[Version No.]
V4.5R90F05.sp01

[Source Version]
V4.5R90F05

[Target Version]
V4.5R90F05.sp01

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F05
ADSM: V4.5R90F05.sp01

[Function Changes]
1. The group-specific allowlist is added, and the global allowlist supports more operations.
2. SSL/TLS keyword checking rules are added.
3. The user name admin can be renamed.
4. The NTI module is subject to a separate license.
5. The NTI database provides a special DDoS threat intelligence package.

[Fixed Bugs]
ADS-54072 After Password Strength Check is enabled, the system is stuck on the Change Initial Password page when the new password fails the length check.
ADS-54087 [ADS_lacp] After LACP is configured between ADS and a Juniper device, the first port of ADS in the port channel cannot be aggregated.
ADS-54098 [System upgrade] After the upgrade package is uploaded and before the Start Upgrade button is clicked, the System Upgrade page exits and the upgrade cannot be saved.
ADS-54126 [WEB] Access control rules are incorrectly filtered by destination IP or source IP address.
ADS-54369 [Manual diversion] Failed to divert traffic for an IPv6 address upon successful establishment of a BGP neighbor and an effective injection route.
ADS-54735 [ADS_cfeapp] Particular IPv6 packets with a next header field cause cfeapp exception and restart.
ADS-54746 [Attack logs] An error indicating incorrect date format occurs in the course of downloading attack logs.
ADS-54747 [web] Failed to download logs of a specific month, with an error indicating incorrect date format.
ADS-54824 [Link status logs] Only the logs of the current page are downloaded when multiple pages of logs exist.

[Web API Interface Change Description]
1. The parameters for load, add, setup, and sync actions under the defenderGroup interface are modified.
2. The parameters for load, add, setup, and sync actions under the defenderGroupTemplate interface are modified.
3. Parameters for all actions under the whitelist interface are modified. This interface now supports add, delete, import_progress, and download_import_result actions.
4. The TlsFilter interface is added.

[Important Notes]
None.

- END -

[Version No.]
V4.5R90F05

[Source Version]
V4.5R90F04.sp05,V4.5R90F04.sp06

[Target Version]
V4.5R90F05

[SHA256SUM]
8a45cb62515546cc031754ddd155dd856c86ac88d2397ce5c4274db725fdf83e

[Matching Versions of Collaborative Devices]
NTA: V4.5R90F02 to V4.5R90F05
ADS M: V4.5R90F05

[Function Changes]
1. The protection capability against zombie hosts is improved.
2. ADS now can defend against HTTPS attacks without decrypting HTTPS packets.
3. Programmable rules are added.
4. Carpet bombing can be defended against.
5. The maximum number of connection exhaustion protection rules is increased to 512.
6. [CLI] Destination IP addresses can be prioritized for traffic statistics.
7. The group traffic statistics can be exported to an XML file.
8. The sampling ratio can be set for capturing packets.
9. More parameters can be set for a rate-triggered automatic packet capture task.
10. [CLI] The erase times of the CF card can be read.
11. New model ADS 20000 is supported.
12. An email remainder is sent when the license is about to expire.
13. The fingerprint analysis can be configured for captured files.
14. The main menu of the console-based manager is clearer.
15. The manual traffic diversion is improved.
16. The cluster configuration synchronization is optimized.
17. The cluster protocol synchronization is optimized.

[Fixed Bugs]
ADS-52690 [Cluster synchronization] Failed to synchronize custom user permissions in the ADS cluster.
ADS-52913 [Blocklist] The IP address is not verified in a blocklist query.
ADS-52947 [Web API log] No traffic diversion log is generated after a manual traffic diversion on web API.

[Web API Interface Change Description]
The parameters for load, add, setup, and sync actions under the defenderGroup interface are modified.
2. The parameters for load, add, setup, and sync actions under the defenderGroupTemplate interface are modified.
3. Parameters are added for create and edit actions under the capture interface.
4. Parameters are added for edit_on_attack_events and load_on_attack_events actions under the autocapture interface.
5. The parameters for create and edit actions under the autocapture interface are modified.
6. The PreferredController interface is added.
7. The SegScanController interface is added.
8. The AdversarialRules interface is added.
9. The license information can be obtained through the heart interface.

[Important Notes]
None.

- END –