UserGate Next-Generation Firewall (NGFW)

The main articles are:

• Firewall
• NGFW (Next Generation Firewall)

2026

Compatibility with Indid Multi-Factor Authentication Cloud Service

and UserGate the company Indid"" on February 5, 2026 reported successful testing for firewall the next generation of UserGate NGFW and. Cloud Multifactor Authentication (MFA) Technology integration services are aimed at increasing the level of security - VPN access, namely Remote Access VPN, using remote access from, UserGate Client as well as to reduce the risks of compromising credentials when data remotely connecting to corporate resources.

The joint use of the MFA cloud service with UserGate NGFW and UserGate Client provides centralized management of authentication processes and allows secure access for connections both from the internal network and through virtual private networks (VPN), which is especially important for organizations with a distributed infrastructure and hybrid work format. Even if the password is compromised, the attacker will not be able to access corporate resources without passing the second authentication factor.

Companies implementing the UserGate NGFW firewall for network access control receive an additional layer of protection - a multi-factor authentication mechanism implemented using Indid's MFA cloud service. The first factor is the user's domain password, and the second factor can be one of the supported ways to confirm your identity, including one-time codes (email, Telegram, SMS, TOTP), push notifications through the Indeed Key and Telegram mobile application, as well as the use of hardware tokens. This approach provides an additional layer of protection and allows you to adapt the authentication mechanism to the requirements of a specific organization and current information security policies . Domain credentials are verified using the LDAP protocol, which simplifies the configuration of the solution and reduces the requirements for the existing IT infrastructure.

Remote access remains one of the main security challenges for the corporate infrastructure. We are joining forces with UserGate to ensure that our customers have the highest level of protection for their network perimeter. The integration of our cloud service MFA with UserGate NGFW and UserGate Client provides organizations with a comprehensive solution to protect their network perimeter, allows customers to strengthen the protection of VPN connections thanks to reliable and flexible multi-factor authentication tools, - said Andrey Laptev, Director of the Product Development Department in Indid.

UserGate Client is a 3 in 1 solution that allows you to organize remote secure access on the principle of zero trust. The software has strong integration with our flagship UserGate NGFW product. Key protection is identity confirmation not only with a password, but also with a second factor (for example, code from an application). Thanks to this, even if the login and password are leaked, the attacker will not be able to penetrate the company's network. The integration of Indid multi-factor authentication with the network security products UserGate NGFW and UserGate Client will help ensure this key protection through the organization of Remote Access VPN using the second factor. This approach helps to fully implement the principle of zero trust: only a verified device and a confirmed user gain access. As a result, the customer receives comprehensive protection to reduce the risks of unauthorized access that may be associated with the leakage of authentication information, "said Yana Zakovryazhina, UserGate Client Development Manager.

Integration with Parus Box

UserGate and the PARUS project on January 30, 2026 announced the start of their technology partnership. The interaction will be aimed at ensuring seamless integration of the next generation of UserGate NGFW firewalls and the Parus Box cloud service, which allows you to instantly identify and block the penetration of malicious files into the infrastructure.

𝓲

Фото: UserGate

PARUS BOX is a cloud-based file streaming service for malicious activity. It is deployed in the developer cloud and supports connecting third-party devices, information systems, and end-customer users to send suspicious files and get the results of their verification.

A technological partnership with a company such as UserGate is a logical step in the development of the PARUS BOX service. It will allow both ourselves and our partners to offer a large number of customers a popular service for analyzing and promptly blocking malicious files. Integration with UserGate NGFW will give us the opportunity to significantly expand the PARUS BOX client base, and UserGate customers, in turn, will have access to an additional service that can increase the reliability of their information security systems, "said Denis Khokhlov, Director of Business Development PARUS.

The interaction between UserGate NGFW and Parus Box is implemented on the basis of the standard ICAP protocol in RESPMOD mode. This allows you to instantly lock files when determining their malware and prevent them from entering the secure perimeter of the organization. At the same time, firewall administrators can fine-tune interaction with the service. They can select from the NGFW control panel the segments and file types for which validation is required. SSL decryption is also available, which allows you to check encrypted traffic.

