What's New in 2.2.8

Version 2.2.8 of our product includes many new features and enhancements.

What’s New

New Airwall Gateway Hardware – the Airwall-110

The Airwall-110 Series is a major upgrade for the 100-Series, with higher performance and global cellular connectivity – all in a smaller form factor that maximizes the v2.2.8 improvements. The Airwall-110 has more (4x) bandwidth performance and two serial ports, runs all Snort intrusion detection monitors, handles up to 6 HD video streams, and has more storage and memory (so it has higher capacity, quality, and scalability for production environments).

See more: Airwall Gateway 110 Series

New cellular modem support

Version 2.2.8 supports the upcoming North America and Global cellular expansion trays for our Airwall-150 appliance. These LTE Category 4 expansion modules come in two variants supporting North America and Rest of World. These expansion trays allow you to connect your Airwall 150 to more cellular carriers in more countries including the United States, Canada, Australia, New Zealand, Japan, the European Union, and other countries recognizing CE RED certificates.

Conductor Dashboard and Usability Improvements

The Conductor Dashboard has been improved to give you a broader look into the status of your Airwall secure network. New features include:
  • Ability to pin pages you visit frequently
  • See how many Airwall Edge Services are online, and how many authenticated users are logged in.
  • Easily manage new provisioning requests
  • See when new firmware and software is available, and easily update your network.
  • Improved user onboarding workflow (see Improved User Management below)

Improved User Management and Remote Access User Features

Remote access user management has been expanded to scale for large organizations, with the Conductor doing most of the work that admins used to have to do to invite, onboard (especially installing and activating the Airwall Agents), orchestrate, and authenticate remote access users. Onboarded users can see what they can access through the overlay networks in Conductor, eliminating frequent support calls to Conductor admins for help getting server IP addresses.

See more:

Enhanced Monitoring

You can now set monitor thresholds on health data and traffic stats to detect potential problems before they occur. We have redline stats for performance metrics of the Airwall Gateway, and for volumetric traffic stats.

Seamless Bypass (split tunnel)

Seamless bypass enables you to deploy without knowing all of the hosts to allow in an overlay policy. Seamless bypass replaces the need to create policy exceptions, and reduces the complexity, extra hardware, extra cabling, and reliance on configuration of your underlay infrastructure.

See more: Local Bypass

Alibaba Cloud Conductor and Airwall Gateways

You can now use Alibaba Cloud to deploy cloud Conductors and Airwall Gateways, and seamlessly connect cloud Conductors and Airwall Gateways with each other, as well as virtual and on-premises or physical environments. You can deploy an Airwall secure network on all of the major cloud providers.

Routed Port Group Improvements

The ability to configure port groups can give you up to a 30% performance increase for common deployment cases using a single interface in the overlay port group (for example, cloud gateways, virtual gateways, and optionally on physical gateways). It is simpler to deploy and avoids multicast/broadcast chatter over the tunnel.

Custom signed Certificate Improvements

You can replace a signed certificate on the Conductor with the old certificate remaining active until the new certificate is activated.

See more: Add or Replace a Signed Certificate for the Conductor UI

Easier Deployment of High Availability Cloud Conductors

The Airwall Solution has automated the process of creating high availability Conductors in the cloud across different providers. You can now back up your Conductor and easily create an HA standby in the cloud using the Conductor's automated process and be guaranteed a successful cloud HA deployment.

See more: Automatically Create an Standby HA Conductor in the Cloud

Remote Airshell Access into Airwall Gateways

You can securely log in to the overlay IP address of an Airwall Gateway with key-based SSH, and run Airshell (airsh) commands remotely. Airsh has been enhanced to perform many of the functions of diagnostic mode. Remote access can help avoid in-person visits to perform diagnostics and troubleshooting. Status and statistics are available using airsh, which includes tab-completion and inline help.

Port configuration replication

You can now replicate the port configuration between two Airwall Gateways when setting up an Airwall Gateway HA pairing, or when replacing an Airwall Gateway.

Device Manufacturer (MAC address OUI) is now displayed

The Devices list now shows the manufacturer's name determined from the MAC address OUI (organizationally unique identifier), where available, in the OUI column. You can also now update the OUI list as needed.

Manage Airwall Agents through an MDM

Some MDM solutions now support managing Airwall Agents.

See more: Manage Airwall Agents through an MDM (Mobile Device Management) solution.

SD-WAN

An option was added to expose the Differentiated Services Code Point (DSCP) field of the inner IP header (plaintext) to the outer (encrypted) encapsulating header. This allows for classification of different types of network traffic for routing and prioritization purposes.