit] interface settings.
● Adjustments: [Add/Edit] > "Data Sharing and Storage: Google Driver" now requires a reminder to block settings in conjunction with other control items. (New version of the app)
● Fixed an issue where services were not running correctly in some cases.
● Fixed an issue where the "Source/Destination IP" information in some cases of [IPv6] logs was incorrect.
[URL Management]
● Fixed an issue where the URL whitelist blocking log in some cases of [Logs] displayed incorrect information.
[DNS Filter]
● Fixed an issue where [IPv6] logs were only retained for one day.
[Firewall Protection]
● Adjusted an issue where querying in [Firewall Protection Logs] caused excessive system load when processing large amounts of data.
● Fixed an issue where IP addresses that triggered "Permanent Block" in some cases were not correctly blocked in [Firewall Protection].
● Fixed an issue where "Block Ping of Death Attacks" in some cases was incorrectly blocked in [Firewall Protection] > "Other Items".
● Fixed an issue where the local IP address of the firewall was blocked in some cases.
[Internet Authentication]
● Adjusted [Web Settings] > "Upload Logo" to increase the upload file limit 5MB.
● Adjusted the "Name" setting in [Local Users] to 64 characters.
● Adjusted the "Local Users" > "Import" setting to allow users to select "Replace" or "Ignore" when importing duplicate accounts.
● Adjusted the "POP3, IMAP, RADIUS Users" > "Edit" > "Import" setting to allow users to select "Replace" or "Ignore" when importing duplicate accounts.
● Adjusted the "POP3, IMAP, RADIUS Users" > "Edit" > "Server Member Settings" setting to add a "User Account" sorting function.
● Adjusted the "AD Users" setting to add a "Missing AD Sync Accounts" function to view a list of unsynchronized accounts.
● Fixed an issue where the "Local Users" > "Add/Edit" > "User Password" setting would not save when using symbols (',',).
● Fixed an issue where the "Local Users/POP3, IMAP, RADIUS Users" setting would not save the settings. In some cases, account deletion was incorrectly detected, resulting in failure to execute or no prompt being displayed.
● Fixed an issue where SSLVPN accounts were not updated synchronously in some cases under [AD Users].
● Fixed an issue where connection failures occurred in some cases under [AD Users] when using SSL authentication.
● Fixed an issue where an error warning would appear when editing a group name in [User Groups] that contained partial characters.
● Fixed an issue where the certificate-related information window did not appear when adding an account to a group that already had [SSLVPN Group] applied.

[Network Services]
[DHCP]
● Adjusted [DHCP Server] to allow specifying different IP addresses for the same interface in different zones when setting the "802.1Q" interface.
● Adjusted [DHCP Server] > "Interface" to remove the option for external network interfaces.
● Fixed an issue where the DHCP server information obtained on client devices in some cases was not the local IP address of the device.
● Fixed [DHCP User List] Fixed an issue where an IP address set to "DHCP fixed IP address" was still assigned in some cases.
[DDNS]
● Adjusted and optimized background update behavior to increase update efficiency.
[Virus Engine]
● Adjusted the [ClamAV Engine] update to version 1.0.6.
● Adjusted the [Kaspersky Engine] function to stop updating the virus pattern database after the license expires.
● Fixed an issue where the management interface could not connect to the [Kaspersky Engine] service when the service was started in some cases.
● Fixed an issue where web browsing could not function properly in some cases when the [Kaspersky Engine] was enabled.
[Sandstorm]
● Added support for offline updates, allowing you to import signatures from a file or upload them via USB.
● Fixed an issue where [Sandstorm Logs] could not generate logs when the [DNS Filter] triggers a Sandstorm item and the IP address is IPv6.
● Fixed an issue where signature updates could continue to fail in some cases.
[WEB [Service]
● Added "Encrypted Connection Settings" > "Disable SSL Decryption" setting.
● Fixed an issue where changes to the "Redirection Port" setting in [WEB] > "Certificate Installer Settings" did not take effect.
● Fixed an issue where the Certificate Installer could not be downloaded in some cases under [WEB] > "Certificate Installer Settings".
● Fixed an issue where Chinese characters appeared in non-Chinese language documents under [WEB] > "Installation Help".
● Fixed an issue where the "Remote Download" function did not work properly when running the Certificate Installer in some cases.
[High Availability]
● Fixed an issue where the DHCP interface in [Network Settings > Network Interface] continued to function while the Backup device was in standby.
● Fixed an issue where "Mode 3" in the "Management Target > Schedule" rule did not work when the Backup device was in service.
● Fixed an issue where the system schedule did not work properly after running [System Settings > Backup and Restore > Restore to Factory Defaults] on the Backup device.
● Fixed an issue where the "Current Detection Status" > The [Log] button color did not match the data status.
● Fixed an issue where enabling the "Assisted Detection Interface" sometimes caused system scheduling errors.
● Fixed an issue where the "Last Data Synchronization Time" > [Log] display was incorrect in some cases.
● Fixed an issue where the synchronization process did not run in some cases.
[Remote Log Server]
● Fixed an issue where "Intranet Protection Log" data was duplicated.

