软件更新对于优化性能、增强用户体验和确保高度安全至关重要。Digi 致力于为我们的网络解决方案定期提供固件更新,这不仅是为了及时部署安全补丁和漏洞修复程序,也是为了启用新功能,不断提升您的 Digi 蜂窝路由器、服务器和基础设施管理系统的价值和功能。
Digi Accelerated Linux 操作系统(DAL OS)为我们的解决方案提供了强大的智能,实现了自动化、安全性、带外管理和其他复杂的功能,满足了企业、工业、交通、政府和医疗领域用户和网络管理员的需求。
DAL OS与我们基于云的远程配置和管理工具 Digi Remote Manager®(我们基于云的远程配置和管理工具)集成在一起,这些重要的软件产品使使用和管理Digi解决方案的人员无论将设备部署在何处,都能获得可视性和无缝访问其设备的全部价值。
Digi is excited to announce that we have added several great new features to Digi Remote Manager and DAL OS version 23.12.1.56. We invite you to take a minute and walk through the most important highlights of our software’s latest additions and changes below.
哪些 Digi 设备支持 DAL 操作系统?
Digi 拥有大量基于 DAL 操作系统的设备,包括路由器、控制台服务器、USB 管理设备和其他基础设施管理产品,而且这些设备的数量还在不断增加:
Digi 的重点支柱
以下软件功能围绕 Digi 的四大支柱:安全性、易用性、弹性和成本节约。
安全
任务和业务关键型设备通常会在现场运行多年。在 Digi Accelerated Linux 操作系统的每个重要版本中,我们都会处理常见的漏洞和风险(CVE),包括与 CVE 相关的持续监控、警报和通知。
Digi is highly focused on cybersecurity, and we provide a range of tools, resources and value-added services to our customers.
Our ongoing monitoring and regular updates of DAL OS are a part of our complete offering. You can learn more about Digi cybersecurity in our Security Center, our Digi TrustFence® page, and our Value Added Services page.
Updates for urgent CVE patches:
- Linux kernel version 6.5
- OpenSSH 9.5p1
- OpenSSL 3.1.3 (CVE-2023-4807, CVE-2023-3817)
- curl 8.4.0 (CVE-2023-38545, CVE-2023-38546)
- frrouting 9.0.1 (CVE-2023-41361, CVE-2023-47235, CVE-2023-38802)
- sqlite 3.43.2 (CVE-2022-35737)
- Netifd/ubus/UCI/libubox 21.02
There were also two SCEP-related updates to remove sensitive SCEP details from the internal system logs, as a precautionary measure to ensure any SCEP keys or passphrases cannot be read from the Admin CLI or web UI.
易于使用
Quickly get to the pages in Digi Remote Manager with our improved navigation menu
The navigation menu on the left side of the Digi Remote Manager site has been streamline and simplified.
Gone are the days of nested menu items, and the admin-related pages have been moved under the Setting icon on the top-right of the site to better highlight the device management and Insights sections of Digi Remote Manager, which is where your day-to-day tasks will be done.
Further organize access to you devices with nested sub-accounts
Many Digi Remote Manager users handle devices that either belong to end customers they are managing or are shared with other companies for tasks like third-party support or auditing. Digi Remote Manager now supports multiple tiers of sub-accounts for greater flexibilty for service providers and large corporations that wish to segregate their devices based on individual customers or user bases.
Quickly scan and remediate one or more devices for configuration compliance
Digi Remote Manager offers configuration profiles for maintaining and managing the proper firmware version, configuration settings, Digi Containers, and filesystem settings on Digi devices. Historically, the Configuraton Profile would scan all devices within the groups linked to the profile. Now, users have an option to selectively choose which devices they would like to have the Configuration Profile scan outside of its automated schedule, thanks to the Scan Configuration item added to the Actions drop-down menu on the Devices page. This can be utilized to perform ad-hoc configuration scans and remediations on one or more selected devices, which can greatly assist users when staging or troubleshooting specific sites in their account.
