Configuration is the basic setting of the entire machine, including the allocation of permissions to subordinate administrators, system upgrades, backup and restoration, and notification of critical events.
Not every administrator with access to the device has the same level of privilege. Only the primary administrator has the authority to perform system settings.
NG-UTM provides multiple levels of administrative privilege, and administrator privilege settings can be accessed through “Configuration > Administration > Account and Privilege.”
Basic operation settings of NG-UTM such as browser title, memory, and connection timeout, etc.
Figure 2-1 Display of management interface settings¶
【Homepage Message】: The text displayed in the title area of the management interface. When managing multiple devices simultaneously, the homepage title can effectively help administrators identify and correctly configure settings for the devices they intend to operate.
【Browser Message】: The text displays in the browser title when logging into the management interface. Setting an easily recognizable title allows administrators to quickly identify this interface when opening multiple web pages.
【Upload Logo】: By default, it’s the ShareTech Logo, but it can be replaced with a customized one.
Image size is limited to 150 x 90 pixels. PNG, JPEG, GIF formats are supported.
【Memory Release】: To prevent memory from being occupied by unnecessary processes, causing system instability, NG-UTM has a built-in mechanism for automatically clearing memory.
The system checks memory usage every 30 minutes. When memory usage exceeds 90%, a clearing mechanism is triggered to release unused memory.
Administrators can adjust the checking interval and the threshold for triggering based on usage status.
Regular Memory Cleanup: Default is OFF.
You can specify a time for the system to perform regular memory checks and cleanup instead of waiting for memory usage to reach the trigger condition before initiating the cleanup process, thus enhancing system stability.
Typically, the cleanup schedule is set when the system is less busy, such as midnight at 00:00.
【Session timeout of established】: This setting determines the duration within which an established TCP connection, with no data transmission, will be actively terminated by the system.
The default value is 600 seconds. If the timeout is set too long, such as 86400 seconds (1 day), the system may be overwhelmed by numerous idle TCP connections, which might consume memory resources.
In general, a communication session will automatically be terminated after data transmission ends. However, in cases of abnormal termination or malicious attacks, these TCP connections may remain in the system, occupying memory resources.
When too many connections occupy the memory, it may stop the normal connection requests from being serviced. In such cases, this mechanism is needed to terminate these abnormal connections.
note
The setting for “Session timeout of established” only applies to established TCP connections and does not affect incomplete TCP connections or UDP protocol.
UDP protocol is unaffected because it lacks a three-way handshake mechanism. Incomplete TCP connections present many possible risks, such as SYN attacks in DDoS attacks, which consume resources.
NG-UTM provides protection against SYN attacks. In “Policy> Security Policy > SYN Protection,” you can specify the hosts that require SYN protection mechanisms.
【Pass-through Protocol】: When NU-UTM is used in video conference or SIP network telephone, it is recommended to enable this feature. Once enabled, packets for the H.323/SIP protocols are automatically passed through without additional control.
【LAN Acceleration Mode】: Switch the virtual interface bound to multiple physical interfaces from Bridge mode to Switch mode. Different modes have different settings in sections. It will be introduced in chapter 3-2. Interface
【Control Bridge VLAN Packets】: When the firewall is positioned for filtering between two switches, and packets carry VLAN tags, this option must be selected to allow the firewall to control these packets.
【Open Ports for FTP Active Mode】: If the internal FTP server uses a non-standard port, you can set the firewall to open this port in this setting.
NG-UTM provides Auto VPN functionality starting from version 9.0.1.5. The default port used for Auto VPN is 24088. Setting the port to 0 means that this feature is not enabled.
Auto VPN simplifies the setup of IPSec VPNs, especially when dealing with many dynamically assigned IP addresses. It accelerates VPN establishment and enhances overall operational stability.
【Compatibility mode】: Allows low-security connections, compatible with devices that firmware version is 9.0.2.4 or below.
• Login Failure Block Settings
The system will restrict the number of incorrect attempts for username and password from each source IP address. When the number of attempts exceeds the certain value, NG-UTM will block the respective source IP address.
The blocked IP address will remain blocked until either the configured blocking duration elapses or another primary administrator logs in and executes the unblocking procedure to release the blocked source IP address.
This setting limits the number of incorrect password attempts during login. When the same account exceeds the number of failed attempts, the source IP address will be temporarily blocked. The default value is 0, indicating no limit on the number of failed attempts.
【IP Blocking Period】:
When an IP address exceeds the configured number of failed password attempts, NG-UTM will block it from logging in for a certain period. The unit is minute. After this duration elapses, the IP address can access again.
The default value is 0, indicating no limit. The block is permanent unless a primary administrator unblocks the IP address in the “Unblocked IP” section.
【Unblocked IP】:
cked IP addresses will be listed here. Primary administrators can decide whether to unblock them or not.
• Homepage Setting
NG-UTM provides two types of user interfaces: the traditional management interface and the Dashboard interface.
The traditional management interface allows for the management of the entire NG-UTM device, enabling various administrative actions.
The Dashboard interface, on the other hand, presents graphical representations of network traffic, intrusion detection records, and other related information, offering a visual overview of NG-UTM’s inbound and outbound traffic or hacker attack-defense records.
【Homepage Setting】: There are two options, Management page and Dashboard. Determines which screen is displayed when an administrator logs in. The default is the Management page.
• Homepage Interfaces Setting
When the primary administrator logs into the NG-UTM management interface, it displays real-time traffic for each network zone. However, when there are numerous network zones, it can be challenging for the administrator to identify them. In this setting, you can configure which default network zone to be displayed.
The feature in the policy displays packet communication records.
By default, only established connections are displayed. Typically, established connections indicate compliance with the policy. For packets that violate it, the system discards them without any record. When this feature is enabled, the system retains records of discarded packets.
DNS servers are configured for NG-UTM’s own queries. Since NG-UTM may not necessarily be placed on the external gateway, it needs to set up DNS servers for domain name resolution.
The DNS servers can be either IPv4 or IPv6.
【DNS Server 1】: The first DNS server used by NG-UTM, such as 8.8.8.8
【DNS Server 2 】: The second DNS server used by NG-UTM, such as 1.1.1.1
【DNS Server 3 】: The third DNS server used by NG-UTM, such as 2001:4860:4860::8888
When NG-UTM needs to query DNS records, it will first query DNS Server 1. If the configured DNS server does not respond, it will then proceed to query the other DNS servers in sequence.
