[Version No.]
V4.5R90F04.sp06

[Source Version]
V4.5R90F04,V4.5R90F04.sp01,V4.5R90F04.sp02,V4.5R90F04.sp03,V4.5R90F04.sp04,V4.5R90F04.sp05

[Target Version]
V4.5R90F04.sp06

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04.sp02,V4.5R90F04.sp03,V4.5R90F04.sp04

[Function Changes]
Function changes in V4.5R90F04SP05:
The GeoIP library update only supports importing versions 1.3d and above.
update for system hardening.

Function changes in V4.5R90F04SP03:
1. Group-specific exception IP addresses
2. Optimized LDAP authentication
3. SNMP GET V3 authentication
4. SNMP Trap V3 authentication
5. User-defined SNMP location
6. Log sending by email
7. Device shutdown
8. Internal IP address change
9. Removal of web login restrictions on the console
10. Removal of protection policy configurations in the CLI window

Function changes in V4.5R90F04SP01:
1. 40G and 100G network cards of HD8500 are supported.

[Fixed Bugs]
ADS-54080 [ADS_Running Mode] After restarting the in-path devices, there is a chance of encountering an error in the running mode setting.

Fixed bugs in V4.5R90F04SP05:
ADS-52640 [ADS_Management mode configuration] ADSM linking in ADS management mode configuration occasionally fails to display the traffic received by ADS within one cycle (30s).
ADS-52949 If the name of a protection group configuration exceeds 32 bytes, it will result in truncation of the group name when obtaining data for traffic statistics in the database.
ADS-52950 After the auto-learning of the protection group is completed, the automatic dispatch of the protection policy fails.
ADS-52951 Continuously deleting the blacklist for a period of time will cause some data to exist in the engine but cannot be queried.
ADS-52952 When multiple users execute the webapi interface for querying or adding the blacklist at the same time, there is a probability of returning an error value from the webapi.
ADS-52953 SLDP process occasionally crashes.
ADS-53956 [Attack Log] The device runs for a long time, and after a period of time, the attack logs cannot be found in the attack log section when encountering attacks.
ADS-52987 [ADS_Manual Diversion] ADS batch adds multiple manual traffic traction (with description field), and after creation, the description field has an additional "\" field.
ADS-53840 Probability disconnection issue with ADATA SSD.
ADS-53852 [ADS_Manual Diversion] Adding manual traffic traction rules through CLI fls with "NEXTHOP ERROR" when the destination IP for traction does not exist, but it can be added successfully through the web interface.
ADS-53866 [ADS_Hardware Status Monitoring] Under DC voltage, ADS-10000 and ADS web power status display red light.

Fixed bugs in V4.5R90F04SP03:
ADS-50497 [Web] Errors occur in the header information of the access control policies.
ADS-51869 [ADS_HA] The "Service Unavailable" error occasionally occurs when you configure HA on the web-based manager, because the HA process is stuck at ha_admin as shown in the background.
ADS-51960 [Hardware monitoring] When the power status (STA) LED works improperly, the power supply status flashes on the web-based manager.
ADS-52029 [Interface synchronization] Incorrect interface status (up or down).
ADS-52041 [Web API] When you query the diversion routing table of an in-path device via a web API, processes stack up.
ADS-52047 [Protection group] The format of the IP address entered in "Domain Name or IP" of a protection group URL is not validated. As a result, an incorrect IP address can be entered.
ADS-52048 [API] The protocol ID check in the protocol ID check policy is abnormal.
ADS-52439 [Injection route] The injection route occasionally switches when the configuration is saved.
ADS-52446 [License] A license with the same expiration date can be imported to ADS.
ADS-52506 [ADS] Incorrect processing logic of the sync interface for the manual traffic diversion in ADS
ADS-52545 [ADS interface link status] When an ADS interface link status is changed and boards are removed, the Interfaces page on the web-based manager displays incorrect information.
ADS-52583 [Real-time monitoring] HTTPS connection attack traffic causes incorrect traffic trend statistics.
ADS-52584 [Access control rules] Packets with abnormal IP headers cause the engine to hang.
ADS-52601 [ADS access control permission] After ADS is upgraded from V4.5R90F03 to V4.5R90F04, the description of ACL rules configured in V4.5R90F03 contains garbled characters.
ADS-52605 [ADS manual diversion] When the Extend parameter is enabled for a manual diversion task, the network address and broadcast address of network segments do not exist on the router.
ADS-52610 [ADS_SFTP log] The libssh2 library used for a curl command that exports logs from ADS via SFTP has poor compatibility.
ADS-52615 [ADS manual packet capture] After a manual packet capture task for a source IP address with 32-bit netmask is started, the task details show the netmask is 31 bits.
ADS-52629 [ADS CLI user] The default password complexity requirements for CLI users are different on CLI and API.

Fixed bugs in V4.5R90F04SP02:
ADS-52484 The ADS NX5-HD4500 device equipped with the interface cards of 1 x 4000M optical port and 3 x 8 electrical network ports cannot be started.
ADS-52488 When the device starts, logging in to the console as develop failed.

