Where would we be without software? As we all know, it is the life blood of technology — the brains behind the braun of hardware, and the engine that provides intelligence, security, the ability to optimize performance and enhance user experience, and much more. Our regularly scheduled firmware updates enable us to build in new features that continually enhance the value and capabilities of your Digi cellular routers, servers, and infrastructure management systems, and rapidly deploy security patches and bug fixes as well.
Digi Accelerated Linux 操作系统(DAL OS)为我们的解决方案提供了强大的智能,实现了自动化、安全性、带外管理和其他复杂的功能,满足了企业、工业、交通、政府和医疗领域用户和网络管理员的需求。
DAL OS与我们基于云的远程配置和管理工具 Digi Remote Manager®(我们基于云的远程配置和管理工具)集成在一起,这些重要的软件产品使使用和管理Digi解决方案的人员无论将设备部署在何处,都能获得可视性和无缝访问其设备的全部价值。
In this blog post, we showcase the great new features we've added to Digi Remote Manager and DAL OS version 24.3.28.88. We invite you to take a minute and walk through the most important highlights of our software’s latest additions and changes.
哪些 Digi 设备支持 DAL 操作系统?
Digi 拥有大量基于 DAL 操作系统的设备,包括路由器、控制台服务器、USB 管理设备和其他基础设施管理产品,而且这些设备的数量还在不断增加:
Digi 的重点支柱
The following software features revolve around the four pillars of Digi: security, ease of use, resiliency, and cost savings. Each section describes our latest patches and updates.
安全
任务和业务关键型设备通常会在现场运行多年。在 Digi Accelerated Linux 操作系统的每个重要版本中,我们都会处理常见的漏洞和风险(CVE),包括与 CVE 相关的持续监控、警报和通知。
Digi is highly focused on cybersecurity, and we provide a range of tools, resources and value-added services to our customers.
Our ongoing monitoring and regular updates of DAL OS are a part of our complete offering. You can learn more about Digi cybersecurity in our Security Center, our Digi TrustFence® page, and our Value Added Services page.
Updates for urgent CVE patches:
- Linux kernel version 6.7
- Python version 3.10.13 ( CVE-2020-10735, CVE-2023-40217, CVE-2023-24329, CVE-2023-0286, CVE-2022-4303, CVE-2022-4303, CVE-2022-37454, CVE-2022-42919)
- OpenVPN 2.6.9 (CVE-2023-46850, CVE-2023-46849)
- mosquitto 2.0.18 (CVE-2023-28366)
- dnsmasq 2.89 patch (CVE-2023-28450)
- rsync 3.2.7 (CVE-2022-37434, CVE-2022-29154, CVE-2018-25032)
- Netifd/ubus/UCI/libubox 22.03
The access-control list (ACL) rules for the SNMP service in DAL OS was also updated to prevent external WAN access by default.
投资回报率
Monitor your site performance with Ookla Speedtest
The Ookla speed test is an integrated troubleshooting tool within Digi Remote Manager for evaluating WAN connection performance. The tool can be utilized on any Digi router than runs DAL OS with any type of Internet connection, whether that is a cellular modem, wireless Wi-Fi WAN, and wired WAN connection.
The speed test provides results for throughput, jitter, and latency of a device's WAN connection, which can help you identify the optimal location for installing the Digi device. The Speed Test History tab in Digi Remote Manager can also be utilized for monitoring for any changes in expected throughput at the site.
Audit firmware and configuration changes through Digi Remote Manager
Digi Remote Manager has a wealth of information for monitoring and managing your Digi devices. For devices managed by multiple entities, having historical records of when major changes happened on the device is critical for auditing and troubleshooting purposes. Two new pieces of information now available in Digi Remote Manager are the Firmware History tab on the device’s details page and the Configuration Change History in configuration template. These can be utilized to have a historical record of when firmware updates and configuration changes happened to your fleet of devices, what those changes were, and records of who made those changes, all of which are crucial information when troubleshooting a device that is not behaving as expected or when complying with annual system audits.
易于使用
View your Digi RM licenses information
Managing your Digi Remote Manager premier license subscriptions just got a lot easier.
System administrators can now see in their Account subscriptions a live count of active Digi RM licenses and their expiration dates, which helps with planning license renewals and adding devices to their account.