Our goal is to provide customers with the highest level of infrastructure protection that meets customer expectations. And for this, we strive to join forces with colleagues in the market. Thanks to the technological partnership with the PARUS project, customers will receive synergy between the sharing of our solutions and cloud information security services, and our partners and I will receive additional expertise that will allow us to offer the Russian market new technologies that strengthen the digital sovereignty of our country, "said Natalya Zenina, Director of Partner Relations UserGate.

UserGate NGFW 7.3.3 и UserGate NGFW 7.4.1

On January 27, 2026, UserGate, a leading Russian developer of information security solutions, announced the release of stable versions of its flagship product - the next generation firewall: UserGate NGFW 7.3.3 and UserGate NGFW 7.4.1.

𝓲

Фото: UserGate

As reported, UserGate experts have optimized the NGFW 7.3.3 stable version and recommend it for installation to customers who operate the UserGate S100 hardware platform. The release also contains a fix for critical flaws and optimization of the security of products and devices.

Version 7.4.1 stable closes a previously identified serious vulnerability in the UserGate NGFW and UserGate LogAn products, which allowed an attacker to perform an XSS attack using the API. Since version 7.4, UserGate NGFW has implemented a number of significant functional changes: cascading proxy function, idle timeout for application signatures, performance improvement. Work was also carried out to optimize the code and correct errors.

The main change to UserGate NGFW 7.4 was support for the cascading proxy function - building a chain of proxy servers. This allows:

• Receive software and license updates for closed network segments.
• Use a number of foreign services that have banned access for Russian users.

In addition, this release supports rules based on user or user group, destination address, and other settings.

The UserGate NGFW 7.4 release also carried out optimization work ON for the UserGate F8010 platform in the 2U form factor. As a result, the performance gain in FW L4 mode was 20% - from 200 to 240 Gbps on EMIX traffic. Performance was also increased IPS for all UserGate platforms.

Another version 7.4 change is the ability to set idle timeout for application signatures in the range from 60 seconds to 7 days. A pause is necessary for organizations dealing with the processing of elephant flows - long and voluminous sessions characteristic of data centers (for example, replication,, backup databases video stream from cameras). Temporarily disabling signatures saves resources.

Some of the changes in UserGate NGFW 7.4 are aimed at changing the user experience:

• Gradual update of the interface design.
• The ability to copy and transfer content filtering, firewall, zone, script, and list rules directly to the UserGate Management Center between templates.

UserGate version NGFW 7.4 supports the UserGate C151 platform, which is undergoing the last stages of testing before entering the market. The device is designed to protect small organizations and branches and differs from the similar UserGate platform C150 in that two of the eight interfaces RJ-45 replaced with SFP.

Of the related add-ons, UserGate notes:

• Remove out-of-date algorithms enciphering () SSH CLI connections.
• The ability to specify multiple NGFW addresses to transfer user information.

We took into account the comments of beta testers, expanded testing in our infrastructure and tightened the requirements of the quality service. This led to the postponement of the release date of the version, but had a positive effect on the final result. The next step is to switch to another release system with the release of version 7.5 LTS (Long Term Support), which is tested for at least 6 months and is supported for at least two years from the moment of release. told Kirill Pryamov, Development Manager for Network Security UserGate

Updated versions of UserGate NGFW are available to customers from January 21, 2026 in your personal account on the UserGate website.

2025

Version 7 compatibility with DS Proxima

and UserGate Digital solutions"" conducted testing that confirmed the full compatibility of the flagship products of both companies - firewall the next generation UserGate NGFW version 7 and. DS Proxima Hardware Load Balancer This opens up the possibility of sharing them to build a highly loaded and secure corporate infrastructure. UserGate announced this on December 22, 2025.

The test results showed that the integrated solution consisting of UserGate NGFW and DS Proxima allows you to scale the NGFW cluster to handle traffic of hundreds of gigabits per second with the ability to expand to 1 Tbit/s.