[Advanced Protection]
[Switch Management]
● Added support for the Zyxel GS1900-24HP, Zyxel GS1915-24E, and Zyxel XGS1930-28 switch models (SNMP)
● Added support for the PROSCEND 850X-28, PROSCEND 850G-12I, and VOLKTEK 8015-8GT-I switch models (Collaborative Defense)
● Fixed [Switch Settings] > [Auto Search] Issues with some cases not working properly.
● Fixed an issue where [Switch Settings] settings could not be deleted in some cases.
● Fixed an issue where [Network Status Map] update failed in some cases.
● Fixed an issue where [Network Status Map] incorrectly displayed link port and layer information in some cases.
● Fixed an issue where [Network Status Map] did not display IP information in some cases.
[Intranet Protection]
● Adjusted the minimum setting for "Arp Packet Threshold" in [Protection Settings] to 10.
● Fixed an issue where [Arp Log] records were logged even though the packet count did not exceed the set value.
● Fixed an issue where [Arp Log] pages would display incorrectly in some cases.
● Fixed an issue where [Mac Conflict Log] would trigger logging when binding duplicate MAC addresses in the address table.
● Fixed an issue where [IP Conflict Log] displayed unclear information.

[IPS]
[IPS Settings]
● Added the [IPS Notification Item] feature setting.
● Added the rule addition display. "Rule ID" and "CVE" fields.
[IPS Logs]
● Added "Rule ID" and "CVE" fields to the log list.
● Fixed an issue where some connections were blocked but no logs were generated.
● Fixed an issue where IPv6 logs were not generated.

[WAF]
[WAF Settings]
● Added a "WebSocket Support" feature setting to "Website Management."
● Fixed an issue where some changes to the "Log/Block" settings for rules in "WAF Settings" did not take effect.
● Fixed an issue where settings did not take effect after executing "Import" in "Website Management."
● Fixed an issue where some WAF rules could not be properly connected after applying them.
● Fixed an issue where the WAF service could not be started in some cases.
[WAF Logs]
● Fixed an issue where some WAF Logs did not generate logs after blocking.

NGS 1U Series 9.0.3 Update Details

Applicable Models
NGS 1U Series

Applicable Version 9.0.2.4

[Notes]
After the firmware update, the system will automatically reboot (twice), taking approximately 3 to 5 minutes.