NG-UTM is configured to use HTTPS protocol for accessing the management interface via a web browser.
HTTPS typically uses port 443 by default. However, administrators can customize this port to any number from 1 to 65535 according to their requirements. Once the port is changed, users will need to use the new port to access the management interface next time when they log in.
【HTTPS Port】: This setting determines the port number used to access the NG-UTM management interface. The default number is 443.
For example, if the default network IP address of NG-UTM is 192.168.1.1 and its management port is changed to 10443, after saving this configuration, users will need to use the new port for subsequent logins (e.g., https://192.168.1.1:10443).
【Idle Timeout】: This setting determines how long the management interface will remain active when it’s idle. If the idle time exceeds the configured duration, NG-UTM will automatically terminate the administrator’s connection. To re-enter the management interface, the user needs to log in again.
The idle time range is from 5 to 60 minutes, with a default of 60 minutes.
【Security】: You can adjust the connection encryption to use TLSv1.1, TLSv1.2, or TLSv1.3
NG-UTM can configure multiple ZONES, and each ZONE can have its own IP address. These IP addresses can then be provided to primary administrators or subordinate administrators for accessing the management interface.
• Administrator Custom the Rule of Password
To enhance security, the system provides two measures: setting password complexity requirements and regularly reminding administrators to change their passwords.
Figure 2-9. Administrator Custom the Rule of Password¶
【Enable】: Enables the feature of customizing administrator password rules. This is disabled by default.
【The Shortest Length (3-16 characters)】: Sets the minimum length for passwords. Generally, longer passwords provide higher security.
【Must Contain】: Specifies the characters that must be included in the password to increase its strength.
Typically, a combination of uppercase letters, lowercase letters, and numbers in an 8-character password provides sufficient security, significantly reducing the probability of being guessed compared to passwords composed solely of numbers or lowercase letters.
【The Password Cannot Contain the Previous Password】: When enabled, each time a password is changed, the new password set by the administrator cannot be the same as the old password. This feature is disabled by default.
【PSWD cannot be the same as old one(s)】: The new password cannot be the same as the previous (1-5 times) password.
【Need to update password】: Set the frequency when the system reminds administrators to change their passwords. The default is 90 days; setting it to 0 can disable this feature.
NG-UTM records are timestamped, so the accuracy of time is crucial. The system has an automatic time correction feature, which synchronizes with the configured time zone and time server for network adjustment.
【Time Zone】: Set the time zone for NG-UTM by selecting one from the list of time zones where NG-UTM is located.
【Time】: Set the time for NG-UTM.
【Date】: Set the date for NG-UTM.
After configuring the time zone and time, press save to complete the time setting action.
• Sync with NTP Server
Enable the option for “Sync with NTP Server” and choose either a publicly available time server from the internet or manually input a specific time server. NG-UTM will synchronize with the time server every 30 minutes.
The corrected data display will be available in the “Time Zone and Time” section. All synchronization processes with the time server will be recorded in the “Time Logs” section.
【Sync with NTP Server】: Choose whether to enable this feature, default is disabled.
【Time Server】: The time server currently in use.
: If immediate time correction is needed, you can pressbutton, and the system will promptly synchronize with the configured time server.
: Record the synchronization data between NG-UTM and the time server. All data will be retained for 3 days.
【Select Time Server】: Choose a suitable time server based on the time zone.
【Define Time Server】: Enter the time server to be used.
According to the administrative privilege, there are two levels: primary administrators and sub-administrators.
The default admin account serves as the default primary administrator, and there can be multiple primary administrators.
For example, the default primary administrator “admin” can add another primary administrator named “Joy” to assist in managing the entire device. Joy can also change admin’s permissions to that of a sub-administrator.
To avoid situations where there is no primary administrator due to permission settings errors, the system automatically retains the last account with primary administrator privileges.
NG-UTM allows several sub-administrators with varying levels of privilege, along with customized administrator item selection, enabling sub-administrators to carry the workload of primary administrators. Sub-administrators can also be allocated via the web interface (ZONE) for greater flexibility in device management.
Considering scenarios for the application of sub-administrators, several operational situations can be envisioned, which can be easily achieved by customizing administrator item selection based on the situation:
A. A administrator can only handle VPN operations such as establishing VPN channels, controlling them, etc., without knowing too much about other detailed functions.
B. Auditors can access NG-UTM to query recorded information.
C. Manager of information system can manage the device but cannot view content record data.
Explanation of account and privilege is as following:
• Account
The “admin” account is the default primary administrator for NG-UTM, and its default password is “admin”. This default account cannot be deleted.
During the initial setup, it is necessary to log in using the default admin account. At this point, admin can create other primary or sub-administrator accounts.
Due to its frequent use in similar network management interfaces and for security reasons, the admin’s privilege can be restricted to “Read”.
• Privilege
Privileges are divided into three categories: Read, Write, and All Privileges. When combined with customized menu functionality, certain item management permissions can be assigned to different sub-administrators.
NG-UTM’s permission configuration is highly flexible. Administrators with All Privileges are referred to as primary administrators, while those with Read or Write privileges are referred to as sub-administrators.
Only primary administrators have the permission to add, modify, or delete other sub-administrators. Detailed explanations are as following:
·【Read】: Enable browsing functionality without write (configuration) permissions.
Customized menus can be utilized to allow sub-administrators to view only the granted permissions. If customized menus are not used, it means that the sub-administrator has “view” permissions for all items on the device.
·【Write】: Both writing and browsing functions are granted.
Customized menus enable sub-administrators to configure the granted permissions.
For example, if a sub-administrator is granted management of VPN channels, upon logging into the system, their menu will only display VPN-related options, while other items will be hidden.
If customized menus are not used, it means that the sub-administrator has “configuration” permissions for all items on the device.
·【All Privileges】: Giving a primary administrator with full read and write privilege for the entire device so that there’s no need for further customization of menus.
Account management will list all administrator accounts with access to the NG-UTM management interface, along with their respective privileges. This includes functionalities for browsing or writing, as well as estimated password change time.
• Add a new administrator account and assign privilege
Click on the button to access the settings for adding a new administrator. The instructions are as following:
【Account】: The username used for the new administrator. Any combination of English letters and numbers is acceptable.
【Password】: Passwords are case-sensitive and must be between 3 and 64 characters long. The password cannot be the same as the username.
Typically, a combination of 8 characters consisting of letters and numbers provides a certain level of strength.