During testing, the operation of the solution was checked in different conditions, including under high load in an infrastructure with several hundred BGP neighbors, that is, a large number. routers The efficient interaction of UserGate NGFW and DS Proxima in such an environment confirmed the applicability of the solution for providers cloudy services, large corporate clients with many branches and telecom operators.

{{quote 'The development of a technological partnership with UserGate is an important stage for both our company and hundreds of customers who will receive a comprehensive, locally supported solution that fully meets the requirements of Russian regulators. The collaboration of DS Proxima and UserGate NGFW allows you to create a cluster that combines protection, load adaptability and stable operation in high-load network infrastructures. The introduction of a traffic balancer makes it possible to connect information security systems and phased infrastructure development, "said Alina Pavlova, head of the Digital Solutions product promotion.}}

We have clear common goals. Together we are ready to offer our customers an ecosystem of compatible products that will provide customers with technological independence and the possibility of progressive development. The confirmed compatibility of UserGate NGFW and DS Proxima is a continuation of cooperation with Digital Solutions, which began in 2022. Together, we intend to work in the common interests of customers, strengthening our digital sovereignty, "said Natalya Zenina, Director of Partner Relations at UserGate.

UserGate and Digital Solutions will continue to expand the interoperability of their solutions. The partners' immediate plans include the development of integrations of Digital Solutions devices and products included in the UserGate SUMMA ecosystem, including WAF and Proxy servers.

Change Release and Classification System

UserGate moves to another UserGate NGFW release and classification system. Assigning the next release to a particular category will now reflect not only its content and purpose, but also the support time, as well as installation recommendations. The implemented release system is designed to achieve a new level of stability and quality of the vendor's flagship product. The company announced this on December 2, 2025.

The company continues to carry out systematic work to improve the quality of products and the level of customer service - this is a strategic direction for the near future. Therefore, we decided to change the UserGate NGFW release system, including for the release of versions with a significantly extended testing and support period. In its approach, UserGate strives to meet targeted customer requests and draws on the experience of global market leaders, "said Kirill Pryamov, UserGate NGFW Development Manager.

The previous release system implies the existence of three categories of UserGate NGFW releases. The first category, Hotfix, combines releases with minor fixes and closure of vulnerabilities identified in one of the most common versions - UserGate NGFW 6.1.9. The second category, Beta, includes preliminary releases that implement new functionality. The third category, Stable, contains releases with new functionality, which is recognized as stable by the vendor.

The updated UserGate product release system has undergone significant changes. The Hotfix category will remain and, as before, will apply to UserGate NGFW 6.1.9. At the same time, the Feature Release (FR) category is entered. It will include releases with additional functionality that can be correlated with the previously mentioned Stable category. The difference between FR releases is the length of their lifecycle. When the FR version is released, the previous FR has EoS (shipments stop), after 3 months EoSL (support restriction), after another 12 months - EoL (support termination).

The main change is the emergence of the Long Term Support (LTS) category - releases with an extended cycle of stabilization and support. After the release of LTS, the functionality is not expanded in them - minor versions will contain only bug fixes and elimination of identified vulnerabilities. The developer noted that the process of stabilizing each LTS before its release will continue for about 6 months. LTS support has been provided for at least two years since the release. In addition, all releases of this group will be certified by the FSTEC of Russia.

In addition, if both the vendor and the user community recognize the LTS category release as stable, the version will receive the LTS (GD) - (General Deployment) category. Releases that have received this status will be recommended for installation to all customers using UserGate NGFW.

All Early Adopters will be able to evaluate release categories. To test the next version of the solution, they can contact UserGate managers.

In addition, the developer announced a smooth transition to an updated version of the releases. During its implementation, both release systems will exist in users' personal accounts.

Any software product can be divided into three main components: the core, large functional modules and add-ons, which are implemented based on operational experience. If the first two components are somehow developed by all vendors, then the third is unique - it can only be implemented by accumulating the experience of real customers. As a rule, working on the third component causes many difficulties - for example, changes in the roadmap of the product, correction of found errors and vulnerabilities. By creating the new UserGate NGFW release system, we sought not only to make it more understandable and obvious, but also to radically improve the customer experience of our product, said Mikhail Kader, architect of the client experience of the future UserGate.