Expanded VPN support with Wireguard
Digi devices already supported multiple VPN protocols like IPSec and OpenVPN, and now we have expanded that to include the WireGuard VPN protocol directly in the Digi firmware. WireGuard is a simple, fast, lean, and modern VPN that utilizes secure and trusted cryptography. WireGuard operates at the network layer to provide communication between devices over a public network. It encrypts and encapsulates traffic to protect information.
WireGuard supports full networking capabilities including standard, policy-based, and static routes, as well as firewalls. In addition to having IPs inside the tunnel, like IPSec and OpenVPN, you can use this WireGuard for policy-based routing to send only certain traffic through the tunnel or use it for static routes to send routing and networking through regardless of the source IP. Digi devices can be configured to establish one or more WireGuard VPN tunnels, as well as handling both client-mode (outbound) and server-mode (inbound) connections.
- Client mode, configure the Digi device to act as a client, so it establishes an outbound WireGuard VPN tunnel to a remote server.
- Server mode, configure the Digi device to act as a server, so one or more remote devices can establish an inbound WireGuard VPN tunnel to the device.
See this section in our Digi user guides for details on setting up, monitoring, and managing WireGuard VPN tunnels on your Digi devices.
Roll-up datastream metrics by average or total usage by day
Each datastream metric that is tracked by DigiRM over time can be inspected to view those datapoints individually. New enhancement is the datapoints can be condensed and view as a single metric per day, where the metric is the sum total or average of the datapoints by day. This provides powerful insights and notifications for changes in the device over time, or with alerting on spikes in daily device usage.
复原力
Enhanced versatility of Automation steps with multiple match strings
Digi Remote Manager’s Automation feature has proven to be a powerful tool to users for performing complex, custom tasks or services on their Digi devices.
Digi has expanded the versatility of Automations even further by adding the ability to add one or more matching filters to an Automation step, ensuring that the Automation dynamically determines and performs the defined task on the desired target devices, all without the user having to manually specify those devices beforehand.
Secure layer-2 network traffic over a private cellular network with GRETap tunneling
Digi devices running DAL OS have supported IP tunneling with GRE/mGRE, and now expand that to include GRETAP tunneling. A Generic Routing Encapsulation Terminal Access Point (GRETAP) tunnel operates on OSI level 2 and encapsulates Ethernet traffic in IPv4 packets as described in RFC 2784, which can be utilized to create a multi-site layer-2 flat network. This type of multi-site networking is incredibly beneficial for private cellular networks for sending realtime data between sites while minimizing packet overhead and latency.
More information on setting up an GRETAP IP tunnel can be found in our Digi user guide.
Improve cellular connection reliability at congested sites by locking the modem to a particular set of LTE or 5G bands
Cellular connectivity sometimes require site-specific settings to ensure it is connecting to the best tower or the desired cellular network, especially for MVNO SIMs or sites that have multiple towers in the area with one being clearly the best. Users now have the ability to lock the Digi device to utilize a specific set of LTE or 5G bands at a site, or configure the Digi device to exclude a specific set of bands from use.
This should be a rarely-used option, as the Digi device and cellular network have built-in optimization tools for determining the best tower and bands to utilize for each active cellular connection. However, for the sites that need this manual intervention, having the ability to lock the modem to specific cellular bands can ensure a stable and lasting cellular connection.
Monitor changes on your Digi router with SNMP and email alerts
Device monitoring happens at multiple levels depending on how users need that information integrated into their systems. Digi Remote Manager is Digi’s primary and most versatile tool for actively monitoring and fully managing your Digi device. That said, many users have their own external systems for monitoring their equipment. Digi devices that run DAL OS now support two new options for providing system-level notification alerts: SNMP traps and SMTP emails. Digi devices can be configured to sent one or more event types as SNMP traps or SMTP email to one or more remote servers. See this section in our Digi user guide for more information on setting up external event notifications.
完整更新日志
有关新 DAL OS 固件中包含的上述功能的详细信息,以及其他增强功能、错误修复和安全更新的详细信息,请参阅相关产品系列的更新日志链接:
If you have any questions or concerns about the below features, or for assistance updating your device(s), please contact the Digi Support team at tech.support@digi.com.
下一步工作