[Version No.]
V4.5R90F04.sp04

[Source Version]
V4.5R90F04,V4.5R90F04.sp01,V4.5R90F04.sp02,V4.5R90F04.sp03

[Target Version]
V4.5R90F04.sp04

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04.sp02

[Function Changes]
update for system hardening

Function changes in V4.5R90F04SP03:
1. Group-specific exception IP addresses
2. Optimized LDAP authentication
3. SNMP GET V3 authentication
4. SNMP Trap V3 authentication
5. User-defined SNMP location
6. Log sending by email
7. Device shutdown
8. Internal IP address change
9. Removal of web login restrictions on the console
10. Removal of protection policy configurations in the CLI window

Function changes in V4.5R90F04SP01:
1. 40G and 100G network cards of HD8500 are supported.

[Fixed Bugs]
Fixed bugs in V4.5R90F04SP03:
ADS-50497 [Web] Errors occur in the header information of the access control policies.
ADS-51869 [ADS_HA] The "Service Unavailable" error occasionally occurs when you configure HA on the web-based manager, because the HA process is stuck at ha_admin as shown in the background.
ADS-51960 [Hardware monitoring] When the power status (STA) LED works improperly, the power supply status flashes on the web-based manager.
ADS-52029 [Interface synchronization] Incorrect interface status (up or down).
ADS-52041 [Web API] When you query the diversion routing table of an in-path device via a web API, processes stack up.
ADS-52047 [Protection group] The format of the IP address entered in "Domain Name or IP" of a protection group URL is not validated. As a result, an incorrect IP address can be entered.
ADS-52048 [API] The protocol ID check in the protocol ID check policy is abnormal.
ADS-52439 [Injection route] The injection route occasionally switches when the configuration is saved.
ADS-52446 [License] A license with the same expiration date can be imported to ADS.
ADS-52506 [ADS] Incorrect processing logic of the sync interface for the manual traffic diversion in ADS
ADS-52545 [ADS interface link status] When an ADS interface link status is changed and boards are removed, the Interfaces page on the web-based manager displays incorrect information.
ADS-52583 [Real-time monitoring] HTTPS connection attack traffic causes incorrect traffic trend statistics.
ADS-52584 [Access control rules] Packets with abnormal IP headers cause the engine to hang.
ADS-52601 [ADS access control permission] After ADS is upgraded from V4.5R90F03 to V4.5R90F04, the description of ACL rules configured in V4.5R90F03 contains garbled characters.
ADS-52605 [ADS manual diversion] When the Extend parameter is enabled for a manual diversion task, the network address and broadcast address of network segments do not exist on the router.
ADS-52610 [ADS_SFTP log] The libssh2 library used for a curl command that exports logs from ADS via SFTP has poor compatibility.
ADS-52615 [ADS manual packet capture] After a manual packet capture task for a source IP address with 32-bit netmask is started, the task details show the netmask is 31 bits.
ADS-52629 [ADS CLI user] The default password complexity requirements for CLI users are different on CLI and API.

Fixed bugs in V4.5R90F04SP02:
ADS-52484 The ADS NX5-HD4500 device equipped with the interface cards of 1 x 4000M optical port and 3 x 8 electrical network ports cannot be started.
ADS-52488 When the device starts, logging in to the console as develop failed.

Fixed bugs in V4.5R90F04SP01:
ADS-52029 【Port synchronization】The interface is abnormal due to an error in obtaining the interface status.

[Important Notes]
None.

- END -

[Version No.]
V4.5R90F04.sp03

[Source Version]
V4.5R90F04,V4.5R90F04.sp01,V4.5R90F04.sp02

[Target Version]
V4.5R90F04.sp03

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04.sp02

[Function Changes]
1. Group-specific exception IP addresses
2. Optimized LDAP authentication
3. SNMP GET V3 authentication
4. SNMP Trap V3 authentication
5. User-defined SNMP location
6. Log sending by email
7. Device shutdown
8. Internal IP address change
9. Removal of web login restrictions on the console
10. Removal of protection policy configurations in the CLI window

Function changes in V4.5R90F04SP01:
1. 40G and 100G network cards of HD8500 are supported.

