12.0.0 Changelog

From Edge Threat Management Wiki - Arista
(Redirected from 12.0 Changelog)
Jump to navigationJump to search


12.0 is a major release. Major user interface updates and brings a new dashboard and many new features.

Admin Interface

The admin interface received a major overhaul, with more work to come! Don't worry! The organization didn't change much so there isn't a big learning curve to re-learn everything. However, visually it is very different.

The new admin interface is simpler, cleaner, faster, and more responsive. The two tabs (apps, config) on the left are gone! Now there are 4 global tabs:


The dashboard is a new customizable view into your system and important topical information. By default the dashboard shows an assortment of "widgets" which show you different information about your system. You can also add more widgets to show various information.


Apps shows the new apps view. By default and on upgrade this is the traditonal rack view. However, there are new skins which show different views such as the "material" skin. Give it a try by changing your skin in Config > Administration > Skins > Administration Skin.

Installing apps works a bit differently. You click on the "Install Apps" button at the top and click on the available apps you want to install into this policy. When finished click "Done" at the top and apps view is displayed again.


Config is the same as previous versions. It stores all of the system configuration.


The reports tab provides an easy and quick way to access reports.


The goal of the new admin interface is to bring Untangle to a simpler and more modern user interface, but maintaining the things people love. Additionally, as the world goes more mobile Untangle needs a responsive admin interface that is usable from various devices of differing screen sizes including smartphones.

Major Tech Changes

Untangle 12.0 is based on Debian Jessie (8.x) and the 3.16 linux kernel. This should provide more modern hardware support. Additionally, The database has been migrated from postgres 9.1 to postgres 9.4. The UI now leverages Extjs 6.

Directory Connector

Directory Connector can now connect with your google account and google drive account.


The "new" reports are officially complete, and 12.0 removes the old reporting infrastructure. 12.0 is able to log five times the number of events per second than 11.2 on the same hardware.

There is a new summary email which sends some basic information and a link to the reports. Google drive integration has been added and Untangle can upload daily report data backups and daily CSVs to google drive for indefinite storage.

The PDF summaries are no longer sent. The old reports servlet has been removed.

Some new SQL operators are available in conditions. Alert rules based on rate thresholds (X actions per minute) are now possible. Some new report entries types have been added to allow variable number of datasets (see Reports > Network > Interface Usage).

Device List

Many users are familiar with the "Host Viewer" which tracks local unique IP addresses on your network and various information about them. 12.0 adds a "Device List" which tracks local unique MAC addresses on the network and various information about them. Unlike the host viewer, the device list is stored on the disk and is persistent through reboots.

This allows you to do thing like set the username for certain devices (for devices that are not shared), or alert when new devices are discovered. It also stores information about the last known hostnames and User Agent and other metadata.


All translations are now done in one PO file. This should significantly simplify translations.

SSL Inspector

HTTPS Inspector has been renamed SSL Inspector and now has the ability to inspect SMTP over SSL. After SSL Inspector unwinds the TLS on the SMTP session, Spam Blocker and friends will now scan the SMTP as per a normal unencrypted session. SSL Inspector will reencrypt the traffic as it leaves the server.


Config > Email gains a new way to send email called "Send email using the cloud hosted mail relay server." This is the new default and it will use a the untangle.com cloud to relay email using an SSL relay. This allows many users whose ISPs block port 25 to send email without trying to find a relay.

The quarantine interface has received a major usability update.


IPsec VPN now has the ability to create GRE tunnels (normal and encrypted with IPsec) to remote sites.

Virus Blocker

Virus blocker now also does a cloud scan concurrently with the local scan. The cloud scan checks against the current threat intelligence in the untangle.com cloud and checks the know information about the file, the URL, and other metadata. If either the local scan or the cloud scan returns that a file is malicious it is blocked.


Bypassing of premium apps for hosts over the licensed seat limit is now automatic. For hosts over the seat limit, they will still be scanned by the free apps. By default an alert is sent when this occurs. You can still manually bypass devices so they are not counted, but it is no longer necessary. The hosts viewer shows your current hosts and which are counted as "active."

Configuration Backup

Configuration Backup can now backup to google drive in addition to the normal backup to your account on untangle.com

Minor Changes

  • Application Control has merged the "block" and "tarpit" settings into one "block" setting that means tarpit.
  • Old root passwords set before 11.0 use a hash that has been disabled. If you have no reset your admin/root password in a long time you will need to save the admin password again to set the root password.
  • Web Filter now blocks QUIC by default.
  • New options allow logging of bypassed sessions to and from Untangle itself.
  • Session Viewer is much faster and more efficient.
  • Tons of other bugfixes and small enhancements!