【Password Strength】: NG-UTM automatically evaluate the password strength.
To enhance password security, consider the following:
1. Use a combination of letters and numbers.
2. Incorporate special characters such as “@”, but avoid using colon “:” and comma “,”.
3. Use a mixture of upper and lower case letters. For example, “Joy123” has higher complexity than “joy123”.
【Confirm Password】: Re-enter the password to ensure consistency.
【Next time need to alter the password】: After the new administrator successfully logs in for the first time, this option determines whether they are forced to change their password. By default, this option is disabled.
【Need to update password】: Specify how often the system need to remind the administrator to change their password. The default frequency is 90 days. Setting it to 0 disables this feature.
【PSWD cannot be the same as old one(s)】: The new password cannot be the same as the previous (1-5 times) password.
【Account Expiration Date】: Cannot log in with this account after the account expiration date.
【Notes】: A recognizable description for the new administrator.
【2-step Verification】: When enabled, logging in requires entering not only the original password but also a verification code generated by Google Authenticator.
【Privilege】: Set the privilege for the administrator, with 3 options: Read, Write, and All Privileges.
Choosing Read or Write permissions without selecting custom menu items means the administrator can access all function options.
All Privileges represents the primary administrator, so selecting this option automatically hides the custom menu.
【User Defined Menu】: Specify which items the primary administrator grants the sub-administrator access to browse or configure. If not selected, the sub-administrator has access to the entire system.
NG-UTM’s configuration structure consists of main items + sub-menus + page menus, with actual settings in the page menu.
Restrict whether the sub-administrator can view the main items + sub-menus. These two items are in the left main menu area, so the custom menu can be understood as the left main menu area.
Examples: creating a custom menu and see the differences between Read and Write privilege.
A. Setting up the user defined menu includes items such as “Basic Setting,” “Notifications,” “Zone Settings,” “IP Tunnel” and more.
B. An account with Read privilege, upon logging into the management interface, the operator can view the menu items but have no access to the “Confirm” or “Save” buttons.
Figure 2-13 Read Permissions and Customed Features¶
C. An account with Write privilege, upon logging into the management interface, operator can view the menu items and has access to the “Confirm” or “Save” buttons.
NG-UTM enables the restriction of specific source IP address from accessing the management interface, thereby decrease the risk of unauthorized individuals attempting to guess account credentials.
The default setting is blank which means there’s no limitation on source IP addresses; thus, any internal or external network source IP address can access the management interface.
NG-UTM typically employs NAT (Network Address Translation) functionality, so the administrator should be careful when configuring source IP address to account for both internal and external network IP address.
For instance, if internal IP address is configured to access the management interface but no source IP address for external networks. Therefore, connections from external networks will be denied.
Once an IP address is configured, it activates this filtering mechanism, allowing only matching source IP addresses to access the interface. Therefore, administrators must ensure their own IP addresses are included in the configuration to prevent being locked out of the management interface.
When adding the first source IP address, it typically includes the IP address of the current administrator. Failing to do so will result in being unable to access the management interface after saving (as the source IP address is not permitted).
In such cases, access can only be regained by using the RS-232 interface to disable this feature, enabling network access to the management interface again.
【Block Response (HTTP Status Code)】: How the firewall responds when a non-configured management IP attempts to log into the management interface. You can choose to respond with either Forbidden (403), or Not Found (404).
• Add Manager IP Address and Netmask
Click the button below to access the page for adding new source IP address. The process is as following:
Figure 2-16. Setting the Source IP Address of the Manager¶
【Notes】: Set up recognizable name for source IP address.
【IP and Network Mask】: Both legal and private IP addresses in a certain section can access to the management interface.
When setting up, it’s important to notice the network mask. Legal IP addresses typically utilize 255.255.255.255, denoting a fixed IP address.
Internal private IP addresses commonly employ 255.255.255.0, representing the source IP address of a specific internal zone.
NG-UTM stores enormous data, including records of administrator logins, logouts, and actions on the device, as well as user activity passing through the device, such as email, WEB/HTTPS, system operations, and protection logs including firewall attack/defense records, IPS, and virus incidents. When the data reaches a certain threshold, either based on capacity or time, the system must clear them.
Smart Clear Settings
When the data storage usage meets the following conditions, the system will automatically adjust the record retention settings and clear the records:
1. Data storage usage rate reaches certain value (80~99%)
2. Database usage exceeds 40% of the data storage.
【Enable】: When enabled, the system will automatically adjust the content retention time below when the system capacity usage rate reaches the set value.
【Record Retention Period Log】: After enabling the Smart Clear Settings, each automatic adjustment of record retention time will be recorded here.
【Automatically Clear Data】: When the record retention time reaches the minimum value and the capacity is still insufficient, records will be cleared starting from the database with the highest usage until the capacity is sufficient.
【Clear Data Log】: A log will be kept here for each automatic content clearing event.
• Clear Data
【Manual Record Clearing】: Administrators can manually clear certain system records here. Depending on the model, there are up to 11 record items available for clearing.
Users can select specific items or use the “Select All” option to clear all items. Once the selection is made, clicking the “clear” button will erase the recorded data stored within NG-UTM.
• Data Retention Period
NG-UTM systems may utilize built-in hard drives or internal memory cards to record system information.
For systems with hard drives, the maximum retention time for records is 36 months (3 years), and historical data older than 3 years will be automatically cleared.
Devices without hard drives will have an automatic storage limit setting, typically triggering a clearing mechanism when storage usage exceeds 90%.
The default content record retention time for the system is 12 months (1 year), and administrators can adjust this within the available range (1 to 36 months) based on actual needs.
Additionally, certain large-volume and system-irrelevant records, such as email filtering, traffic statistics, and DNS query logs, may have shorter retention intervals.
The latest firmware information for NG-UTM is posted on the official Web site, and administrators can find the latest firmware information for download at https://www.sharetech.com.tw/en-us/.
There are 3 upgrade modes: Automatic, Semi-automatic, and Manual
·Automatic or Semi-automatic: Configuration > Upgrade > Firmware Message
You can set the fully automatic or semi-automatic upgrade mode here:
Semi-automatic mode: Automatically checks and downloads firmware, with manual updates by the administrator.
The system periodically checks for firmware updates from the update server and automatically downloads the latest firmware to the device. After logging into the management interface, the administrator presses the firmware upgrade button to execute the upgrade process.