[Fixed Bugs]
ADS-50497 [Web] Errors occur in the header information of the access control policies.
ADS-51869 [ADS_HA] The "Service Unavailable" error occasionally occurs when you configure HA on the web-based manager, because the HA process is stuck at ha_admin as shown in the background.
ADS-51960 [Hardware monitoring] When the power status (STA) LED works improperly, the power supply status flashes on the web-based manager.
ADS-52029 [Interface synchronization] Incorrect interface status (up or down).
ADS-52041 [Web API] When you query the diversion routing table of an in-path device via a web API, processes stack up.
ADS-52047 [Protection group] The format of the IP address entered in "Domain Name or IP" of a protection group URL is not validated. As a result, an incorrect IP address can be entered.
ADS-52048 [API] The protocol ID check in the protocol ID check policy is abnormal.
ADS-52439 [Injection route] The injection route occasionally switches when the configuration is saved.
ADS-52446 [License] A license with the same expiration date can be imported to ADS.
ADS-52506 [ADS] Incorrect processing logic of the sync interface for the manual traffic diversion in ADS
ADS-52545 [ADS interface link status] When an ADS interface link status is changed and boards are removed, the Interfaces page on the web-based manager displays incorrect information.
ADS-52583 [Real-time monitoring] HTTPS connection attack traffic causes incorrect traffic trend statistics.
ADS-52584 [Access control rules] Packets with abnormal IP headers cause the engine to hang.
ADS-52601 [ADS access control permission] After ADS is upgraded from V4.5R90F03 to V4.5R90F04, the description of ACL rules configured in V4.5R90F03 contains garbled characters.
ADS-52605 [ADS manual diversion] When the Extend parameter is enabled for a manual diversion task, the network address and broadcast address of network segments do not exist on the router.
ADS-52610 [ADS_SFTP log] The libssh2 library used for a curl command that exports logs from ADS via SFTP has poor compatibility.
ADS-52615 [ADS manual packet capture] After a manual packet capture task for a source IP address with 32-bit netmask is started, the task details show the netmask is 31 bits.
ADS-52629 [ADS CLI user] The default password complexity requirements for CLI users are different on CLI and API.

Fixed bugs in V4.5R90F04SP02:
ADS-52484 The ADS NX5-HD4500 device equipped with the interface cards of 1 x 4000M optical port and 3 x 8 electrical network ports cannot be started.
ADS-52488 When the device starts, logging in to the console as develop failed.

Fixed bugs in V4.5R90F04SP01:
ADS-52029 【Port synchronization】The interface is abnormal due to an error in obtaining the interface status.

[Important Notes]
None.

- END -

[Version No.]
V4.5R90F04.sp02

[Source Version]
V4.5R90F04,V4.5R90F04.sp01

[Target Version]
V4.5R90F04.sp02

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04

[Function Changes]
None.

Function changes in V4.5R90F04SP01:
1. 40G and 100G network cards of HD8500 are supported.

[Fixed Bugs]
ADS-52484 The ADS NX5-HD4500 device equipped with the interface cards of 1 x 4000M optical port and 3 x 8 electrical network ports cannot be started.
ADS-52488 When the device starts, logging in to the console as develop failed.

Fixed bugs in V4.5R90F04SP01:
ADS-52029 【Port synchronization】The interface is abnormal due to an error in obtaining the interface status.

[Important Notes]
None.

- END –

[Version No.]
V4.5R90F04.sp01

[Source Version]
V4.5R90F04

[Target Version]
V4.5R90F04.sp01

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04SP01

[Function Changes]
1. 40G and 100G network cards of HD8500 are supported.

[Fixed Bugs]
ADS-52029 【Port synchronization】The interface is abnormal due to an error in obtaining the interface status.

[Important Notes]
None.

- END –

[Version No.]
V4.5R90F04

[SHA256SUM]
499c75516331950fee7a6240e2d46086026c551c09dc4e521862aabcc04ca04c

[Source Version]
V4.5R90F02.sp07.C246, V4.5R90F03, V4.5R90F03PRE.M01, V4.5R90F03.sp01, V4.5R90F03.sp01v2, V4.5R90F03.sp02, or V4.5R90F03.sp03

[Target Version]
V4.5R90F04

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04

[Function Changes]
1. The common UDP watermark algorithm is added for protection groups.
2. The ACL policy can be configured specific to a protection group.
3. The chassis system resources are now displayed.
4. The NTI policy can be configured specific to a protection group.
5. A reminder is provided when the license is about to expire.
6. Web API logs are now provided.
7. System logs cannot be deleted.
8. The MAC address table consists of static and dynamic MAC addresses.
9. The global ACL policy now can be searched and sorted.
10. The NTI database can be upgraded, and the IP exceptions can be configured.
11. The default ACK algorithm for the _default and _webserver protection group policy templates changes to ACK check algorithm.
12. The HA configuration can be implemented between the 800E and HD1000 devices.
13. The GeoIP library is upgraded to the 1.2p version.
14. Web APIs are updated, involving the defenderGroup module (load, add, setup, sync, and sync_url actions), the defenderGroupTemplate module ( load, add, setup, and sync actions), and the NTI module (all actions).
15. An expired license cannot be imported to V4.5R90F04.

[Fixed Bugs]
None.

[Important Notes]
Upgrading to V4.5R90F04 may fail if the total number of access control rules exceed 1,000. Delete some rules, and maintain the total number within 1,000 to ensure a successful upgrade.

- END –