[Update Details]
==========
[System Settings]
[Basic Settings]
● Adjusted the path of "Administrative Interface Access Settings" > "Administrator Password Customization Rules/Administrator Account Two-Step Verification Rules" to "System Settings > Administrator > Account Security Settings".
[Time Settings]
● Fixed an issue where selecting "Asia/Riyadh" for "Time Zone" would cause errors in "Backup and Restore > System Backup".
[Administrator]
● Added the following settings to the "Account Security Settings" function:
- "Administrator Password Customization Rules"
- "Administrator Account Two-Step Verification Rules"
● Adjusted the path of "Two-Step Verification" to "Add/Edit" > "Account Management" to include a QR code. Display, and the [Verification Code Test] function.
● Adjusted [Account Management] [Add/Edit] > "Password" to allow characters such as ',' ':' '/', and spaces.
● Fixed an issue in [Account Management] where some functions did not work properly when restricting an account to access only [Network Settings > Network Interface]/[Network Settings > PPPoE Dial-up].
● Fixed an issue in [Account Management] where the actual expiration date in "Account Expiration Date" was one day less than the set date.
[Backup and Restore]
● Adjusted [System Backup and Restore] > "System Backup" to include the certificate file from [System Settings > SSL Certificate Settings].
● Adjusted [System Backup and Restore] to add the high availability role information to the backup file name when [High Availability] is enabled.
● Fixed an issue in [System Settings > UPS System] where the log was not cleared after "Restore Factory Defaults".
● Fixed an issue in [IPS] where the log was not cleared after "Restore Factory Defaults". Issue where logs were not cleared in some cases.
[AP Management]
● Fixed an issue where some APs experienced malfunctioning control functions after a firmware update.
[Package Management]
● Adjustment: Removed the "Kaspersky" setting, enabled the package by default, and changed the authorization setting to [Network Services > Antivirus Engine].
● Adjusted the "Package Name" setting to display the function name according to the language.
[Notifications]
● Adjusted the "Notifications" > "Administrator Account Login Error Event" setting to add a "Minutes" notification unit.
● Added a "Firewall Permanent Block" setting to [Notifications].
● Added a "Let's Encrypt Automatic Application Result Notification" setting to [Notifications].
● Added a "IPS Log" setting to [Notifications].
● Fixed an issue where notifications were not sent under "Line Disconnect" under "Notifications".
● Fixed an issue where notifications were not sent under "HA Status Switchover and Data Synchronization Abnormality" under "Notifications".
● Fixed In some cases, the notification function did not function properly after restoring a backup.
[Restart & Shutdown]
● Fixed an issue where the [Auto Restart] function did not function correctly in some cases.
[AP Management]
● Added support for AP models WAX620D-6E, NWA50-AX-PRO, NWA130BE, and NWA90-AX-PRO.
● Added support for the "802.11 k/v Roaming" function setting in [AP Management]. (The setting is only displayed for supported AP models.)
● Fixed an issue where the "Online Users" field in [AP Management] did not display information correctly in some cases.
● Fixed an issue where some APs experienced abnormal control functions after a firmware update.

[SSL Certificate Settings]
● Added the "Log" function to "Let's Encrypt Certificate" > "Local DNS Server - Auto Update."
● Adjusted the display of a notification when a "Let's Encrypt Certificate" application fails.
● Fixed the issue where the "Let's Encrypt Certificate" function did not display information correctly in some cases. Encrypt Certificates > Local DNS Server - Auto-Renewal was not executed correctly.
● Fixed an issue where the certificate renewal prompt was not displayed in some cases after the "Let's Encrypt Certificate" verification was completed.
● Fixed an issue where the management interface service did not start after certificate renewal in some cases.

[Network Settings]
[Zone Selection]
● Fixed an issue where the prompt information was unclear when removing the HA port without disabling the high availability service.
[Network Interface]
● Adjusted [IPv6] to remove the "Radio & DHCPv6" prompt information.
● Fixed an issue where the interface name contained spaces and displayed incorrectly.
● Fixed an issue where the "DHCP Lease Expiration Date" message was not displayed in some cases when the interface was set to DHCP.
● Fixed an issue where the interface was set to DHCP. When the network cable is reconnected, the IP address is not re-acquired.
● Fixed an issue where, in some cases, the MAC address of the LAN (zone0) is duplicated with other interfaces when multiple ports are bound.
[Route Management]
● Fixed an issue where, after editing an [Outlet Line], the related [Outlet Line Group] would be displayed as disconnected.
● Fixed an issue where, in some cases, the status of an [Outlet Line] was not displayed as disconnected or the switch to backup was not performed when the connection was disconnected.
● Fixed an issue where, after changing the settings in [IPv6] [Outlet Line] [Edit], the routing was not changed according to the settings.
● Fixed an issue where, after executing [Delete] on an [Outlet Line Group], routing was not correctly executed, causing routing anomalies.
● Fixed an issue where, in some cases, the applied control rules would not function correctly when the "Load Balancing Mode" setting in [Outlet Line Group] [Add/Edit] was set to "Prioritize Light Interface Load".
● Fixed an issue where, in some cases, the routing was not correctly changed when changing the detection status or switching to backup for an [Outlet Line/Outlet Line Group].
● Fixed [Default Gateway]: Link detection was not performed correctly in some cases.
● Fixed an issue where BGP routing information was not displayed correctly in some cases in [Dynamic Routing Table].