Fixed bugs in V4.5R90F04SP01:
ADS-52029 【Port synchronization】The interface is abnormal due to an error in obtaining the interface status.

[Important Notes]
None.

- END -

[Version No.]
V4.5R90F04.sp04

[Source Version]
V4.5R90F04,V4.5R90F04.sp01,V4.5R90F04.sp02,V4.5R90F04.sp03

[Target Version]
V4.5R90F04.sp04

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04.sp02

[Function Changes]
update for system hardening

Function changes in V4.5R90F04SP03:
1. Group-specific exception IP addresses
2. Optimized LDAP authentication
3. SNMP GET V3 authentication
4. SNMP Trap V3 authentication
5. User-defined SNMP location
6. Log sending by email
7. Device shutdown
8. Internal IP address change
9. Removal of web login restrictions on the console
10. Removal of protection policy configurations in the CLI window

Function changes in V4.5R90F04SP01:
1. 40G and 100G network cards of HD8500 are supported.

[Fixed Bugs]
Fixed bugs in V4.5R90F04SP03:
ADS-50497 [Web] Errors occur in the header information of the access control policies.
ADS-51869 [ADS_HA] The "Service Unavailable" error occasionally occurs when you configure HA on the web-based manager, because the HA process is stuck at ha_admin as shown in the background.
ADS-51960 [Hardware monitoring] When the power status (STA) LED works improperly, the power supply status flashes on the web-based manager.
ADS-52029 [Interface synchronization] Incorrect interface status (up or down).
ADS-52041 [Web API] When you query the diversion routing table of an in-path device via a web API, processes stack up.
ADS-52047 [Protection group] The format of the IP address entered in "Domain Name or IP" of a protection group URL is not validated. As a result, an incorrect IP address can be entered.
ADS-52048 [API] The protocol ID check in the protocol ID check policy is abnormal.
ADS-52439 [Injection route] The injection route occasionally switches when the configuration is saved.
ADS-52446 [License] A license with the same expiration date can be imported to ADS.
ADS-52506 [ADS] Incorrect processing logic of the sync interface for the manual traffic diversion in ADS
ADS-52545 [ADS interface link status] When an ADS interface link status is changed and boards are removed, the Interfaces page on the web-based manager displays incorrect information.
ADS-52583 [Real-time monitoring] HTTPS connection attack traffic causes incorrect traffic trend statistics.
ADS-52584 [Access control rules] Packets with abnormal IP headers cause the engine to hang.
ADS-52601 [ADS access control permission] After ADS is upgraded from V4.5R90F03 to V4.5R90F04, the description of ACL rules configured in V4.5R90F03 contains garbled characters.
ADS-52605 [ADS manual diversion] When the Extend parameter is enabled for a manual diversion task, the network address and broadcast address of network segments do not exist on the router.
ADS-52610 [ADS_SFTP log] The libssh2 library used for a curl command that exports logs from ADS via SFTP has poor compatibility.
ADS-52615 [ADS manual packet capture] After a manual packet capture task for a source IP address with 32-bit netmask is started, the task details show the netmask is 31 bits.
ADS-52629 [ADS CLI user] The default password complexity requirements for CLI users are different on CLI and API.

Fixed bugs in V4.5R90F04SP02:
ADS-52484 The ADS NX5-HD4500 device equipped with the interface cards of 1 x 4000M optical port and 3 x 8 electrical network ports cannot be started.
ADS-52488 When the device starts, logging in to the console as develop failed.

Fixed bugs in V4.5R90F04SP01:
ADS-52029 【Port synchronization】The interface is abnormal due to an error in obtaining the interface status.

[Important Notes]
None.

- END -

[Version No.]
V4.5R90F04.sp03

[Source Version]
V4.5R90F04,V4.5R90F04.sp01,V4.5R90F04.sp02

[Target Version]
V4.5R90F04.sp03

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04.sp02

[Function Changes]
1. Group-specific exception IP addresses
2. Optimized LDAP authentication
3. SNMP GET V3 authentication
4. SNMP Trap V3 authentication
5. User-defined SNMP location
6. Log sending by email
7. Device shutdown
8. Internal IP address change
9. Removal of web login restrictions on the console
10. Removal of protection policy configurations in the CLI window

Function changes in V4.5R90F04SP01:
1. 40G and 100G network cards of HD8500 are supported.

