Netgate Releases pfSense Plus Software Version 24.11
This release was a huge undertaking that provides new capabilities and new ways for pfSense Plus customers to secure and manage their networks.”
AUSTIN, TX, UNITED STATES, November 25, 2024 /EINPresswire.com/ -- Netgate® is excited to announce that version 24.11 of pfSense® Plus software, the world’s leading firewall, router, and VPN solution, is now available.— Jamie Thompson, Netgate CEO
"This release was a huge undertaking that provides new capabilities and new ways for pfSense Plus customers to secure and manage their networks,” said Jamie Thompson, Netgate CEO. “It also provides a glimpse into the future of pfSense Plus with a preview of multi-instance management and many new exposed APIs.”
New Features and Changes in pfSense Plus:
Multi-instance Management Early Look
This release includes an early look at multi-instance management for pfSense Plus. A web GUI and a set of APIs for monitoring and managing multiple pfSense Plus instances are now available.
While the set of API endpoints is incomplete, the available endpoints are functional and ready for testing now.
Kea DHCP Support for High Availability
The Internet Systems Consortium (ISC) distributes two full-featured, open-source, standards-based DHCP servers: Kea DHCP and ISC DHCP. ISC announced the End of Life (EOL) of the ISC DHCP server, and ended maintenance on it at the end of 2022.
With ISC DHCP at EOL, it is imperative that Kea DHCP reaches feature parity. Continued improvements in the Kea DHCP service provides greater capabilities and significant improvements over the previous release, including:
▪️ High Availability: Kea now supports High Availability for IPv4 and IPv6
▪️ Simplified High Availability Setup: Kea DHCP uses a single, global High Availability configuration, which is easier to set up and manage than ISC DHCP's per-interface configuration.
▪️ More Reliable Failover: Kea operates in "hot standby" mode, providing more reliable failover, especially when booting a secondary node.
▪️ Improved Security: Can synchronize lease data over the SYNC interface for security and ease of use, and can optionally encrypt the sync data for added protection.
Kea DHCP DNS Resolution
The Kea DHCP daemon now integrates with the Unbound DNS Resolver to provide automatic DNS registration. This means:
▪️ DNS Registration of DHCP Clients: DNS records are updated dynamically on-the-fly, they do not require a resolver restart and are not disruptive. This works for IPv4 and IPv6.
▪️ Improved Update Detection: With Kea, pfSense Plus software uses an extension that allows Kea itself to trigger DNS changes for lease events. With ISC DHCP, pfSense software used a dedicated daemon that monitored DHCP leases externally and triggered DNS updates based on that detection. This daemon was running and consuming resources as long as the feature was enabled, and it was not always reliable.
▪️ No Service Interruptions: The older method of updating ISC DHCP resulted in an interruption of DNS service any time a DNS record changed. This was especially problematic on busy networks or environments where the DNS resolver did not restart quickly. The new method of updating DNS records in the resolver utilizes features of Unbound which allow for seamless updates, without the need to restart the Unbound service.
System Aliases in Custom Rules
Users can now use built-in system aliases (like bogons, vpn_networks, etc) in custom firewall rules. This improves rule management efficiency and standardization.
NTP Authentication
This release implements NTP client authentication support, enabling secure time synchronization across networks.
In addition to these highlights, this release includes over 70 other improvements and bug fixes. For the full list of improvements and best practices for upgrading, please see the Release Notes1 and Upgrade Guide2.
For AWS and Azure cloud platforms, pfSense Plus software version 24.11 will be available when Netgate completes the publishing process for each platform.
To learn more about pfSense Plus software, visit netgate.com. For additional information or questions, contact Netgate at +1 (512) 646-4100 or sales@netgate.com.
About Netgate
Netgate is dedicated to developing and providing secure networking solutions to businesses, government, and educational institutions around the world. Netgate is the only provider of pfSense products, which include pfSense Plus and pfSense Community Edition software - the world’s leading firewall, router, and VPN solution. TNSR® extends the company’s leadership and expertise into high-performance secure networking – capable of delivering compelling value at a fraction of the cost of proprietary solutions.
Esther Cheng
Netgate
+1 512-646-4100
email us here
Visit us on social media:
X
LinkedIn
Other
1 https://docs.netgate.com/pfsense/en/latest/releases/24-11.html
2 https://docs.netgate.com/pfsense/en/latest/install/upgrade-guide.html
3 https://www.netgate.com/