[PPPoE Dial-up]
● Fixed an issue where the password containing the character '#' in [Add/Edit] would cause connection failures.
● Fixed an issue where the related linked settings were not correctly determined when deactivating a line in [Edit].
● Fixed an issue where incorrect information was displayed when executing [Delete] in some cases.
[WWAN Dial-up]
● Added support for the Huawei E8372h network card.
● Fixed an issue where the USB access location information was incorrect in some cases.
[IP Tunnel]
● Fixed an issue where connections could be made even when the "Key" on both ends was incorrect when using encrypted IPsec connections.
● Fixed an issue where the interface displayed incorrectly when adding the 11th setting.
● Fixed an issue where connecting to the peer management interface via an IP tunnel was unavailable.
● Fixed an issue where using a tunneled connection Tracer failed to obtain information.
[Interrupt Settings]
● Adjusted [Hard Interrupt Settings] > [Enable Interrupt Data Loading] to display the total interrupt data.

[Control Rules]
[Control Rules]
● Added the [IP/Port Mapping Overview] feature to view service information configured for DNAT.
● Added a clickable field in the "Maximum Connections Per Source IP" field in the rule list to view blocked records.
● Added a clickable field in the "Traffic Quota" field in the rule list to view detailed records.
● Added a query function in [Add/Edit] > "Source Network/Destination Network."
● Fixed an issue where some controls were not applied according to time when using [Add/Edit] > "Schedule."
● Added a warning when a rule fails to trigger when only IPv4/IPv6 IP addresses are set in [Add/Edit] > "URL Management."
● Fixed an issue where incorrect information was displayed in the "URL Control" tip field in the rule list.
● Fixed an issue where some "Source Interface" settings in [Add/Edit] were not displayed correctly. An error message was displayed even when the "Source Network" matches the source network.
● Fixed an issue where an error message appeared when selecting an address table group in [Add/Edit] > "Destination Network".
● Fixed an issue where adding "Application Control" or "URL Control/WEB(S)" rules in [Add/Edit] did not correctly indicate functional impact.
● Fixed an issue where the "Maximum Connections Per Source IP" setting in [Add/Edit] was not applied to the source IP in some cases.
● Fixed an issue where [Move Rules] could not move [Advanced] rules to [Outgoing] when the rule source applied an address table.
● Fixed an issue where, when a PPPoE rule was applied as an outbound link and the rule was disconnected, packets were incorrectly dropped to the default route.
● Fixed an issue where applying a "Traffic Quota" rule to a bridge interface could cause an unexpected crash.
● Fixed an issue where "Traffic Quota" statistics were incorrect.
● Fixed an issue where "Traffic Quota" > [Log] was incorrect. Fixed an issue where button colors were incorrect when data was available.
● Fixed an issue where negative values appeared in "Statistics" under [SYN Protection].
● Fixed an issue where "SYN Protection" was not functioning correctly in some cases.
● Fixed an issue where ICMP packets could not be controlled when "Firewall Protection" was enabled under [IPv6].
● Fixed an issue where, when a policy was applied with SSLVPN as the "Source Network," packets could still enter the policy even if the account was not connected.
[IPSec Control]
● Added a query function to "Add/Edit" > "Source Network/Destination Network."
● Adjusted the "Add/Edit" > "Source Network"/"Destination Network" setting to allow selection of other IP information, such as "Address Table/Address Table Group," at the same time.
[SD-WAN Control]
● Added a query function to "Add/Edit" > "Source Network/Destination Network."
● Adjusted the "None" setting under "Add/Edit" > "SD-WAN." Added a prompt and prevented the setting from being saved when using [Add/Edit] > "Source Network"/"Destination Network" to allow the selection of other IP information such as "Address Table/Address Table Group" as part of the setting.

Updates - User Interface

==========
[Mail]
● Fixed
※ An issue where messages that triggered spam deletion had incorrect labels and could not be retrieved
[Relationship Map]
● Fixed
※ An issue where detailed email lists could not be displayed in some cases

[Settings]
[Message Notifications]
● Added
※ Support for email notification settings

==========

MAS / MArchive Series V7.0.5.2 Update Details

Applicable Versions
7.0.5.1 (1740465765)

Notes
After the software update, the system will automatically restart and resume suspended services.