[Fixed Bugs]
ADS-50497 [Web] Errors occur in the header information of the access control policies.
ADS-51869 [ADS_HA] The "Service Unavailable" error occasionally occurs when you configure HA on the web-based manager, because the HA process is stuck at ha_admin as shown in the background.
ADS-51960 [Hardware monitoring] When the power status (STA) LED works improperly, the power supply status flashes on the web-based manager.
ADS-52029 [Interface synchronization] Incorrect interface status (up or down).
ADS-52041 [Web API] When you query the diversion routing table of an in-path device via a web API, processes stack up.
ADS-52047 [Protection group] The format of the IP address entered in "Domain Name or IP" of a protection group URL is not validated. As a result, an incorrect IP address can be entered.
ADS-52048 [API] The protocol ID check in the protocol ID check policy is abnormal.
ADS-52439 [Injection route] The injection route occasionally switches when the configuration is saved.
ADS-52446 [License] A license with the same expiration date can be imported to ADS.
ADS-52506 [ADS] Incorrect processing logic of the sync interface for the manual traffic diversion in ADS
ADS-52545 [ADS interface link status] When an ADS interface link status is changed and boards are removed, the Interfaces page on the web-based manager displays incorrect information.
ADS-52583 [Real-time monitoring] HTTPS connection attack traffic causes incorrect traffic trend statistics.
ADS-52584 [Access control rules] Packets with abnormal IP headers cause the engine to hang.
ADS-52601 [ADS access control permission] After ADS is upgraded from V4.5R90F03 to V4.5R90F04, the description of ACL rules configured in V4.5R90F03 contains garbled characters.
ADS-52605 [ADS manual diversion] When the Extend parameter is enabled for a manual diversion task, the network address and broadcast address of network segments do not exist on the router.
ADS-52610 [ADS_SFTP log] The libssh2 library used for a curl command that exports logs from ADS via SFTP has poor compatibility.
ADS-52615 [ADS manual packet capture] After a manual packet capture task for a source IP address with 32-bit netmask is started, the task details show the netmask is 31 bits.
ADS-52629 [ADS CLI user] The default password complexity requirements for CLI users are different on CLI and API.

Fixed bugs in V4.5R90F04SP02:
ADS-52484 The ADS NX5-HD4500 device equipped with the interface cards of 1 x 4000M optical port and 3 x 8 electrical network ports cannot be started.
ADS-52488 When the device starts, logging in to the console as develop failed.

Fixed bugs in V4.5R90F04SP01:
ADS-52029 【Port synchronization】The interface is abnormal due to an error in obtaining the interface status.

[Important Notes]
None.

- END -

[Version No.]
V4.5R90F04.sp02

[Source Version]
V4.5R90F04,V4.5R90F04.sp01

[Target Version]
V4.5R90F04.sp02

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04

[Function Changes]
None.

Function changes in V4.5R90F04SP01:
1. 40G and 100G network cards of HD8500 are supported.

[Fixed Bugs]
ADS-52484 The ADS NX5-HD4500 device equipped with the interface cards of 1 x 4000M optical port and 3 x 8 electrical network ports cannot be started.
ADS-52488 When the device starts, logging in to the console as develop failed.

Fixed bugs in V4.5R90F04SP01:
ADS-52029 【Port synchronization】The interface is abnormal due to an error in obtaining the interface status.

[Important Notes]
None.

- END –

[Version No.]
V4.5R90F04.sp01

[Source Version]
V4.5R90F04

[Target Version]
V4.5R90F04.sp01

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04SP01

[Function Changes]
1. 40G and 100G network cards of HD8500 are supported.

[Fixed Bugs]
ADS-52029 【Port synchronization】The interface is abnormal due to an error in obtaining the interface status.

[Important Notes]
None.

- END –

[Version No.]
V4.5R90F04

[SHA256SUM]
499c75516331950fee7a6240e2d46086026c551c09dc4e521862aabcc04ca04c

[Source Version]
V4.5R90F02.sp07.C246, V4.5R90F03, V4.5R90F03PRE.M01, V4.5R90F03.sp01, V4.5R90F03.sp01v2, V4.5R90F03.sp02, or V4.5R90F03.sp03

[Target Version]
V4.5R90F04

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02, V4.5R90F02.sp01, V4.5R90F02.sp02, V4.5R90F02.sp03, V4.5R90F02.sp04, V4.5R90F02.sp05, V4.5R90F02.sp06, V4.5R90F02.sp07, V4.5R90F03, V4.5R90F03.sp01, or V4.5R90F04
ADS M: V4.5R90F04

[Function Changes]
1. The common UDP watermark algorithm is added for protection groups.
2. The ACL policy can be configured specific to a protection group.
3. The chassis system resources are now displayed.
4. The NTI policy can be configured specific to a protection group.
5. A reminder is provided when the license is about to expire.
6. Web API logs are now provided.
7. System logs cannot be deleted.
8. The MAC address table consists of static and dynamic MAC addresses.
9. The global ACL policy now can be searched and sorted.
10. The NTI database can be upgraded, and the IP exceptions can be configured.
11. The default ACK algorithm for the _default and _webserver protection group policy templates changes to ACK check algorithm.
12. The HA configuration can be implemented between the 800E and HD1000 devices.
13. The GeoIP library is upgraded to the 1.2p version.
14. Web APIs are updated, involving the defenderGroup module (load, add, setup, sync, and sync_url actions), the defenderGroupTemplate module ( load, add, setup, and sync actions), and the NTI module (all actions).
15. An expired license cannot be imported to V4.5R90F04.

[Fixed Bugs]
None.

[Important Notes]
Upgrading to V4.5R90F04 may fail if the total number of access control rules exceed 1,000. Delete some rules, and maintain the total number within 1,000 to ensure a successful upgrade.

- END –