NGFW 7.2 is a major release for the newly rebranded Trustwave Next Generation Firewall (NGFW) product line, running on TrustOS 3.1. This release supports only 64-bit operating systems and is exclusively available for administration in Trustwave’s TrustKeeper portal. This release also contains the tools to create the first virtual NGFW (vNGFW) appliance available to customers. UTM 6.x will move into maintenance releases that will be patched but no new features will be added.
Old platforms that have been discontinued by Trustwave are not supported under the new 7.x product line.
Content Filter Bridge - An ability to setup and configure the device with web content filtering in bridge mode. The feature is an additional plugin to Intrusion Detection and Prevention.
Content Filter Proxy- The ability to setup and configure the device with web content filtering in proxy mode.
DHCP Server Flexibility An ability to setup and configure the device as a DNS Server only, DHCP and DNS server, or a DHCP relay agent.
IPS/IDS- Supports IDS - Commonly used for IDS deployment. IPS layer 2, bridge mode, IPS layer 3, NGFW setup in router mode (common setup for NGFW’s)
Site-to-site VPN- Integrate Strongswan for ipsec.
NACx - Network Access Control and Restriction provides network analysis in real-time. It monitors networks for assets and provides alerts and restrictions based on configured security policies.
Anti-Virus for SMTP- NGFW supports anti-virus for SMTP and runs as transparent SMTP proxy server on port 8110.
Deep Packet Inspection – Provide statistics for application layer protocol use.
Health, status, and availability – Provides additional OS level health and usage details.
Known Bad Actors (KBA) URL integration- Known bad actors is a database consists of bad URLs and IPs within five categories such as botnet, malware, network, scan and spam. This features also allowed customer define own KBA IP and category URL list. This is off by default.
Remote User VPN NGFW 7.2 uses strongswan to configure Remote User VPN. It uses IPsec protocol for authentication and encryption of tunnels. This deprecates the use of openvpn in UTM 6.x for remote user vpn tunnels. Strongswan uses IKEv2 protocol as the default for key exchange and authentication but also supports IKEv1.
Features not included in NGFW 7.2
The following is a list of features and improvements NOT included in this release. These may be available in a subsequent major release following NGFW 7.2. Trustwave advises customers using these features do not upgrade to NGFW 7.2
- High Availability
- Wireless support
- Multipath support and policy based routing
Not able to disable NTLM Auth after it is enabled.
DNS server IP is required even when peerdns is selected for the interface
WCF - groups shall be listed when creating an Active Directory group
WCF - policy/acl isn't created correctly in squid.conf. Some restrictions needed here.
This release can be deployed as a managed service on the TS25 or TS151 hardware appliances, or virtually on a hypervisor with KVM, Hyper-V, or ESXi.
Configuration data for Trustwave NGFWs must undergo migration to new schemas, and in the cases of some customers, new hardware, in order to provide the latest security and functionality. The upgrade from UTM 6.x to NGFW 7.2 is not automatic. Not all customers will take this release; please contact Trustwave for detailed instructions for updates and upgrades.