The sections below show details of the changes made in major and minor releases of Micro Edge.
Note: Micro Edge will automatically upgrade to new versions if Automatic Upgrades are turned on, which is the recommended setting. Otherwise, upgrades can be performed from ETM Dashboard or through the local web administration. See Upgrading your Micro Edge for more details.
Micro Edge 4.2
Micro Edge 4.2 adds IPsec tunnels for site to site connectivity with other IPsec gateways. IPsec in Micro Edge uses IKEv2 and supports features such as full tunnel routing and WAN failover. See Configuring IPsec VPN tunnels in Micro Edge for more details.
German and Japanese language support - Admins can switch languages from the web administration. This release adds support for German and Japanese languages.
Micro Edge for European ETM Dashboard - Admins in Europe and other regions outside of North America may choose to deploy a separate version of Micro Edge that connects to the Edge Threat Management Dashboard located in Germany. See Setting up your ETM Dashboard account (Europe) for more details.
Arista branding - Micro Edge 4.2 web administration removes Untangle branding and styling and updates colors, fonts, logos and other branding items to match Arista brand guidelines.
Operating System update - Micro Edge 4.2 operating system is upgraded to OpenWrt release 21.02.
The Linksys build is no longer available for Micro Edge as of this release.
For e3 appliances, interfaces will receive new MAC addresses. This may affect some internet connections and a reboot of the upstream modem device may be necessary to restore connectivity.
Micro Edge 4.0
Micro Edge version 4 is a major release that features enhanced security via Web Filtering. Web Filter is powered by Webroot BrightCloud®, which is a cloud based service that classifies URLs in real-time. Web Filter blocks web sites associated with spyware, malware, proxies, phishing, and other types of harmful content. Other improvements to this release include the ability to backup and restore configuration, add static routes for local networks, and general performance optimizations.
Static Routes - Admins can add routes for local networks that reside behind other routers on the local network. This is an important feature for admins who manage segmented networks at branch locations.
Configuration backup and restore - Admins can backup and restore the complete configuration. During the restore, admins can choose to exclude the admin account credentials or networking configuration in case they prefer to merge those parts of the backup configuration with the current configuration.
Automatic configuration backup - The appliance configuration is now backed up nightly. These automated backups can be viewed or recovered from ETM Dashboard in the Cloud Backups area of the Appliances screen.
Performance - Multiple components related to the classification of applications and processing of session information were refactored to improve performance and stability.
- Added QoS column back to the Sessions view so admins can see the priority of each session. This column was inadvertently removed as part of the UI refactoring in the previous release. Note that QoS must be enabled on the outgoing WAN interface for a value to be applied.
- Improved the accuracy of Threat Prevention. Outgoing lookups now use a different attribute of the reputation result to align with the results returned by the BrightCloud online lookup tool.
- The WiFi channel selector was listing unsupported channels which could cause misconfiguration. The WiFi channel list now shows only supported channels.
- Removed “is not” operator from rule conditions relating to Applications and Certificates. This operator was not functional and not feasible to implement for those condition types.
- Support link in about page was pointing to the forums. It now points to the support page.
- DNS Server warning message was a debug event but still reported to log output. This caused excessive log events. The event containing “WARN rests: DNS Server: …” is no longer reported.
- Typographic error in Threat Prevention report. The top blocked count now correctly reports the values as “Count”. The column was incorrectly labeled “Addresses”.
- Deleting conditions from rules with multiple conditions was showing the wrong condition as removed in the rule preview.
- Fixed an issue causing Micro Edge appliances to be unable to connect to ETM Dashboard. This required an updated trivial release version, v4.0.1, which contains an updated certificate and no other changes.
Important note about the upgrade:
Micro Edge 3.2
This release includes a complete redesign of the user interface for Micro Edge. While it looks very different from previous versions, administrators will find the ability to configure common settings is more intuitive and faster to set-up and manage. This release also includes a minor update to the operating system of Micro Edge (OpenWrt) ensuring that all operating system bug fixes and security updates are in place.
