Resource

Product Version

LightWAN Release Notes

Release 6.0
2024-9-24

Enhanced SASE Capability:

  • Enhanced LightWAN Security Service with support for security instance configurations, offering a comprehensive SASE security solution..
  • Deep integration with H3C firewall supports features like antivirus, URL filtering, content filtering, and file filtering.

Localization and Compatibility:

  • Orchestrator supports deployment on servers with China's Hygon processor.
  • Added support for Windows clients on the ARM architecture.
  • Ubuntu Linux client support is added.

Enhanced Network Performance:

  • Significant improvements in CPE engine UDP processing performance.
  • Optimized policy-IP Set matching and enhanced data forwarding efficiency.
  • Optimized AI-based routing algorithms.

Enhanced Hardware CPE:

  • Introduced new desktop 4G CPE models.
  • Improved user experience on Mifi devices.
  • Introduced support for additional H3C integrated devices.

Enhanced Security Measures:

  • Enhanced two-factor authentication (2FA) with OTP methods for Orchestrator login security.
  • Improved device binding experience for client login.

Boosted Management Funtions:

  • Significantly optimized dashboard and reporting functionalities.
  • More granular configuration support for alert rules.
  • Added a GUI for CPE key injection on the Orchestrator platform.
This release also includes numerous UI interaction enhancements and fixes for known issues, significantly improving user experience.

Release 5.8
2023-12-30

Innovative SASE solutions:

  • SASE: An innovative solution offering enhanced security protection for enterprise networks.
  • Deep Integration with H3C Firewall: LightWAN is now deeply integrated with the firewall service provided by H3C, enhancing the security capabilities of LightWAN CPE.

Optimized network features:

  • OTP Authentication: LightWAN Orchestrator supports OTP authentication for login, significantly enhancing the system's security.
  • DingTalk Login Integration: Streamline your login experience with our SSO integration, allowing users to access our client directly using their DingTalk accounts.
  • Loop Detection: Layer 2 LAN supports loop detection, effectively preventing network failures.
  • Site Hierarchy Management: This feature enables users to manage sites with flexibility, aligning with their organizational structure for streamlined operations.
  • Portable MiFi CPE with WiFi Relay: MiFi CPE offers portability and enhances network access flexibility through its compatible WiFi network relay.
  • Smart Outgoing Interfaces Switching: Intelligently switches outbound interfaces based on the quality of the end-to-end connection to target applications, guaranteeing an optimized network experience.
  • Dedicated Static Proxy Gateway IP for Targeted SaaS Application: In response to specific customer business requirements, we now offer a dedicated static proxy gateway IP for streamlined access to select SaaS applications.
  • Alerts Visualization on Dashboard: An optional alerts widget has been introduced to the dashboard, offering immediate visual insight into network risks and enhancing situational awareness.

Improved Operating System Compatibility:

  • EulerOS Supported: LightWAN Orchestrator, PoP, and vCPE are supported with EulerOS, catering to the needs of localized network deployment in China.
  • Software Client for Ubuntu OS:Ubuntu users can now access SD-WAN services directly through our compatible software client (for Linux), ensuring a smooth and integrated experience.
Beyond the new features, this update includes extensive user interface enhancements and resolves known bugs, ensuring a more seamless and reliable user experience.

Release 5.7
2023-08-30

Features:

  • CPE supports IP+MAC binding.
  • CPE LAN port supports configuring multiple IP.
  • Support per source IP and destination IP rate limiting for site to site networking.
  • New CPE model: LW2506.
  • 5G CPE supports UNISOC modules.
  • LW1301-MiFi WAN supports internet access by connecting to external wireless networks.
  • Export operation logs of client accounts.
  • Manually unlock client account by administrators.
  • Improved system reliability and UI interaction experience.

Release 5.6
2023-05-30

Features:

  • Optimize network performance for CPE.
  • Support for management of shared bandwidth subscription.
  • Support for eSIM.
  • Support for one-click diagnostics for POP.
  • Publish LW1301-MIFI portable CPE.
  • Support for specifying the maximum number of online mobile accounts by group for a customer.
  • Optimize interaction with the map on the Dashboard page.
  • Optimize Open APIs.
  • Optimize clustered CPE backup management.
  • Optimize CPE chart.
  • Optimize IPv6 configurations.