Fully automatic mode: Automatically checks and downloads firmware, and at a scheduled time, automatically performs the firmware upgrade.
Before executing the upgrade process, notifications can be set to inform the administrator of the scheduled firmware upgrade time. Upon receiving the email, if the system no need to be upgraded, the administrators can enter the management interface to pause or delete the upgrade file.
【Last Update Time】: The time of the last firmware information checked.
To determine if there is currently latest firmware available, press the button to check for new firmware. If it’s available, it will be downloaded to the device for the administrator to use.
【Scheduled Update Time】: Set the time for daily check. This is the time for checking and downloading firmware, not for software upgrades.
【Update Server】: The server’s name where NG-UTM check for the latest firmware.
This is default and cannot be changed by administrators. The default URL is: autoUpdate.sharetech.com.tw.
【Automatic Download】: After enabling the auto-download feature, NG-UTM will check for the latest firmware at the specified time and automatically download it to NG-UTM.
This function can only be enabled after enabling the auto-download feature. For firmware downloaded automatically, the upgrade action will be executed within the time scheduled by the administrator.
Note
If the automatic firmware upgrade process fails due to certain factors, this feature will be disabled.
In other words, after a failed upgrade, the administrator must troubleshoot the failure factors; otherwise, the system will no longer execute the automatic firmware upgrade action.
【Firmware Upgrade Time】: The administrator specifies the time to perform the upgrade action. Generally, to avoid impacting normal usage, it is usually scheduled during the lowest system usage.
【Automatic Upgrade Notification】: When there is new firmware and it has been downloaded to NG-UTM, upgrade notification emails are sent to the administrator a few hours before the scheduled firmware upgrade.
In fully automatic mode, notification emails are sent regardless of whether the upgrade is successful or not.
The administrator’s email account can be configured multiple times, and the settings path is to “Configuration > Notification > Recipient”.
【Firmware Download Records】: Record detailed records of each firmware update including time, version, and success or failure, which can be accessed from the search button.
• Firmware File
After NG-UTM checks the update server and if there is new firmware available under the condition that automatic download is selected, the latest firmware file is downloaded and placed in the system, awaiting the administrator’s command.
When the administrator decides to upgrade, simply pressing the upgrade button in the firmware upgrade field will initiate the upgrade process.
Typically, firmware update takes 3 minutes. After the update, the system will automatically reboot. During the system update, do not shut down, disconnect, or leave the webpage, as this may lead to unexpected errors in NG-UTM.
Administrators can also download the firmware to their local machine and then manually upload it to the device.
This action is performed to check if the downloaded file’s MD5 value matches the MD5 value of the firmware published on the website. If the two values do not match, there is a possibility that the firmware file has been modified.
Whether automatic download or manual upload is utilized, NG-UTM records the firmware update process. Administrators can access the “Firmware Download Record” to see relevant historical data, including start time, end time, transport time, version, size, events, etc.
When NG-UTM is configured and operating normally, administrators will back up all configuration data and store the backup files separately for future needs.
With the same hardware specifications, the backed-up files can be imported into another NG-UTM device to perform restoration. Backup files can be stored in two ways: on a USB drive or on local storage media.
If backup and restoration actions are still insufficient, administrators can perform a reset on the system, restoring the NG-UTM to its initial state, and then proceed with reconfiguration.
The actions here involve manual backup and recovery, but the system only backing up the current configuration file.
NG-UTM offers two modes of backup data storage: USB and Backup File. With USB, the backup file is directly transferred to a USB device, while with the backup file, the backup is stored as a file on the administrator’s computer.
The two backup methods serve slightly different purposes, and the procedures for restoration are also slightly different, although both methods are usable by administrators.
• System Backup to USB
Insert a USB device into the device and press the backup button. The system will automatically detect the USB device and copy all configuration files to the USB. Once completed, please remove the USB device.
Every time when NG-UTM reboots, it will automatically detect the presence of the USB. If it’s detected, it will automatically load the backup file from the USB and execute the system restoration action.
Therefore, this feature is suitable for replacing faulty hardware devices. By inserting the originally backed-up USB into the new device, the machine can quickly be restored to its original state.
• System Backup
Press the backup button to export the current system configuration values.
NG-UTM compresses the entire system configuration data into a tgz format compressed file. When a restore action is required, just import this file.
Administrators select the desired configuration file (in tgz compressed format) and press the confirm button. The system automatically uploads the configuration file. After rebooting, NG-UTM returns to the state it was in when the backup was made.
During the upload, NG-UTM automatically checks the configuration file for any corruption. If corruption is detected, the recovery process will not be executed. Only configuration files that pass the integrity check will be decompressed and restored to the system.
• Reset Default
Administrators have the option to restore the entire device to its factory default settings. After pressing the “OK” button, NG-UTM clears all configuration values and reset the IP address of the ETH0 interface in ZONE 0 to 192.168.1.1.
【Preserve Network Interface Settings】: When performing a default reset, the administrator can choose to preserve the original network interface IP settings or not.
This mechanism is suitable when the network architecture is intact, but control actions or internal data are too complex. Administrators can choose to retain the network settings while clearing other data and resetting.
【Keep SSL Certification】: When restoring the factory default settings, the firewall related SSL certificate profile can be retained.
【Format Data Space】: When performing a default reset, the administrator can choose to execute a formatting action or not.
If this option is selected, the entire data space (such as the hard disk) will be formatted. This process requires more time to complete. After the action is completed, the system will reboot and return to its original default settings.
• Data Space Status
NG-UTM logs are recorded in the data space, and the system automatically checks the status of the data space, presenting it in the management interface.
When the data space is malfunctional, it does not affect the transmission or reception of network packets. However, recorded data may not be logged due to data space damage.
To save administrators time and effort in performing backup tasks regularly and to ensure that device data is not overlooked, NG-UTM provides an automatic backup feature.
Administrators simply need to set the backup date and time and choose the number of backups to be retained in NG-UTM’s data space. The system will automatically perform backup actions according to the administrator’s settings, with older configuration files automatically deleted.
【Enable Auto Backup】: Check to enable, then set the backup date and time.
【When to Backup】: There are two modes to choose from:
· Periodic date and time. For example, backup action performed every 3 days or every 23 hours.
· Customed date and time. For example: backup action performed at 00:00 on Monday.
【Backup Reserved Quantities】: NG-UTM will retain the latest configuration files on the system, with new configuration files overwriting older ones in a first-in, first-out manner.
