{"id":2098,"date":"2024-12-30T15:29:31","date_gmt":"2024-12-30T15:29:31","guid":{"rendered":"https:\/\/balder-net.de\/?p=2098"},"modified":"2024-12-30T15:29:31","modified_gmt":"2024-12-30T15:29:31","slug":"unifi-network-application-9-0-108","status":"publish","type":"post","link":"https:\/\/balder-net.de\/?p=2098","title":{"rendered":"UniFi Network Application 9.0.108"},"content":{"rendered":"

Overview<\/h2>\n

UniFi Network Application 9.0.108 adds Zone-Based Firewall, CyberSecure, Network Application API, and includes the improvements and bugfixes listed below.<\/p>\n

<\/p>\n

\u00a0<\/p>\n

<\/p>\n

Zone-Based Firewall settings<\/strong><\/p>\n

The new Zone-Based Firewall on UniFi Gateways categorizes different parts of your network into zones and allows for more granular and simplified policy management.<\/p>\n

Segment your network by using fewer, simpler policies, reducing complexity and increasing visibility.Configure specific policies to govern which traffic can pass between zones, based on Network Objects, IPs, ports, applications, and more.The migration to Zone-Based Firewall is irreversible unless you restore a backup prior to the migration.Existing policies that cannot be migrated to a single zone will be duplicated to multiple pairs.Requires UniFi (Cloud) Gateway firmware version 4.1 or newer.See the\u00a0Zone-Based Firewall<\/a>\u00a0and Migrating to Zone-Based Firewalls<\/a> Help Center articles for more information.<\/p>\n

<\/p>\n

CyberSecure by ProofPoint<\/strong><\/p>\n

CyberSecure is an optional extension of our Intrusion Detection and Prevention (IPS\/IDS) system, enhancing IPS\/IDS with signatures from ProofPoint’s expert security researchers. It is available as an optional per-site subscription. It is available for all UniFi (Cloud) Gateways besides the Express and UXG-Lite. Please note that our existing IPS\/IDS remains free.<\/p>\n

Requires UniFi Cloud Gateway 4.1.8\/UniFi Gateway 4.1.3 and newer.See the\u00a0CyberSecure<\/a>\u00a0Help Center article for more information.<\/p>\n

<\/p>\n

\u00a0<\/p>\n

Network Application API<\/strong><\/p>\n

The API provides powerful tools to manage Sites, Devices, and Clients, offering access to detailed configuration, real-time status, and live statistics. It supports insights for WiFi, Wired, and VPN clients, including connection details.<\/p>\n

Available through Control Plane > Integrations.Requires a Cloud Gateway with UniFi OS 4.1.9 or newer.Next versions will include more data, so leave comments on what you would like to see.<\/p>\n

Improvements<\/h2>\n

Added support for re-ordering the Dashboard widgets.Added the ability to Locate or Restart devices from the Device table when hovering.Added the ability to edit VLANs in the Port Manager > VLAN page.Added support for MongoDB 8.0 and Java 21 on Network Servers.Added Source name in the Intrusion Prevention email notifications.Added support for ed25519 SSH Keys for Device Authentication.Added WiFi Band column in the WiFi Settings table.Added support for third-party networks in IP and MAC ACLs.Added warning when configuring a Site-to-Site VPN with overlapping subnets.Added QoS in the Routing section within Settings.Requires the new Zone-Based Firewall.Added support for Override WAN Monitors in the BGP Configuration.Requires UniFi Cloud Gateway 4.1.7\/UniFi Gateway 4.1.3 or newer.Added support for Link Aggregation on the EFG and UXG-Enterprise.Requires UniFi Cloud Gateway 4.1.8\/UniFi Gateway 4.1.3 or newer.Allow duplicate remote IP addresses when using different WANs on Route-Based IPsec Site-to-Site VPNs.Improved the Threat System Log user experience.Improved the System Logs searching resiliency.Improved the Honeypot user experience.Improved the Port Forwarding user experience.Improved the Client page user experience on large setups.Improved the WAN Packet Capture user experience.Improved the Security Settings user experience.Improved the Intrusion Prevention Active Detections Categories.Improved the Radio Manager user experience.Improved the Dashboard loading latency.Improved the port warnings in Port Manager.Improved filtering on the Devices page.Improved Statistics accuracy for Internet Activity in the Dashboard and Traffic Statistics.Improved the Airtime scanning user experience.Improved the WiFi Connectivity page user experience.Automatically turn off wireless meshing if a device is adopted via a wired connection.Increased default channel width to 80MHz for the 5GHz radio.Moved Firewall Connection Tracking settings to the NAT section.Moved the Traffic and Device Identification settings to System > Advanced.Renamed DNS Shield to Encrypted DNS.Renamed Country Restrictions to Region Blocking.<\/p>\n

Bugfixes<\/h2>\n

Fixed an issue where NAT rules sometimes didn’t work on the UXG-Lite.Fixed incorrect timezone for Network Application Activity Logging to SIEM Servers.Fixed invalid mixed speed warning on ECS-Aggregation switches.Fixed an issue where the Network Application changelogs were missing on fresh Network Server installations.Fixed an issue where the last known uplink could be missing if it was a mesh uplink.<\/p>\n