Security Vulnerability Fixes:

  • CVE-2022-31626
  • CVE-2022-31625
  • CVE-2021-21708
  • CVE-2022-31630
  • CVE-2022-31628
  • CVE-2022-31629

Mobile Release 5.6
2023-05-30

Features:

  • Support for password reset by email.
  • Support for custom logo.
  • Optimize automatic software client upgrades.

Release 5.5
2023-01-30

Features:

  • LightWAN service that supports a combination of SD-WAN and MPLS.
  • LightWAN service that supports multiple APNs/WANs for a IoT SIM card.
  • Optimize the mechanism for advertising route.

Release 5.3
2022-11-17

Features:

  • Support for DNS probes.
  • Support for LAN BGP neighbour states test in cluster mode.
  • Support for Connection exception test and auto-recovery.
  • OSPF protocol supporting with NSSA.
  • Support for Application Statistics.
  • Optimize Open API related to Sites and CPEs.
  • Strengthen link resources management and Chart module.
  • Optimize subscription extension and Chart representation.
  • Optimize Site Chart.
  • Optimize backup mode for Site WAN.
  • Optimize LightWAN security and reliability.

Mobile Release 5.3
2022-11-17

Features:

  • Support for OTP authentication.
  • Support for login device binding.
  • Support for Intranet Mode of Site.
  • Support for resetting password when forgotten.
  • Support for SM3 and SM4 algorithms.
  • Optimize login security.
  • Optimize mechanism of network connection.
  • Optimize automatic client update.
  • Optimize log view.
  • Optimize UI design of client.

Release 5.2
2022-06-22

Features:

  • CPE/POP NAT ALG supporting with H.323 protocol.
  • All-In-One deployment supporting with cluster of Master and Backup.
  • Optimize IPv6.
  • Optimize Site and CPE Chart.
  • Optimize CPE LAN and ARP.

Bug Fixes:

  • Error notification when delete Sites.
  • Wrong report about CPU utilization in Site Chart.
  • SNAT Rules can be saved successfully without Subnet.
  • Read-Only Users cannot view the status of SNAT and DNAT.

Mobile Release 5.2
2022-06-22

Features:

  • Support for login device binding.
  • Support for Single Sign-On (SSO).
  • Support for manually checking for update.
  • Support for launching at start-up.
  • Client for Windows users supporting with network acceleration for the device accessed through hotspot.
  • Client for Windows users supporting with verification of running environment.
  • Support with Linux (Kylin & UOS).

Release 5.0
2022-03-15

Features:

  • Support for Security Zone & Multi-Tenant Site.
  • Support for IPv6.
  • Support for Open API.
  • Support for system patch automatic upgrade.
  • Support for one-click gathering system information.
  • Support for backup WAN interface.
  • Support for ACL protection on LAN.
  • Support for web-based authentication and auditing of wired devices.
  • Support for URL Audit.
  • Support for Log files size and quantity configuration.
  • Support for IPSec aggressive mode.
  • Support for PPPoE unicast in HA environment.
  • Support for disabling SNAT/DNAT rules.
  • Update one more alert for monitoring OSPF/BGP neighbor status.
  • TopN statistics supports user-defined N value.
  • Windows client supports operating system checking.
  • Optimize User Portal Dashboard.
  • Optimize subscription expired notifications.

Bug Fixes:

  • Errors were detected when network segments of WAN set different with HA mode configuration.
  • Inconsistency of Chinese and English presentations of subscription module configuration.
  • Fail to build/modified site by filling in external IP.
  • Pagination displayed differently after modifying the page content.

Release 3.5
2021-10-30

Features:

  • Hub Site supports CPE Cluster mode.
  • Dual Hub Transit Topology.
  • Support commercial cryptography algorithm.
  • The CPE device can access the trusted gateway, but cannot access others gateway devices.
  • Created CPE device SN library, forbidding unknown devices to be online.
  • CPE supports Bonding interface.
  • NAT Audit function.
  • The Layer 2 networking supports the STP protocol.
  • Enable OSPF on LAN port to publishing default routes.
  • The master and slave CPE devices in the HA mode support different interface configurations.
  • Support Ping&TCPing detect and alert.
  • Alert supports phone and message notification.
  • The usage rate of the LightWAN service is lower will prompt alarm.
  • Orchestrator dashboards support customization.
  • Traffic report.
  • POP/Link interface display optimization.
  • Optimize device security hardening.
  • Optimize TopN datastore.