Summary of UI Enhancements
- Improved workflows including optimized defaults to speed up configuration of rules
- Reduced rule conditions and actions to simplify and speed up configuration of rules
- Consolidated reports to enhance viewing and filtering of network activities
- Searching in all grid views to quickly find relevant data
- Consistent user experience and design with ETM Dashboard
- Dark Theme provide consistency between ETM Dashboard and Micro Edge
- Performance improvements to speed up administration when loading screens
- Responsive design for complete management from mobile devices
- Many bug fixes to ensure reliable administration
As part of the rule conditions reduction, it is possible after upgrading to encounter rules based on conditions that no longer exist as of 3.2. In this case, editing the rule returns a blank screen or an error message. These rules are no longer valid and must be removed and recreated using the available conditions.
Micro Edge 3.2.2 Update
This is a minor update that includes some improvements to how Micro Edge determines the status, performance, and availability of WAN links.
Micro Edge 3.1
This release adds Threat Prevention to Micro Edge. Threat Prevention is a lightweight security feature that uses real-time threat intelligence powered by Webroot Brightcloud to block high risk Internet traffic. Threat Prevention blocks Internet hosts that may be associated with Spam, Mobile Threats, Tor Proxy, Keyloggers, Malware, Spyware, Windows Exploits, Web Attacks, Botnets, Scanners, Denial of Service, Reputation, Phishing, or Compromised Proxy.
- Choose a sensitivity threshold between High Risk (default), Suspicious, or Moderate.
- Add hosts to a pass list to avoid false detection.
- Review blocked hosts in a report.
Fixed - Error when saving Port ranges in rules. For example setting a range of 10000-11000 previously returned an error when saving.
Fixed - DHCP server not offering leases if there are disabled interfaces on a LAN bridge.
Micro Edge 3.0
Micro Edge 3.0 adds the ability to configure WireGuard® VPN Tunnels with NG Firewall and other instances of Micro Edge. WireGuard VPN provides a high performance tunneling protocol to configure a secure Software-Defined Network. The 3.0 release also includes several other features, improvements, and fixes.
WireGuard Interfaces can be set as WAN interfaces to route various types of Internet traffic, or as local Interfaces to route only for specific remote networks.
Improved DHCP Server management
You can now view and search all DHCP leases and create a reservation from a lease.
Added the ability to reboot / shut down from GUI
It is now possible to reboot or shut down the device from the local administration.
Added the ability to manage NIC Media speed
You can now manually configure interface speed and duplex settings. These values are automatically negotiated in most networks but are necessary to configure manually when connected to some Internet routers.
Added the ability to use AT&T as a wireless carrier on the e6wl appliance
You can now use AT&T sims with the e6wl.
Removed NAT checkbox on LAN interfaces
This option was removed due to lack of necessity. For advanced NAT scenarios refer to NAT Rules.
Disabled implicit NAT on VLAN interfaces
We disabled the unnecessary and automatic use of NAT for traffic exiting local VLAN interfaces.
Improved port definitions in Source and Destination rule conditions
We now automatically include TCP and / or UDP protocol in Source and Destination conditions. These were always necessary but we now add them automatically to simplify rule configuration. We also resolved an issue affecting conditions that use multiple ports specified as a range or comma separated list.
The linked ETM Dashboard account is now visible
This is useful for example if you have multiple accounts and you do not know what account your appliance belongs to.
Removed local interfaces from interface charts
We now exclude local interfaces from interface charts so it is easier to interpret WAN performance data.
Optimized conditions in rules
To simplify the configuration of various rule types we removed several condition types that are not applicable. You will find fewer conditions in rules, making it easier to configure rules and reduces the possibility of misconfiguring rules by using invalid conditions.
DNS diagnostics widget
If Micro Edge detects issues with name resolution, a dashboard widget appears to alert the administrator.
