Firmware SW01978-4.0.0.1 release notes ====================================== Supported products: R-PASS (A0) SSD (B0) Z-PASS2-RT-4G (A0) Z-PASS2-RT-4G (B0) Z-PASS2-RT-4G (C0) Z-PASS2-RT-4G-S (A0) Z-PASS2-RT-4G-S (B0) Z-PASS2-RT-4G-S (C0) Z-TWS4-RT-S (A0) Z-TWS4-RT-S (B0) Z-TWS4-RT-S (C0) Z-PASS1-RT (A0) Z-PASS1-RT (B0) Z-PASS1-RT (C0) ====================================== NEW: changes for compliance with ‘RED DA’ regulations: - login required by default on GUI/GUI-web - mandatory default password change - ‘strong’ password validation: - minimum length: 12 characters - at least 1 lowercase letter - at least 1 uppercase letter - at least 1 number - at least one special character - management of a maximum number of failed login attempts (5) with lockout time (15 min) NOTE 1: management is not differentiated by user and, therefore, the lock applies to all users NOTE 2: the lock status applies to both access from web pages and access from the GUI - check/warning on web page regarding the availability of a new FW release - web server: only HTTPS enabled by default URLs modified for access to configuration web pages and GUI-web - Anti-DOS mechanisms introduced - Traffic control mechanisms introduced - Default port disabling: - SD - USB Host - USB-serial for console NOTE: when upgrading from a previous release, the ports remain enabled - Disabling unnecessary network services: - HTTP disabled - IPv6 disabled - GUI/web GUI session management - Z-NET4 functionality disabled by default NOTE: when upgrading from a previous release, the functionality remains enabled - configuration export/import with passphrase (tar.gz file encrypted with passphrase) - discovery: ‘IP Configuration from discovery’ parameter: - ON, in factory default condition - OFF, following modification of the network configuration via discovery and modification of the admin password - discovery protocol: ‘IP Configuration enable’ flag added - web pages: login management review and logout correction - web pages: new user for production with relative menu NOTE: disabled after changing the admin password - SFTP/SSH user: only exists if the Z-NET4 feature is enabled or Samba is enabled - warning displayed for parameters whose enabling or disabling may reduce the security level - FW Upgrade: update only allowed for versions >= 4.0.0.0 FIX: - digital counter management: now, with debounce=0, the filter is completely disabled and the maximum frequency is 1 kHz - MQTT Client: fixed the issue where, with ‘Publish Bulk Format’=‘%jn: %v’, the tag value was not inserted in the payload (LPZ-92)