Update Details Management Interface

==========

[System Management]
[System Settings]
● New
※ Support for importing or applying for multiple Let's Encrypt SSL certificates
※ Let's Encrypt supports applying for ESDSA certificates
● Fixed
※ [SSL Certificate] Issue where the original interface was not retained after refreshing the screen
[Backup Management]
● Fixed
※ [Full Backup Settings] Issue where HA functionality would not work when the data drive performing a full backup was moved to another device
[System Update]
● Fixed
※ Issue where the standby machine could not check for updates when High Availability was enabled
[Remote Log Server]
● Fixed
※ Issue where the output data format under "Log Settings" > "CEF" was incorrect in some cases
[Hard Drive Detection]
● Fixed
※ Issue where "Hard Drive Specifications" information was not displayed in some cases

[System Notifications]
[Basic Settings]
● New
※ "Quarantine List Compatibility with Outlook Email" feature setting to adjust email content compatibility with Outlook
● Fixed
※ In some cases, functions within quarantine or audit notification emails could not be executed when viewing them in IE 11.
[System Message Notification]
● Added
※ "[Authentication and Permission Management > OAuth Authentication] Office 365 OAuth Client Password Expiration" feature setting

[External Email Archive Management]
[Database Backup Settings]
● Fixed
※ In some cases, archived email data could not be retrieved.

[Structure Management]
[Basic Settings]
● Fixed
※ After modifying the "Gateway Mode" > "Authentication Method List for User Response" setting, functions did not function as configured.
[POP3 Collection]
● Fixed
※ When multiple accounts with the same name failed to receive a collection, only one failure notification would be displayed.
[IMAP Collection]
● Fixed
※ Issue with unclear prompts for Office 365 account types when verification failed.
※ When multiple accounts with the same name fail to receive a collection request, only one failure notification will be displayed.
[HERHSIANG Sync]
● Fixed
※ [Add/Edit] > "Server Management Interface Port Number" prompt displayed incorrectly

[Authentication and Permission Management]
[User Management]
● Adjustment
※ [Unblock] Added the ability to select an IP address for unblocking
[Account Integration]
● Fixed
※ [LDAP Account Integration] > [Add/Edit] > "LDAP Attributes" settings were not saved correctly in some cases
※ "Manual Sync" and "Auto Sync" running simultaneously resulted in duplicate synchronized data in some cases
※ "Search Local Account" settings were not displayed correctly in some cases

[Mail Auditing and Protection]
[Filters]
● Adjustment
※ [Add/Edit] Removed the 255-character limit for the "Send Notification Email: Notification Email Recipient" field in "Add/Edit"
● Fixed
※ [Add/Edit] When "Personal Information" rules were enabled, some matches were not correctly matched. Issue with "Date of Birth"
※ [Add/Edit] When enabling the "Personal Information" rule, the same data in "Phone Number" and "Mobile Number" was repeatedly checked.
※ [Add/Edit] > [Advanced Settings] When enabling the "Personal Information" rule, email processing took too long in some cases.
※ When the processing method was set to "Cc," email delivery did not work properly in some cases.
[Advanced Settings]
● Fixed
※ "Email Audit Settings" > "Send Audit Notification Emails Interval" was not correctly implemented in some cases.
[Mail Firewall]
● Fixed
※ "Email Firewall Settings" > "Sender Exception List" was not considered an exception even when the sender was empty.
※ "Email Firewall Settings" > "Abnormal Sending Detection" was not working properly in some cases due to excessive number of entries.

[Mail Encryption]
[Mail Encryption Rules]
● Fixed
※ "Edit" "Encrypted Recipients" was not working properly in some cases. Recipient field settings disappeared.

[Spam]
[Basic Settings]
● Adjustment
※ "AI Module": Added the "Synchronize Authorization File" feature to the "Upload SpamAI Authorization File" setting.
● Fixed
※ An error message would appear when clicking "Check for Updates" again while the "AI Module" is updating.

[Spam Protection]
● Fixed
※ [Basic Settings] "Greylist" not working properly in some cases.