Bug Fixes:

  • CPE WiFi password does not have a digit limit prompt.
  • No periodic detection data when inquiring based on time.
  • The geographic location information of some links is incorrectly displayed.
  • The number of sites displayed on dashboard is inconsistent with the actual site number.

Mobile Release 3.5
2021-10-30

Features:

  • Support for the AD/Radius authentication by intranet CPE.
  • Support for batch delete of accounts.
  • Support for viewing history logs.

Release 3.4
2021-04-18

Features:

  • DNS AuditSupport for Persistent Configuration.
  • Support for WAN BGP/OSPF.
  • Support for CPE IPsec.
  • SIP NAT optimization.
  • Support for Mobile Diagnose.
  • Support for mobile log management.
  • Standardization reform for Open API.
  • Customer ID extension.
  • Layer 2 optimization.
  • Part of models CPE adapt and surpport 5G.

Bug Fixes:

  • The delay display error of 1 series of devices in layer 2 networking scenario.
  • Failed to resend the alarm message after sending failure.
  • The client prompt is not accurate after opening SIP function.
  • Pop search results are not arranged by ID.

Release 3.3
2020-12-18

Features:

  • Support for VLAN subinterfaces in CPE.
  • Support for multiple LAN interfaces in CPE.
  • Support for multiple DNS Servers in DNS Proxy.
  • Provide CAS service for mobile accounts.
  • Support for custom Widget modules in Dashboard.
  • Support for site tag retrieval in Site、Topology and Policy.
  • Provide regular link health inspection for One-star subscribers.
  • Provide super administration permissions for super users.
  • Support for underlined domain name in proxy DNS.
  • Multi-link load balancing optimization.
  • Subscribe notification optimization.

Bug Fixes:

  • The CPE device is not available with more than 200,000 route strategies.
  • Tunnelblick may disconnect when both LightWAN and Tunnelblick clients are used at the same time.
  • The client cannot connect successfully due to the “*” and duplicate domain name in custom Domain Set.
  • Misjudgment of WAN availability and unavailability concurrency scenarios, resulting in invalidating policies by mistake.

Mobile Release 3.3
2020-12-18

Features:

  • User Privacy Agreement update.
  • Partial log information update.
  • Disconnection and logout process optimization.
  • IOS, MacOS system connection upgraded to IKEv2.

Release 3.2
2020-06-05

Features:

  • Mobile client operations including logging in, logging out, connecting, disconnecting, and changing passwords need to be displayed on the Mobile Account page.
  • No alerts are sent when a one-star connection does not meet the SLA.
  • HA supports detecting the status of the peer device.
  • BGP adds md5 authentication.
  • Policy supports star filter.
  • Mobile clients support IP filter.
  • Support for single IP speed limit based on policy.
  • Login security enhancement: 2FA, username password with graphic verification code, cell phone verification code, and error lock.

Release 3.1
2020-04-01

Features:

  • Rectification of CPE memory request and allocation.
  • Support for Layer 2 networking.
  • Support for advanced configurations in VRRP.
  • Support for LADP over SSL for Orch Mobile Account.
  • Add kernel dump skb.

Release 3.0
2019-12-03

Features:

  • Support for split architecture of Orchestrator.
  • Support for international Orchestrator.
  • Modification of customLogo.
  • Add Advanced DNS.
  • Statistics of Top N traffic.
  • Add the keeping alive mechanism that the Orchestrator sends messages to agents actively.
  • Start the alarm when the frequency of link selection is high.
  • Add TCP protocols to Probe Server's policy.
  • Support for module demo chart.
  • BGP AS Number supports up to 4294967295.
  • Support for SAAS SLA - precision to PoP's city.
  • Add TCP acceleration in the policy for the output connection type.
  • Support for multi-engine WAN.
  • Support for LAN Bridge.