Inclusion in the complete K2 Cloud offering

The K2 Cloud comprehensive import substitution offer includes UserGate NGFW, an information protection tool certified by the FSTEC of the Russian Federation that combines firewall, application control, and intrusion detection systems (IDS/IPS) functions. streaming antivirus and content filtering. This helps customers not only protect the network, but also deeply analyze traffic and manage Internet access. K2 Tekh announced this on November 10, 2025. [1]Подробнее #.2A_.D0.92.D0.BA.D0.BB.D1.8E.D1.87.D0.B5.D0.BD.D0.B8.D0.B5_UserGate_NGFW_.D0.B2_.D0.BA.D0.BE.D0.BC.D0.BF.D0.BB.D0.B5.D0.BA.D1.81.D0.BD.D0.BE.D0.B5_.D0.BF.D1.80.D0.B5.D0.B4.D0.BB.D0.BE.D0.B6.D0.B5.D0.BD.D0.B8.D0.B5 здесь.

ALD Pro Compatibility

UserGate and the Astra Group have confirmed the compatibility of the next generation UserGate NGFW firewall and the ALD Pro directory service. UserGate announced this on October 31, 2025.

Tests were carried out on a specially deployed stand and showed that when both products are deployed and configured, they provide confident interaction, complete compatibility and correct operation. Based on the test results, an official protocol was drawn up, and the compatibility of UserGate NGFW and ALD Pro was officially confirmed by a certificate under the Ready for Astra IT partner program.

UserGate is a Russian firewall developer. The company's products are used by customers, so compatibility with UserGate NGFW has become a de facto prerequisite for software that ensures the operation of the enterprise's software infrastructure. Checking the compatibility of ALD Pro and UserGate NGFW was our common initiative, and the reason for this procedure was the numerous requests of customers who, when building and developing their infrastructures, seek to use the best domestic software solutions, - said Mikhail Sadovsky, manager of the department for work with technological partners of ISV Astra Group.

The next generation firewall should protect infrastructures regardless of which technologies are used to create them. Therefore, confirming the compatibility of UserGate NGFW and ADL Pro, one of the most popular and common catalog services on the Russian market, is of fundamental importance both for our company and for numerous customers who, conducting import substitution programs, seek to use the best Russian developments. NGFW's confident and effective interaction with the catalog service guarantees the company reliable protection of its infrastructure from a wide range of cyber threats, "said Natalya Zenina, head of the UserGate partner department.

Eliminating the vulnerability to steal employees' personal data

PT SWARM expert Vladimir Vlasov discovered a security defect in the next generation firewall (NGFW) UserGate. By exploiting the vulnerability and hacking other company resources, an attacker could disrupt UserGate NGFW, steal personal data of employees, or develop an attack on a local network. The vendor was notified of the threat as part of the responsible disclosure policy and issued a software update . RT announced this on August 26, 2025.

Vulnerability, PT-2025-28938 [1] (BDU:2025-08181) was contained in two UserGate NGFW lines at once - in versions up to 6.1.9.12193R and 7.3.1.153682R inclusive. The security defect, which received 6.5 points out of 10 on the CVSS 3.1 scale, arose due to insufficient filtering of data on the lock service page, to which users are redirected after refusing access to a particular URL. Combined with other vulnerabilities, the breach potentially opened the attacker up access to employees' personal data and information containing the company's trade secrets.

Next-generation firewalls are used by organizations as a gateway for secure access of employees to the Internet. In 2024, the UserGate solution, according to the Center for Strategic Research (CSR), occupied almost a quarter of the Russian NGFW market. In the course of monitoring current threats (threat intelligence), Positive Technologies experts found that the vulnerability in UserGate NGFW potentially affected more than 1.8 thousand companies. Their largest number is in Russia (97%), organizations from Belarus (1%), Israel (0.5%), Uzbekistan (0.3%) and the United States (0.2%) could also be at risk.