【Backup Right Now】: Press the button to perform an immediate backup action and store it in NG-UTM.
• Backup Log
All automated backup records are preserved, including backup time, software version, etc. Administrators can perform the following actions on any data downloaded from automatic backups:
【Download to USB】: Store the backup file on a USB device. When the system reboots and detects this USB device
It will automatically execute the restoration action, and there’s no need to select the system restoration action again.
【Download】: Download this backup file to the administrator’s computer.
【Restore】: Restore NG-UTM directly to the state of a specific configuration file. Clicking “Restore” prompts NG-UTM to request the administrator to enter a number to confirm whether to execute the restoration action, as shown in the image below.
【Delete】: Remove this backup configuration file from the system.
【Log】: NG-UTM will record the differences between automatic backup configuration files, making it convenient for administrators to track and compare. Clicking on it will open a new window listing the detailed contents, as shown in the image below.
In the record, there are fields for modification time, account, administrator IP address, modified item, action, and a comparison of each item before and after the change. Administrators can use this information to determine whether to perform a restoration or to identify the cause of an issue.
NG-UTM will notify administrators of system events from the success or failure of backup data to system attacks and more, allowing administrators to promptly grasp device and network information.
Notifications from NG-UTM are sent via email, so administrators need to configure the basic SMTP server and recipient accounts beforehand.
You can configure different sender accounts to send notification emails for different events, and multiple recipients can receive notification messages.
• Message Notification
NG-UTM has a total of 26 types of message notification events. Each event can be checked periodically or regularly based on its type. If a problem is detected during the check, notification emails will be sent according to the administrator’s settings.
【Sender Account】: Choose the sender account to use when sending notification emails. Sender accounts are configured on the “SMTP Server” tab.
· Automatic:
When selected, the system prioritizes selecting a sender whose domain name matches the recipient’s. If no correspondence is found, the first sender account is used to send the notification email.
· Specify SMTP Account:
Use the sender configured in the “SMTP Server” as the sender account for sending notification emails.
If no sender accounts are configured in the “SMTP Server”, no notification emails will be sent.
【Recipients】: Enter the recipients of the notification emails. Multiple recipients can be specified for each event (add new recipients by line break).
【Try to send times】: Set the maximum number of attempts to send the notification email when the sending fails. The range is 1 to 5 attempts. If the attempts are more than the specified number of times, the notification email will not be sent.
【Notification Language】: Choose the language for the notification email. Options include English, Traditional Chinese, and Simplified Chinese. Incorrect language settings may result in garbled messages for recipients.
• Message Notification Items
NG-UTM currently provides notifications for 25 types of items. Each item can be checked periodically or regularly based on its attributes.
For example, “Network Disconnection” is always checked periodically, while the frequency of checking for “Firewall Protection” is less frequent than “System Operation Logs” to prevent the system from sending notification emails after the attack has occurred.
Regardless of the type of event, the subject of the notification email can be customized. Administrators can change it to make it easier for recipients to understand.
For example, the default subject for a network disconnection notification email is “ZONE disconnect,” which can be changed to “Taipei NG-UTM Disconnection.”
If notification for a specific check is not enabled, the system will not send notification emails for that event.
The explanation of each event is as following:
1. Zone Disconnection: Check if the Wide Area Network (WAN) connection to the outside is working.
2. DDNS Update Failure: Check if the configured DDNS service is updating and functioning properly.
3. HA Status Switching and Data Synchronization Abnormality: Indicate when there’s a switch between Master and Slave in HA mode or abnormalities during data synchronization between two devices.
The search results are sorted based on the time of the records, and they can also be categorized and sorted by events. The key in the field is for changing the sorting order.
Click on thein the content field to view more detailed information.
Figure 2-24 Detailed Content of Message Notification Log¶
NG-UTM sends out notification emails using SMTP server settings and sender accounts. If no valid sender account is configured, all notification emails will fail to be sent. Administrators can set up multiple sender accounts.
• Add SMTP Server
Click on theicon below the SMTP server settings list to add a new SMTP server.
【Sender】: The default name is “Admin”. Check “Custom Name” to change it to a name that recipients can easily recognize, such as “Notifications from NG-UTM”.
【Sender Name】: The sender’s name displayed in the notification email to the recipient.
This is the display name, not the sender account. Most email clients will display the sender’s name. If the sender’s name is not set, the email account will be displayed as the sender’s name.
【Server】: The SMTP mail server hostname. For example, abcd.com or 211.22.22.22.
【Port】: SMTP is TCP 25, SMTPS is 465 or 587, depending on the SMTP server.
【Account】: The account used to log in to the SMTP mail server. Enter the account or full email address, for example, jean or jean@abcd.com.
【Password】: The password for the sender account on the SMTP mail server.
【Require Authentication】: Check if the SMTP mail server requires account authentication.
【TLS】: Select whether to enable TLS based on the requirements of the SMTP mail server. (TLS provides authenticity, integrity, and confidentiality over the Internet.)
【Delivery Domain Name】: The sender’s domain used for sending emails. It typically needs to match the recipient’s domain to avoid issues with filtering.
For example, if the sender’s account is a@ghij.com and only sends emails to ppp@ghij.com, enter ghij.com here to indicate that the sender’s account will not send notification emails to domains other than ghij.com.
【Specify Source Address】: Some mail servers only serve specific sender IP addresses. Enter the specified IP address of the mail server here.
• Sender Account Verification and Email Sending
After configuring the SMTP server’s sender account, if there are concerns about incorrect settings causing recipients to not receive notification emails correctly, NG-UTM provides online testing for sending emails.
In the SMTP server settings list, NG-UTM displays detailed information for each sender account. Click the “Test” button in the “SMTP Test Email” column and enter the recipient’s email address.
After entering the recipient’s email address, click “Confirm”. If the recipient’s mailbox receives an email with the subject “This is a SMTP Test Mail”, it indicates that the SMTP server settings are correct.
NG-UTM provides 2 buttons for executing normal power on/off operations. Additionally, to enhance operational stability, the system can execute periodic reboot actions.
NG-UTM provides 2 buttons for normal power operations: “Reboot” and “Power Off”.
When the “Reboot” button is pressed, the system will shut down all services, reboot, and load the information stored in the configuration file. Pressing the “Power Off” button will initiate the shutdown process according to the normal procedure.
The system can be configured to perform periodic automatic restarts, which helps clear unnecessary or abnormal files occupying memory and enhances system stability.