Additional information<\/h2>\n

Create a backup before upgrading your UniFi Network Application in the event any issues are encountered.See the\u00a0UniFi Network Server<\/a>\u00a0Help Center article for more information on self-hosting a server.UniFi Network Application 7.5 and newer requires MongoDB 3.6 and Java 17.Version 7.5 to 8.0 supports up to MongoDB 4.4.Version 8.1 and newer supports up to MongoDB 7.0.Version 9.0 and newer supports up to MongoDB 8.0 and Java 17\/21.UniFi Network Application updates may cause your adopted devices to be re-provisioned.Existing UniFi Network Applications must\u00a0be on one of the following versions to upgrade directly to this version:9.0.108 and earlier 9.0.x versions.
\n8.6.9 and earlier 8.6.x versions.
\n8.5.6 and earlier 8.5.x versions.
\n8.4.62 and earlier 8.4.x versions.
\n8.3.32 and earlier 8.3.x versions.
\n8.2.93 and earlier 8.2.x versions.
\n8.1.127 and earlier 8.1.x versions.
\n8.0.28 and earlier 8.0.x versions.
\n7.5.187 and earlier 7.5.x versions.
\n7.4.162 and earlier 7.4.x versions.
\n7.3.84 and earlier 7.3.x versions.
\n7.2.97 and earlier 7.2.x versions.
\n7.1.68 and earlier 7.1.x versions.
\n7.0.26 and earlier 7.0.x versions.
\n6.5.55 and earlier 6.5.x versions.
\n6.4.54 and earlier 6.4.x versions.
\n6.3.51 and earlier 6.3.x versions.
\n6.2.26 and earlier 6.2.x versions.
\n6.1.71 and earlier 6.1.x versions.
\n6.0.45 and earlier 6.0.x versions.
\n5.14.25 and earlier 5.14.x versions.
\n5.13.33 and earlier 5.13.x versions.
\n5.12.72 and earlier 5.12.x versions.
\n5.11.52 and earlier 5.11.x versions.
\n5.10.27 and earlier 5.10.x versions.
\n5.9.33 and earlier 5.9.x versions.
\n5.8.30 and earlier 5.8.x versions.
\n5.7.28 and earlier 5.7.x versions.
\n5.6.42 and earlier 5.6.x versions.
\nMost earlier versions are also supported for a direct upgrade, going back to 3.1.0.<\/p>\n

<\/p>\n

UniFi Network Native Application for UniFi OS<\/strong><\/p>\n

A specific application version that is only compatible with the UDM, UDR, Express, UCG-Ultra and UCG-Max (running UniFi OS 3.1.6 or newer).<\/p>\n

The UniFi OS update uses the application version that is required for your console.The manual update process via SSH requires you to use the compatible package. Incompatible packages will be rejected on installation.Older UniFi OS versions (before UniFi OS 3.1.6) on the UDM and UDR still use regular UniFi Network Application for UniFi OS.<\/p>\n

\u00a0<\/p>\n

\u00a0Checksums<\/strong><\/p>\n

fb6176096443de6bdbe326e883b77586 *UniFi-installer.exe
\nd272d1cada1e72ad17c75be7575e7792 *UniFi-Network-Server.dmg
\nbf598231afe64f4318172c4d6f24a743 *UniFi.unix.zip
\nff6bf33e3567effac2f63adf2b9358eb *unifi_sysvinit_all.deb
\n6e0c18fd5c2cba8c2eb14467d87318f2 *unifi-uos_sysvinit.deb
\n93883b8f88207caec254c795ff995e88 *unifi-native_sysvinit.deb
\n601df32736f41e40a80a3e472450a3e1 *unifi_sh_api<\/p>\n

————————————————————————————————————————<\/p>\n

SHA256(UniFi-installer.exe)= 8ef2bfd22075a171c170811bb996c8852a95bddb7fdcc53fd0aaf677711d134f
\nSHA256(UniFi-Network-Server.dmg)= 3fc61f889168c3ee690937b14af9a1641fa4c9f3b72b837c67abe6dc00786d1e
\nSHA256(UniFi.unix.zip)= 6585b8dd9707dee9ea8954a089bdf3ba5dfd43f7168c062cf87a2d1c8badd602
\nSHA256(unifi_sysvinit_all.deb)= a7eb785bc991f82b6649766ac693f5539e621e12b3eec5dc2f73eefb4a5e36b5
\nSHA256(unifi-uos_sysvinit.deb)= 6d8c3691838ca30430f697c08135e25ce032bb7ecb96620f3feb5954c2b7b084
\nSHA256(unifi-native_sysvinit.deb)= 42d4dda8c2e37a424d158ac6c32913cd16c7eeeec585d3922b18b8cfbaacddd7
\nSHA256(unifi_sh_api)= 1791685039ea795970bcc7a61eec854058e3e6fc13c52770e31e20f3beb622eb<\/p>","protected":false},"excerpt":{"rendered":"

Overview UniFi Network Application 9.0.108 adds Zone-Based Firewall, CyberSecure, Network Application API, and includes the improvements and bugfixes listed below. \u00a0 Zone-Based Firewall settings The new Zone-Based Firewall on UniFi Gateways categorizes different parts of your network into zones and allows for more granular and simplified policy management. Segment your network by using fewer, simpler […]<\/p>\n","protected":false},"author":0,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41],"tags":[],"class_list":["post-2098","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-it-neuigkeiten"],"_links":{"self":[{"href":"https:\/\/balder-net.de\/index.php?rest_route=\/wp\/v2\/posts\/2098","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/balder-net.de\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/balder-net.de\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/balder-net.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2098"}],"version-history":[{"count":0,"href":"https:\/\/balder-net.de\/index.php?rest_route=\/wp\/v2\/posts\/2098\/revisions"}],"wp:attachment":[{"href":"https:\/\/balder-net.de\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2098"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/balder-net.de\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2098"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/balder-net.de\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2098"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}