To fix the error, you must download the corrected version of UserGate NGFW (starting with 6.1.9.12198R or 7.3.2.183745R). If it is not possible to update the software, the Positive Technologies expert recommends disabling the lock page or displaying it to a separate domain that is not associated with the main one.

Exploiting the error, the offender would presumably use mail or messenger to send a letter to the employee of the attacked company with a link to the allegedly safe resource. The attacker would act under the guise of a colleague of the victim so that she did not notice the catch. By clicking on the link in the message, a user with UserGate NGFW administrator rights, authorized on the vulnerable device, would automatically execute malicious code, which would allow the attacker to change the firewall settings:

Remove traffic filtering rules and open access to blocked resources in order to penetrate the company's network and upload valuable data.

Replace corporate page addresses with links to phishing resources to steal employee accounts.

Create an additional administrator account to gain a foothold on UserGate NGFW and attack any company services.

By exploiting the BDU:2025-08181 and making a successful attack, the attacker hypothetically got the opportunity to send requests on behalf of the victim to the company's internal services, such as corporate mail and the knowledge base. This could result in a leak of information containing commercial secrets, - said Vladimir Vlasov, senior specialist in the security research department of banking systems, Positive Technologies. - If the violator managed to gain a foothold in the internal network of the organization, its business processes could be at risk.

This is not the first security defect related to NGFW's operation that has helped address Positive Technologies. In 2021, experts Nikita Abramov and Mikhail Klyuchnikov, together with the developer, closed a vulnerability in the Cisco Firepower Device Manager (FDM) On-Box, designed to locally configure Firepower firewalls Cisco. The error could allow an attacker to execute arbitrary code on the affected device's system. In 2020, the same researchers helped correct a flaw in operating system PAN-OS the NGFW used. Palo Alto Networks A flaw could allow an attacker to execute arbitrary commands in and OS firewall then gain maximum privileges.

MultiDirectory Compatibility

and MULTIFACTOR UserGate confirmed the compatibility of the directory service MultiDirectory firewall with the next generation UserGate Next-Generation Firewall (). NGFW Based on the test results, a certificate of compatibility was issued. Multifactor announced this on July 22, 2025.

𝓲

Фото: Multifactor

Thanks to integration with MULTIDIRECTORY, UserGate Next-Generation Firewall administrators can use the Russian directory service for secure centralized authentication and account management.

We have been developing partnerships with UserGate for a long time and are glad that our technological partnership is only strengthening and our products are getting better. The integration of MULTIDIRECTORY and UserGate Next-Generation Firewall opens up prospects for our customers. This is an important step in the development of the Russian IT market, which will reduce dependence on foreign solutions and provide companies of all sizes with centralized and secure management of corporate accounts, "said Dmitry Makarov, Head of MULTIDIRECTORY Product.

Customer security is one of the main values ​ ​ of UserGate. The company is constantly improving its information security products to protect the customer's network perimeter, including the flagship solution - NGFW. Our strategy is aimed at building an open ecosystem where UserGate products can effectively interact with any solutions in the customer's infrastructure. Therefore, it is important to conduct such integration tests for the final comfort and protection of customers using our solutions, - commented Ivan Chernov, Director of Product Strategy at UserGate.

UserGate NGFW 7.3

On March 27, 2025, UserGate, a Russian developer of the information security ecosystem, announced the next version of its flagship product, UserGate NGFW 7.3. The main changes in the release were the implementation of IPS hardware acceleration in the UserGate FG platform, the redistribution of BGP and RIP protocols into OSPF, support for 100 Gb/s network cards, as well as the implementation of numerous changes to optimize UI/UX and improve stability.