There are three options for the length of the restart cycle: daily, weekly, and monthly. Administrators can configure this based on their needs, with a monthly restart generally being sufficient.
【Enable】: This option activates the automatic restart mechanism, with the default setting being off. The system automatically records the time and success or not, administrators can click on the log button to view the logs.
【Recurrence】: Administrators can choose from three options: every day, every week, and every month. Typically, setting the system to restart once a month is adequate for normal operation.
【Reboot Time】: This setting determines when the automatic reboot will take place. It is usually scheduled during non-service hours to minimize disruption.
Firstly, before discussing the layout of the internal wireless network environment, it’s necessary to understand the differences between Thin AP and Fat AP.
Thin AP is a concept that has been introduced in recent years. The main difference from conventional wireless routers (Fat AP) lies in the fact that Thin AP functionality is simpler, mainly focusing on wireless signal transmission, without the ability to perform functions such as management and security as with Fat AP.
NG-UTM integrates wireless AP management functions, allowing enterprises to address the issue of wireless network expansion seamlessly.
By combining wireless AP equipment, the traffic passing through each AP is integrated into the network interface of the NG-UTM.
Moreover, APs can seamlessly communicate with each other, ensuring that users do not feel network switching during mobility.
NG-UTM provides a separate control platform to manage wired and wireless communications.
Through the management interface, administrators can clearly monitor the operational status (active or offline), upload and download traffic, and current online users of each AP router.
More importantly, administrators can directly control each AP router through the control platform, greatly reducing their burden. The wireless AP control platform can provide robust and comprehensive deployment for wireless network protection.
After setting up wireless hotspots in the office network environment, the next challenge most network administrators face is how to control users’ WiFi usage.
With the widespread use of smartphones, tablets, and laptops, wireless network management is a challenge that most enterprises will have to face in the future.
Thin AP mainly transmits wireless network messages and is relatively weak in security management, unable to effectively protect against some malicious attacks.
If WiFi traffic is directed to the NG-UTM network environment, not only can the operational status of each wireless AP be controlled, but also an authentication mechanism service is provided.
Users must pass authentication to gain legitimate permissions for wireless internet access.
In addition, through NG-UTM, behavioral control and logging of wireless internet users can be implemented.
It is possible to restrict users’ browsing of web pages and usage of applications (such as instant messaging, P2P, multimedia, etc.), and record all usage behaviors.
For network administrators, using an NG-UTM as the primary management tool enables them to control the operational status of all wireless APs through a single management interface.
Importantly, they can also remotely shut down devices and issue control commands, thus significantly improving efficiency without the need for frantic management.
Besides enhancing convenience to administrators, it also allows users to use it easily, making it a painless solution for enterprise network management personnel.
To enable the AP management functionality in NG-UTM, it is initially set to be disabled. Once activated, you can begin to add new managed Wireless APs.
Administrators can categorize Wireless APs into different groups based on various attributes and purposes, facilitating easier management.
【Alias】: Enter the name of the new managed AP, which can be in Chinese or English.
【Model】: Choose the current supported AP device. Communication between AP and NG-UTM is via SNMP or Telnet / SSH protocols.
APs using Telnet / SSH can provide more detailed data. Although SNMP is a standard protocol, each AP may have its own SNMP commands.
Only AP models that have been tested and verified can fully display all functions. The currently supported AP models and management methods are as follows:
1. Howay 2000NI: SNMP
2. ShareTech AP-300: SNMP
3. Zyxel NWA1100-NH: SNMP, Telnet / SSH
4. Zyxel NWA5123-AC: Telnet / SSH
5. Zyxel NWA5123-AC-HD: Telnet / SSH
6. Zyxel WAC6103D-I: Telnet / SSH
7. Zyxel NWA5123-NI: Telnet / SSH
8. Zyxel NWA1123-ACv2: Telnet / SSH
9. Zyxel NWA1123-ACv3: Telnet / SSH
10. Zyxel NWA1123-AC-HD: Telnet / SSH
11. Zyxel NWA1123-AC-PRO: Telnet / SSH
12. Zyxel NWA5121-NI: Telnet / SSH
13. Zyxel NWA110-AX: Telnet / SSH
【IP】: Enter the IP address of the Wireless AP. For example, 192.168.1.5.
【Group】: Choose which existing group the new Wireless AP belongs to. APs in the same group can apply the same management actions, and data can be uniformly distributed.
If you want to create a new group, enter the name of the new group in the blank space, and the system will automatically create a new group. Group name can be in Chinese, English, or numbers.
【SNMP Port】: The port used by the AP to communicate with the NG-UTM using SNMP protocol. SNMP generally uses port 161.
【SNMP Read Community】: The account with READ-only permission used for SNMP communication, usually set to “public” by default.
【SNMP Write Community】: The account with WRITE permission used for SNMP communication, usually set to “private” by default. For security reasons, this account is usually modified.
【Command Mode】: Specify which protocol NG-UTM uses to communicate with the AP. There are two options: Telnet and SSH. Telnet is a non-encrypted connection, so it is generally recommended to use encrypted SSH connections.
【AP Management Requests】: Each newly added AP device will send out a management request. Only when the administrator accepts it will the AP device be added to the list.
If there are new APs to be added, the number will be displayed here, and the administrator can click om it to add them.
【Group Name】: All AP devices are categorized according to group names.
【Status】: represents disconnected, indicating that NG-UTM cannot establish contact with the Wireless AP whilerepresents connected.
【Alias】: The name displayed for the Client on the Server.
【Channel】: The current wireless channel used by the Wireless AP. If the channel is set to auto-select, it will display as “Auto”.
【SSID】: SSID and the frequency band used. It’s divided into 2.4G and 5G bands. Each Wireless AP may have different capabilities. Some may only support only 2.4G, while others support both 2.4G and 5G.
【Online Users】: Indicates how many users are currently using each SSID.
Clicking on the online user count will display a statistical chart of the number of users who have used this SSID for internet access. Administrators can query historical data for the current day or previous days.
Note
The usage count here is listed based on each SSID. However, in “Connection Status > 15-2-2. Wireless Member List,”all devices currently using wireless devices will be listed.
【Flow (byte) 】: The current traffic for each SSID.
• Wireless AP Configuration Distribution
All managed wireless APs can utilize NG-UTM to distribute commonly used configuration files to the wireless APs.