Release 2.2
2019-07-16

Features:

  • Support for Subscription & Partner.
  • Support for transparent bridge mode and IP spoofing.
  • Improvement of IP overlapping.
  • Improvement of intelligent DNS service.
  • Combination of SaaS & Internet and Policy function.
  • Unification of collation rules and logic of interaction in Orchestrator.
  • Improvement of statistics for Latency, Jitter, Packet Loss of Link and Connection, Improvement of path change.
  • Support for custom private IP Set, Domain Set and Access Unit.
  • Technical Support can adjust the order of connections used by Proxy Gateway policy.
  • Support for netmask and gateway configuration in WAN interface of POP.
  • Support for global SLA presets of Orchestrator.

Release 2.1.2
2019-04-08

Features:

  • VRRP functional optimization.
  • Support for OSPF & BGP.
  • Support for packet-loss-based path change and path selection.
  • Support for MIPS hardware platform.
  • Statistics for each priority traffics (QoS related).
  • Support for outgoing interfaces auto-update per flow.
  • Domain name support for communication server.
  • Port pool and auto switching for Link.
  • Support for alert rules configuration.
  • New alert instance for CPE LAN down.
  • Low and high threshold of packet loss support for LW Connection SLA calculation.
  • Supports user can view IP Sets and Domain Sets included in Access Unit.
  • Introducing Delay processes and bandwidth evaluation for by LW Connection SLA calculation (for path selection).
  • Link Down report for detection failure after adding or editing Link ports.
  • Support for importing and exporting global SLA database.
  • Support for interfaces and ports configuration in NAT module.
  • Support for LAN DNAT.
  • Statistics of concurrent sessions.
  • Site Group added for selecting Sites when create Topology.
  • TCP acceleration configuration for Direct Access mode of SaaS & Internet policy.
  • Outgoing Interface can only select from the existed Topologys when creating Site-to-Site or Proxy-Site policy.
  • One-Star SLA auto inherits from the first subscribed higher Star Rate.
  • Improvement of Master IP function.
  • Wildcard support in Domain Set and DNS Proxy configuration.
  • Improvement of the order of SNAT rules.
  • Improvement of dynamic routing for SaaS.
  • TCP acceleration of default policy is changed to be Disabled by default in bridge mode.
  • Agent changes to support OE1 type of route of OSPF.

Release 2.1.1
2018-12-28

Features:

  • Support for bridge mode.
  • Support for URL Audit.
  • Support for BGP.
  • Support for Site Group.
  • Improvement of User Privilege Management (Admin / Operator / Support /Customer User).
  • Improvement of MSS auto updating based on MTU.
  • Support for policy bypass.
  • Improvement of communication stability between CPE and communication server.
  • Improvement of Search and Filter function on Orchestrator.
  • Orchestrator management via Web.
  • Support for drop in policy.
  • Support for Region, Global / Customer SLA, Global / Customer Price settings.
  • Improvement of Path Selection by introducing Link Inspection setting.
  • Support for MTU setting and ARP binding.
  • Support for SSH proxy in CPE.
  • Support for Rate Limiting in Policy.
  • Improvement of list ordering for Topology.
  • Support for transit mode in Spoke-Hub Topology.
  • Support for ISO installation.
  • Improvement of Access List distribution from Orchestrator to CPE, both HTTP mode and Message mode are supported.
  • Improvement of the access rules between CPE and Orchestrator / Communication Server.
  • System routing table improvement to cover the IP overlapping scenario.
  • Improvement of SSH proxy.
  • Improvement of URL Audit.

Release 2.0.19
2018-11-17

Features:

  • Improvement of path selection mechanism to cover no-path-meet-SLA-requirements scenario.
  • Support for configuration of system log retention.
  • Support for LW Connection keepalive settings.
  • Improvement of Customer User Privilege.
  • Support for keepalive settings of CPE.
  • Support for path selection based on SLA.
  • Support for sending alerts via DingTalk.
  • Support for multiple email address as recipients of alerts.
  • Support for configuration of Threshold and Interval for CPU / Memory / Hard Disk alerts.
  • Support alerts settings in User Portal.
  • Support for IP Fragmentation for SIP / FTP / H323.
  • Support for Trace traffic pass through.
  • Improvement of Access Name version.
  • Improvement of path selection to bypass Disabled Link.
  • Delete the related paths when deleting a Link.
  • PMTU improvement.
  • Support for Access Name version in Agent.