[Log Query]
[Mail Log]
● Fixed
※ [Details] Email processing method not displayed correctly in some cases.
※ [Details] > "Host Receiving Communication Process" not displayed in some cases.
※ Attachment file names were blank in some cases.
[User Log]
● Adjustment
※ Added logs for users operating email functions in the "Mail Quarantine List" section.
※ Added console operation logs.
● Fixed
※ [Authentication and Permission Management > Account Integration] > [LDAP Account Integration] Issues with abnormal display of related operation logs

[Statistics Report]
[Statistics Report]
● Fixed
※ Issue with incorrect display of function pages in Firefox browser

[System Status]
[Statistics Chart]
● Adjustment
※ SpamAI information now included in CPU/Memory Load Graph

[Other]
[Interface]
● Adjustment
※ Due to the closure of LINE Notify, the related settings interface has been removed and a prompt for changing settings has been added.
● Fixed
※ [Login] Issue with blocked accounts still being able to log in
※ [Home] Issue with incorrect window display after logging in in some cases
※ [Home] > [Mail Virus > Scan Settings] Issue with no notification display when virus code update fails
※ Issue with loading the user list in some interfaces taking too long
※ Issue with incorrect start and end time determination in query time settings in some interfaces, causing anomalies
※ Issue with text displaying in a different language than the set language in some interfaces
[Mail]
● Fixed
※ Log errors occur when the message header contains multiple Message-IDs Message-ID is empty
※ When a subject line needs to be changed, DKIM information is incorrectly updated.
※ When processing large emails, insufficient memory may occur during processing.
※ In some cases, attachments may differ from the original file after email renaming.
※ In some cases, recipients in gateway mode may not receive emails.
[Console]
● Adjustments
※ Detailed scan mode can be changed for fsck during boot.
● Fix
※ System directories and files may be incorrectly displayed when entering specific characters.
[System]
● Adjustments
※ Support for TLS v1.3 for email-related services.
※ Changed the default fsck scan mode at boot to simplified scan mode.
● Fix
※ Services may not be properly re-enabled after a system restore is performed to suspend them.
※ In some cases, SMTP connections may become stuck if a specified response is not received.
※ In some cases, the spam service may not start properly.
※ Failed updates to some modules or virus engines may still display the updated version.
※ In some cases, unexpected paths and files may be deleted.
※ The high availability package Rsync has vulnerabilities CVE-2024-12084 and CVE-2024-12085. Updated package versions are available.
※ Some high availability services do not properly filter messages, posing a vulnerability risk.
※ ClamAV has a DoS vulnerability CVE-2025-20128. Updated ClamAV versions are available.

==========

[Contacts]
● Added
※ [Import Local Account] Added "Group Account" / "Department Account" to the import options
● Fixed
※ "Shared Contacts" cannot access sub-directories when there is no parent directory permission
※ When deleting the parent directory of "Shared Contacts", the data of the sub-directory is not removed correctly
※ When executing the check items in the [Import Local Account] interface, some situations are not executed correctly
[Calendar]
● Added
※ "Share Calendar> Read and Write" adds the "Read and Write Permission Enhancement" function, and members in this calendar are allowed to edit other people's events ● Adjusted
※ Display data monthly, and do not display calendar events that are not in the current month
※ When operating the interface, the calendar will be automatically synchronized at a fixed time
● Fixed
※ "GOOGLE" > [Synchronize] error
※ [Add/Edit] Calendar event, the interface displays abnormally when the date is entered using the keyboard
※ After the calendar event is edited in TEXT format, the invitation letter sent is still regarded as HTML Parsing issues
※ In some cases, when the system and browser time zones are different, an error occurs when adding a calendar event
※ In some cases, after the calendar is changed, it is not correctly synchronized with CalDAV
※ In some cases, when editing an event created by others, the "Event Invitation" confirmation will be triggered incorrectly
※ In some cases, the date and time in the [Event Invitation] email is incorrect
※ In some cases, the content in the [Event Invitation] email is too long, resulting in a problem that it cannot be displayed normally
※ The event owner is not notified when deleting an event
[E-Newsletter]
● Adjustment
※ [Event Log] > [Advanced Search] cannot correctly search when setting the "Start/End Date"
[Others]
● Added
※ Support [E-mail Encryption] related function interface and settings
※ Support [E-Newsletter] related function interface and settings
※ [Settings] > [E-mail Audit Management] function setting items
※ Added a defense mechanism for a large number of abnormal connections such as dos attacks and password guessing attacks
● Adjustment
※ Added two-step verification when switching accounts
※ For verification of signed emails, the email content verification link supports the new interface display
※ Strengthened Ajax encryption security, adjusted encryption algorithm and signature verification function
● Correction
※ [Login interface] Added graphic verification function when verification fails multiple times
※ [Login interface] In some cases, the button cannot be displayed correctly when the window is reduced
※ [Login interface] The problem of being able to log in after the account has been banned in the management interface
※ [Login interface] When the password is blocked, the correct password can still be entered to log in
※ [Login interface] When the authentication fails, the prompt information is unclear
※ When the function exports csv format files, some language texts will be displayed as garbled characters
※ After the account is logged out, other function interfaces are not automatically logged out
※ In some cases, the email cannot be loaded correctly and the CPU load increases
※ In some cases, the link in the password expiration notification email cannot be used to change the password