For example: SSID can be used to change the administrator’s password on the wireless AP. The following explains commonly used functions for wireless:
【Delivery Items】: Select the items to be distributed, including AP Settings (2.4G/5G), Internal Network, Management Interface Password, and Management Interface Access.
【Add SSID】: Add an additional SSID to the existing wireless AP.
MAC Filtering allows you to configure blacklists and whitelists, containing the MAC addresses of connected devices. After configuration, it can be applied within AP management.
NG-UTM relies on packet signature matching to confirm whether incoming and outgoing packets are normal. ShareTech periodically pushes the collected signatures to each device, ensuring that all data is up to date.
Currently, the system has three automatically updated databases, which are the URL blacklist database, application control rules, and IPS signature codes.
Administrators can also click on the button to perform an immediate check.
The features of applications are different in each version, so the determining signature codes also change. Therefore, administrators should apply automatic checks and updates to ensure that managed applications can function properly.
For most enterprises, managing network security is a complex task.
Especially for growing enterprises, responding quickly to and maintaining the network issues they face is an even more challenging task.
What network administrators need is a simple management tool that can be used to control relevant network devices or behaviors.
EyeCloud, a centralized cloud-based management system for devices provides just that.
Through a browser interface, administrators can easily configure, manage, monitor, and troubleshoot devices under their control, including firewalls, UTMs, wireless APs, switches, or mail servers, from anywhere.
Additionally, EyeCloud integrates with Line instant notification service, effectively reducing the workload of network administrators, shortening maintenance and management time, and enhancing the competitiveness of enterprises.
In the “System Settings > Cloud Management Service” feature, click on “Enable” for the cloud management service.
If there is no existing cloud management account, clicking on “Create Account” will automatically initiate the application process.
If you already have a cloud management account, you can enter your account credentials to log in. The following screen will then display the successfully managed devices.
【Server Address】: The IP address or domain name of the cloud management server.
【Server Port】: The port used for communication between the cloud management server and NG-UTM, defaulting to TCP 2000.
【Serial Number】: The machine serial number of the NG-UTM.
【The Last Connect Time】: The last time NG-UTM communicated with the cloud management server.
【Deliver Log】: Record of sending a profile from eyecloud.
【Eyecloud】: Binding NG-UTM with Eyecloud. Clicking on this option allows administrators to bind NG-UTM with an existing Eyecloud account or create a new Eyecloud account.
The cloud management website is https://eyecloud.tw/. You can pre-register for an Eyecloud account and host your devices in the cloud. With just one Eyecloud account, you can manage multiple NG-UTM devices.
•In “Message Notification > Notification”, you can view the device status:
Green → Orange: System operating normally → Normal connection, but other device statuses in the device status are off, such as AP or switch.
Green → Yellow: System operates normally → No connection to the server for 10~20 minutes.
Yellow → Red: No connection to the server for 10~20 minutes → No connection to the server for over 20 minutes.
Yellow → Orange: No connection to the server for 10~20 minutes → Normal connection, but other device statuses in the device status are off such as AP or switch.
Red → Green: No connection to the server for over 20 minutes → System operates normally.
Red → Orange: No connection to the server for over 20 minutes → Normal connection, but other devices have statuses that are off.
Gray → Green: No connected to the server before → System operates normally.
Figure 2-36. Explanation of Device Status Indicator Lights¶
• Unbinding Cloud Management Service
To unbind the cloud management service, click ‘Unbind’ in the Cloud Management Service. This device will then be disassociated from the cloud management mechanism.
The transmission of network data relies on the SSL encryption protocol, and NG-UTM is no exception. Utilizing SSL extensively, during the SSL encryption process, certificates are required to verify authenticity.
In general, the use of SSL certificates requires a Server certificate, a private key, and an intermediate certificate.
Certificates have two sources: obtaining a legitimate certificate and importing it using the “Manual Input” method, and utilizing Let’s Encrypt certificates.
Let’s Encrypt issues free legitimate certificates, but the downside is they must be renewed every three months.
• SSL Certificate Message
Here is information about the certificates currently used by the firewall. The default is a private certificate with a ten-year term. While such certificates provide an encrypted connection to the management interface, the browser will consider this an insecure connection because the browser cannot verify the legitimacy of the private certificate.
This also causes the browser to pop up a warning page when connecting to the UI, confirming whether or not the connector wants to continue.
To avoid this situation, you need to use the SSL certificate setting to give the firewall a legitimate certificate.
【Download certificate file】: Will download the current firewall certificate, private key and intermediate certificate (if imported)
【Reget and Change to default】: The certificate will revert to a private certificate issued by the firewall itself.
• SSL Certificate Set
1. Manual Input
Choose Manual Input in SSL Certificate Set to generate certificate request file (server.csr) and private key (server.key) for applying legal certificate. The following is the configuration example:
After input, download the server.csr and server.key files. Save the server.key to be used when importing.
Submit server.csr to the certificate provider and the provider will provide a legitimate certificate and an intermediate certificate. Then go to SSL Certificates import to import them in order and you can use this certificate.
2. Let’s Encrypt Certificates
Let’s Encrypt is a legitimate certificate authority that simplifies the application process. NG-UTM administrators can request certificates by configuring DNS servers accordingly. Let’s Encrypt certificates are valid for three months and are automatically renewed before expiration.
DNS server:
Local DNS server - Automatic update (When your registered domain uses the local DNS server, the certificateis valid for less than 14 days, and automatic update SSL certificateis supported.)
External DNS server - Manual update (When your registered domain uses exernal DNS server, please click “Apply” before the SSL certificateexpires.)
【Domain(s) Certificate Set】: Enter the domain name for the certificate application. When you press “Apply Certificate,” the system will automatically request the certificate from Let’s Encrypt.
【TXT】: After successful application, Let’s Encrypt will provide a TXT value. The administrator must add a TXT record to the DNS server.
In the example provided, the TXT name is and the corresponding TXT value should be entered in the name field.
Once Let’s Encrypt verifies the TXT record, the legitimate certificate can be used.
To prevent potential damage to NG-UTM due to sudden power outages, which could result in motherboard or storage media (such as hard drives) failures and lead to equipment damage, the system supports Uninterruptible Power Supply (UPS).
In the event of a power outage, if the UPS power falls below the certain threshold, the system will automatically initiate a shutdown process to protect the stored data.
NG-UTM supports three methods of connection with UPS devices: SNMP, USB, and UPS devices with network functionality.
