Hillstone Networks has released the latest version of its operating system, StoneOS 5.5R11. This update includes over 200 new features and enhancements designed to strengthen threat protection and facilitate enterprise network operations in an increasingly complex and demanding environment.
The main innovations of StoneOS 5.5R11 are the access to the network of trust zero (ZTNA) for intranet, integration with Azure Active Directory (AD), support for encryption Transport Layer Security (TLS) 1.3 and Restful APIs, HTTP/2 and HTTP/3 based threat prevention, performance-based SLA-based WAN route control, and better policy management.
“These innovations allow organizations to more effectively address the growing cybersecurity threats, especially in a context marked by the proliferation of own devices (BYOD) and new business scenarios,” explained Rafael Santana, Chief Executive Officer of Hillstone Networks Channel Enablement Manager.
ZTNA provides more comprehensive access control and increased security
ZTNA for the intranet: To reduce the attack surface within the intranet, we have introduced ZTNA for intranet access along with the existing ZTNA for the internet.
TLS 1.3 handshake for ZTNA: Before data transmission, ZTNA establishes an encrypted tunnel through the TLS 1.3 handshake to ensure secure communication. However, the TLS 1.2 handshake is slow as it requires two additional rounds.
Integration with Azure AD: The new version of StoneOS supports Azure AD as an AAA server for SSO in ZTNA, SSL VPN and WebAuth.
Restful API for ZTNA: Without a Restful API, integrating ZTNA with other business tools can be challenging, leading to fragmented workflows. ZTNA now provides Restful APIs for terminal information and tags, policies and more.
Next-generation Threat Protection Capability: StoneOS introduces threat protection for HTTP/2 and HTTP/3 traffic, thus enhancing the existing firewall protection capabilities.
Threat protection for HTTP/2 and HTTP/3 traffic: StoneOS R11 applies C&C botnet, IPS, Sandbox, Perimeter Traffic Filtering, Anti-Virus, URL Filtering and Data Security in HTTP/2 and HTTP/3 traffic. Simplified SD-WAN
Increases Business Efficiency: Improving performance SLA-based WAN route control and zero-touch email-based provisioning (ZTP) for SD-WAN, simplifies operations and reduces expenses.
Performance SLA-based WAN route control: This release introduces performance SLA-based WAN route control, allowing only high quality links that meet latency, jitter and packet loss thresholds to participate in load balancing.
ZTP based email for SD-WAN: ZTP allows devices to configure themselves when connected to the network. In addition to USB disk-based ZTP, the new version now supports email-based ZTP, allowing configuration files to be sent directly to devices by email.
Policy management improvements and useful tools to refine and simplify processes
Optimized policy wizard with detailed statistics: StoneOS R11 has an improved policy wizard that allows for detailed filtering by hits count, upstream and downstream packets, and bytes. This improvement facilitates more accurate policy analysis and relationship management, thus improving performance and increasing the effectiveness of security management.
More analytical policy redundancy verification: The latest enhancement optimizes the policy redundancy verification mechanism by incorporating both partial redundancy and conflict analysis, and also provides detailed information and recommendations for remediation. This leads to simplified policy management, reduced conflict and improved overall system efficiency.
Easier use of the Command Line Interface (CLI) in WebUI: With new support for logging into the CLI directly from WebUI, Users can easily implement or verify settings that used to be available only on the CLI on the same page while reviewing postures.