[WebMail]
[Mail]
● Fix
※ Some emails continue to display the content as loading and cannot be viewed
※ In some cases, the email content displays abnormally when multiple emails are opened at the same time
※ In some cases, the image in the content cannot be displayed
※ When there is only one email in the email list, the email will be automatically opened and read after checking Select All
[Bulletin Board]
● Fix
※ When the recipient is selected as "Everyone", the recipient will include deactivated accounts
[E-Newsletter]
● Adjust
※ E-Newsletter supports TLS encryption for sending
● Fix
※ [Add/Edit] > [Upload File] When using eml files, in some cases, the DKIM judgment of the email is abnormal
※ [Add/Edit] > "DKIM Settings" has been correctly set, but it still displays "TXT data does not match"
※ In some cases, the TLS connection cannot be sent successfully
[Settings]
● Adjustment
※ [Personal Settings] > "Two-step Verification" > [Settings] > "Verification Days" is changed to prioritize the settings in the management interface
● Fix
※ [Auto Reply] The "Auto Reply" function is not executed when the email is a copy recipient
※ [Personalization Rules] > [Blacklist/Whitelist] In some cases, accounts starting with an asterisk (*) cannot be added
※ [Personalization Rules] > [Blacklist/Whitelist] Accounts containing a less than (<) symbol cannot be displayed correctly
[Others]
● Fix
※ In some cases, the antivirus will mistakenly detect threats on the login page
[Outlook Connector]
● Fix
※ The NULL character appears in the calendar event, causing abnormal synchronization of data
※ When synchronizing contacts in the new version of Outlook, the problem of not being able to run normally due to differences in the data file storage format

[Others]
[Interface]
● Adjustment
※ Due to the closure of LINE Notify service, the relevant setting interface has been removed, and a prompt to change the setting information has been added
※ When the function only supports WebMail or New Webmail, the description content will display the supported WebMail version
※ Strengthen the security of the management interface and adjust the response mechanism for abnormal requests
※ [Management interface][Home] Unify the display format of warning information
● Fix
※ [Management interface][Home] > "Mail Server Service" The status display is incorrect in some situations
※ In some password setting related interfaces, the password does not work properly when double quotes (") are used
[Console]
● Add
※ Enable the rescue account (admin_help) function to generate a temporary administrator account password
※ "factory_reset" restore factory default function item
● Adjust
※ Remove the restore default account and password (admin_pw_def) function item
※ [HA] Add display of "Ha IPv6" IP information
● Fix
※ [LAN] > "IPv6 IP" information is not displayed
※ When entering specific characters, the system directory and files will be displayed incorrectly
[Mail]
● Fix
※ When the recipient field in the email is too large, the program will cause an exception
※ In some cases, the SPAM service is not run correctly
※ When there are multiple "Message-Id" in the email header, the email processing will be abnormal
※ When the email recipient includes a group account, when replying to the delivery receipt (DSN), the recipient will list all members of the group
※ When the domain is deleted, the account in the domain can still send emails
[System]
● Adjustment
※ Improve the security of management accounts and cancel the use of the administrator's default account (admin) (after the update, the system will require removal and replacement)
※ Strengthen interface security, add relevant protection parameters and restrict access rights
● Correction
※ [User Management > Account Management] In some cases, when deleting users, unexpected paths and files may be deleted
※ The mail program has a Postfix SMTP Smuggling vulnerability
※ After some packages fail to download, you have to wait for a day before re-downloading, and the package cannot be used during the process
※ Some interfaces have SQL injection issues

==========