When connecting via USB or UPS devices with network functionality, the system will list the brands and models verified by ShareTech. Choosing SNMP enables communication with the UPS using the SNMP protocol.
Currently, SNMP supports three protocols: SNMP v1, v2c, and v3.
• Set up
Begin by selecting the operational mode in “Connection Mode.” The settings for each operational mode may be different.
The firewall connects to the UPS through its own USB interface.
【Model】: Select the model of the UPS.
· Automatic: The system automatically communicates with the configured IP address, and the communicated model will be listed in “UPS Information.”
· Custom: Select from the models verified by ShareTech. Currently, there are 5 verified UPS models.
【Low Battery】: Indicate when the battery level falls below the set value, default at 80%, the system enters a safe mode. External backup mechanisms will be interrupted, and the system will initiate a shutdown process after a set number of minutes.
【Battery Lower Limit】: When the battery level of the UPS falls below the set value, the system directly initiates a shutdown process.
【If it is in HA Mode】: In HA mode, notify the other device to synchronize shutdown actions.
2. SNMP v1 Connection Mode
【UPS Device IP】: Enter the IP address and port number of the UPS. The system will use SNMP v1 protocol to automatically communicate with the UPS, and the communicated messages will appear in “UPS Information.”
3. SNMP v2c Connection Mode
【UPS Device IP】: Enter the IP address and port number of the UPS.
【Access SNMP Service Account】: Enter the SNMP v2c account set on the UPS. The system will use SNMP v2c protocol to automatically communicate with the UPS, and the communicated messages will appear in “UPS Information.”
4. SNMP v3 Connection Mode
【UPS Device IP】: Enter the IP address of the UPS.
【Access SNMP Service Account】: Enter the SNMP v3 account set on the UPS. The system will use SNMP v3 protocol to automatically communicate with the UPS, and the communicated messages will appear in “UPS Information.”
【Authentication Password】: Password used for SNMP v3 authentication. Authentication can be SHA or MD5. Ensure consistency with the UPS host settings.
【Transmission Key】: Encryption password used for SNMP v3 data transmission. Encryption can be DES or AES. Ensure consistency with the UPS host settings.
5. Network UPS Server Connection Mode
The firewall connects to the UPS server via IP and port number.
【Model】: Select the model of the UPS.
· Automatic: The system automatically communicates with the configured IP address, and the communicated model will be listed in “UPS Information.”
· Custom: Select from the models verified by ShareTech. Currently, there are 5 verified UPS models.
【Server IP Address/Port Number】: Enter the IP address and port number of the UPS server. The system will automatically communicate with the UPS server.
• Network UPS Server
In USB and SNMP modes, NG-UTM can also act as a communication medium between the UPS and other devices, transmitting UPS information over the network for use by other devices.
【Enable】: This feature is not enabled by default, and the entire UPS is only used locally.
【Terminal Device IP Address】: IP address of the device that requires this service. It sends notifications when the UPS has low battery.
【Shutdown Wait Time】: Time required for remote devices to shut down. NG-UTM will wait for this time before initiating the shutdown process.
【Ping Timeout】: NG-UTM uses ICMP (PING) to confirm device availability with remote devices.
Typically, CMS (Central Management System) allows the central-end device to be set as the CMS Server, enabling the management of all remote NG-UTM devices.
Although CMS and cloud management services provide similar device management functionality, their operations differ slightly:
1. CMS requires a fixed IP address or a DNS-resolvable hostname at the central-end to enable remote clients to locate the server.
2. The central-end of CMS requires NG-UTM devices with hard drives.
3. CMS can only manage NG-UTM devices and cannot manage other ShareTech devices such as mail servers.
ShareTech’s CMS functionality includes essential features for remote configuration settings, including backup, data restoration, and firmware updates, allowing central management personnel to centrally manage multiple remote devices according to their needs or preset schedules.
Additionally, the Log function provides detailed records of relevant events occurring in monitored device products, enabling tracking of the devices’ latest usage status.
The schematic diagram of the CMS system is as follows: Each NG-UTM device at different locations aggregates its status and configuration files to the headquarters.
Headquarters administrators can then monitor the real-time status of all remote sites from the NG-UTM at headquarters and intervene in management as needed.
Every UTM firewall’s CMS system can act as either a Client or a Server, but if the device lacks a hard drive, it can only operate as a Client.
• Basic CMS Settings
【Enable】: Toggle CMS functionality on or off.
【Mode】: Choose between Client or Server mode for CMS operation. Different settings are available depending on the selected mode. The following elaborates on each mode:
1. Client Mode
The operating principle of CMS is straightforward in Client mode. Devices set as Clients periodically send messages to the Server and grant management authority to the Server.
【Server】: The domain name or IP address of the CMS Server, which must be accessible on the internet.
【Alias】: The name displayed for the Client on the Server such as UTM-Taipei.
【Update Interval】: How often data is updated to the Server, with a setting range of 1 to 30 minutes.
【Administrator Account】: The administrative privileges are granted by the Client to the Server. The administrator on the Server side uses this account to log into the Client device. If no administrator is specified, access to the management interface via CMS is not possible.
For detailed administrator privileges, please refer to “System Settings > 2-3. Administration ” settings.
【Connect Interface】: Specify which interface is used to report to the Server. The system automatically lists all outbound interfaces for the administrator to choose from.
2. Set as Server
Configuring this device as the Server also records data sent by Client devices. Therefore, administrators only need to manage the Server to oversee all devices.
When the CMS is set up as the server, enabling periodic backup of Client configuration files allows for customization of the backup interval.
After backup, in case of Client failure or misconfiguration, the previous settings can be restored through the CMS server.
【Enable】: Enable the backup of Client configuration files.
【Automatic Backup Time】: Specify the interval for periodic backups. Shorter intervals increase system load.
【The Number of Backup to Keep】: Determine the number of backup configuration files to retain. Typically, 5 backups are sufficient, but a higher count occupies more storage space.
: If immediate time correction is needed, you can press
: Record the synchronization data between NG-UTM and the time server. All data will be retained for 3 days.
button to access the settings for adding a new administrator. The instructions are as following:
button to check for new firmware. If it’s available, it will be downloaded to the device for the administrator to use.
button, the system will start the upgrade process.
key in the field is for changing the sorting order.
in the content field to view more detailed information.
represents disconnected, indicating that NG-UTM cannot establish contact with the Wireless AP while
represents connected.
button to perform an immediate check.
and the corresponding TXT value should be entered in the name field.