Fixed database locking issue
We identified and resolved instances where the reporting database could become locked. In this circumstance users may have observed empty reports and dashboard widgets. In extreme cases the device may not have been able to make configuration changes, resolve DNS, serve DHCP addresses, or perform updates until rebooting the device.
Fixed connection issue caused by conflicting VPN subnets
When using OpenVPN tunnels, if the Micro Edge received an updated route of a remote subnet that conflicts with a local subnet, it caused a network outage. We have corrected this behavior so that WAN based OpenVPN interfaces do not obtain remote network routes. Routing to remote VPN networks for WAN based interfaces is configured in WAN Rules.
Micro Edge 2.1
Micro Edge 2.1 is a minor release that features a kernel update and improves the accuracy of active latency determination on VPN WAN links.
Micro Edge 2.0
Micro Edge 2.0 adds the ability to create logical network segments based on 802.1Q VLANs. VLANs enable network admins to create multiple networks while utilizing a single network interface. With the support of 802.1Q tagging a logical network can extend to a managed switch for greater connectivity and management of devices.
Key VLAN capabilities:
802.1Q Tagging on WAN and LAN interfaces
Traffic Shaping of VLANs
WAN Routing based on VLAN
Filtering based on VLAN
DHCP services per VLAN
- Added MSS Clamping to resolve specific websites not loading over PPPoE connections
- Minor kernel update to improve stability
Micro Edge 1.3
Micro Edge 1.3 is a minor release that adds support for Verizon LTE (requires e6wl), UI improvements, and bug fixes.
- Selection of Verizon as LTE Network
- Automatic completion of Application names in rules
- Added support for PPPoE type connections
- Removed ability to delete physical interfaces
- Resolved routing of inbound connections (VPN and Port Forwarding)
- Resolved port range definitions in source and destination rule conditions
- Resolved IPv6 routing over VPN tunnels
- Resolved SQL report error when setting a dashboard condition
- Resolved inaccurate WAN link status detection when IPv6 was disabled
Micro Edge 1.2
Micro Edge 1.2 is a minor release that includes improvements to the User Interface and bug fixes.
- Factory reset capability from the administration User Interface
- Set defaults for WAN Rules depending on the type of rule
- Prompt before saving WiFi settings to warn of network disconnect
- "Suggest an Idea" button added for users to provide instant feedback
- Ability to remove VPN interfaces, as well as disable them
- Fill in the rule ID in WAN routing reports
- Traffic initiated on the Micro Edge does not obey WAN rules
- Changing an OpenVPN setting does not take effect until rebooting
- Country fields in the Sessions view is rendered incorrectly
- OpenVPN sees VPN tunnels as up in cases that the remote side is down
- UI does not show the IP address of VPN interfaces
- GeoIP lookup updates
Micro Edge 1.1
Micro Edge 1.1 is the first major software release.
Micro Edge makes first packet routing decisions, based on specific application or categories of network traffic.
Traffic shaping and Quality of Service prioritizes business critical traffic across WAN Links.
Real-time Link Performance Monitoring
Jitter, packet loss, latency and throughput of each link are continually measured to ensure applications can be routed over the best performing links for their needs.
Dynamic Path Selection
Routing decisions are made in real-time based on actual current link performance of packet-loss, latency and jitter conditions, as well as available bandwidth.
Multiple Internet Pathways
Multiple WANs as well as LTE connectivity can be used as primary or failover links. Application based routing can optimize performance over LTE and hard-wired links.
Configurable Performance Thresholds
Routing can be configured at the application level with failover conditions specified using limits for desired maximum packet loss, or latency thresholds.
Automated Link Failover
Network traffic will be routed to the next best performing link when a link fails, or fails to meet performance requirements.
Network administrators can remotely set up and configure Micro Edge without having to be on site. Automatic upgrades ensure all appliances are kept up to date with the latest security updates and enhancements.
One or many Micro Edge appliances can be managed from our cloud based ETM Dashboard, accessible from any browser. Full visibility of all deployments enables administrators to view appliance network status, important events, reporting data and push global configuration.