复原力
Expand your use of DMVPN with OSPF routing
Dynamic routing helps keep your network packet handling up to date, and ensures your data gets to where it needs to go. Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual private network (VPN). It uses a multi spoke-to-hub network in which the network addresses of the spoke routers do not need to be known, and therefore do not need to be configured in the hub router.
Digi routers have supported DMVPN phase 3 spoke tunnels along with NHRP and mGRE routing protocols since our 23.3 firmware release. Now, Digi has expanded our DMVPN support to include OSPF routing through the DMVPN tunnel, which leverages link-state routing to share routes amongst DMVPN spokes and determines the best logical path for every possible destination in the shared network.
更多详情,请参阅 Digi 设备用户指南的DMVPN 部分 。
Rapid Spanning Tree Protocol
Digi devices expand their network bridging capabilities by now supporting RSTP in addition to standard STP. RSTP can provide incredibly valuable benefits and improvement in overall uptime of the network by allowing users to customize the bridge priority for each router, switch, or bridge on their network. RSTP also provides a faster response to topology changes (2-6 seconds compared to 30-50 seconds with STP). Note that to utilize RSTP on your Digi device, all other routers/switches/bridges on the network must also support RSTP; otherwise, it will fallback to using STP. See "Configure a bridge" in the user guide for more details about setting up STP/RSTP options on your Digi device.
Keep an always-on remote out-of-band access to your serial consoles using device-initiated Realport connections
Digi RealPort allows users to easily network-enable devices connected to the serial port(s) of a Digi device, providing users the ability to remotely connect to those serial devices as if they were a native COM/TTY port on their PC.
The new Device-initiated mode for RealPort takes this one step further, by having the Digi device automatically establish the RealPort connection to the user’s PC, thereby removing the requirement for the Digi device to have an IP address that the PC can directly reach. Users can now have an always-available COM port to connect to their remote serial equipment behind the RealPort Digi device.
投资回报率
Monitor additional onboard equipment by using the Digi TX54-series ignition sense as a digital input
The ignition input on the power input port for the Digi TX54 router provides a way for the device to properly shut down or delay its shutdown after a vehicle is turned off. This option is especially important in situations where the TX54 must upload mission-critical data after the vehicle is parked and out-of-service for the day.
Now users can expand the use of the Ignition sense line on the TX54 router so it also acts as digital input for monitoring and reporting on changes to relays, physical switches, or buttons in the vehicle. What’s more, the power button on the front of the TX54 also can now be utilized as a manually-triggered digital input, for technicians or installation teams that need to keep track of how many times the device has been serviced.
Improve your WAN bonding performance with a bonding proxy
Digi WAN Bonding integrates Bondix S.A.NE software to optimize and extend the capabilities of your Digi connectivity solution. The S.A.NE software now includes a Bondix proxy to further optimize standard TCP traffic such as web browsing and speed test, providing users with faster observed throughput on their Digi devices.
This WAN bonding proxy can be enabled and configured along with all the other WAN bonding settings already available in the Digi device’s configuration, including the ability to manage and update these settings all together through Digi Remote Manager. See the Use Digi Remote Manager to enable and configure WAN bonding on multiple devices section in the user guide for more details.
Keep legacy BOOTP equipment alive by connecting it to a Digi router
BOOTP is an older protocol utilized on industrial networking equipment before DHCP became the prevalent protocol for devices to get a dynamically-assigned IP address to their device. Digi devices now support the ability to provide dynamic IPs to client devices via both DHCP and BOOTP protocols. See "Configure a local area network (LAN)" in the user guide for details about setting up a LAN DHCP network on your Digi device.
完整更新日志
有关新 DAL OS 固件中包含的上述功能的详细信息,以及其他增强功能、错误修复和安全更新的详细信息,请参阅相关产品系列的更新日志链接:
If you have any questions or concerns about the below features, or for assistance updating your device(s), please contact the Digi Support team at tech.support@digi.com.
下一步工作