𝓲

Фото: UserGate

According to the company, the most significant change to UserGate NGFW 7.3 is the hardware acceleration of intrusion detection and prevention (IPS) functions in the UserGate FG platform using an FPGA-based coprocessor. As of March 2025, this is the first precedent for IPS hardware acceleration in Russian NGFWs. Speed Session Status Firewall (FW L3/L4) and IPS are up to 25 Gbps on EMIX traffic. The platform is made in the 1U form factor and has sixteen SFP + 10 Gb/s interfaces and two 100 Gb/s QSFP28 interfaces, as well as two power supplies and six hot-swappable fans.

The first deliveries of UserGate FG began in November 2024.

The release of UserGate NGFW 7.3 has four main goals: improving product stability, developing UX/UI, implementing our customers' requests, and developing hardware acceleration. Now large customers can use the UserGate FG hardware platform to protect traffic in data centers not only in statefull firewall mode, but also use IPS, and at speeds up to 25 Gbps on EMIX traffic. In future versions, we plan to raise this bar first to 30 Gbps, and then to 40 Gbps. In addition, by the end of 2025 we plan to double the FW speed L3/L4, to 150-180 Gbps on EMIX traffic and to 300 Gbps on UDP traffic 1518 bytes. And exclusively due to the optimization and development of the FPGA microcode. commented Kirill Pryamov, NGFW UserGate Development Manager

Another change in UserGate NGFW 7.3 was the redistribution of BGP and RIP dynamic routing protocols to OSPF and on the contrary. This is a key feature for really large networks, as they often use BGP and RIP for external dynamic routing, and OSPF for internal routing.

Another important change in UserGate was the implementation of NAT and SNAT rules with a condition on users and groups users. For example, with this feature, you can now distribute traffic from different organizational units to different public addresses based on directory group memberships, such as Microsoft Active Directory.

In this version of the UserGate of NGFW the support of the QSPF28 100 cards of Gbps for hardware platforms UserGate D200, D500, E1000, E3000 and F8000 and also platforms of the next generation UserGate E1010 was also realized,

E3010 and F8010, official sales of which will begin in the coming weeks.

UserGate NGFW 7.3 now has the ability to configure the Maximum Segment Size (MSS). This feature is of great importance for optimizing the transmission of traffic through a chain of devices from different manufacturers, since under certain conditions there were cases of traffic degradation due to the limitation of the size of the MSS.

Other changes include a tenfold reduction in the application time of rules from UserGate Management Center to NGFW UserGate nodes, integration of the morphological dictionary Ministry of Justice of Belarus (ATP subscription is required), as well as an increase in the reliability of transmission from authentication information UserID to NGFW due to the fault tolerance cluster for UserID when deploying Active-Passive mode to UserGate LogAn.

Among the changes aimed at optimizing the use of NGFW are the ability to create tags for firewall rules and content filtering, setting actions for signature filters in IPS profiles, and optimizing the web interface. Also, UserGate NGFW 7.3 has implemented more than sixty other changes and fixes, including for the fault tolerance cluster, IPS, VPN, Proxy, VLAN, BGP, PBR, DHCP and centralized management systems. UserGate NGFW 7.3 distributions and documentation are already available on the official UserGate resources and are available to customers and partners of the company.

Netopia Firewall Compliance 3.2.2

Netopia has confirmed the correctness of the updated functionality on UserGate 6.x, 7.x firewalls. The company was informed about this on March 24, 2025. Read more here.

Use in VK Cloud

The UserGate NGFW firewall can be used by clients to provide additional protection for the virtual infrastructure of projects hosted in VK Cloud, as well as on the Private Cloud platform for building a private cloud in the customer's data center. VK Tech announced this on March 18, 2025.

UserGate NGFW provides network threat protection, providing advanced traffic inspection capabilities through IPS/IDS integration, behavior analysis, and real-time threat databases. This allows you to identify complex attacks and neutralize modern cyber threats more effectively.

UserGate NGFW compatibility for VK Cloud has been confirmed by technology tests conducted by experts and architects of the cloud platform on the requirements of the software certification program. The tests confirmed the correctness of the UserGate NGFW and the high performance of the solution when working in the cloud. Platform users can connect UserGate NGFW in the "App Store" in VK Cloud and use the product to further protect projects on the cloud infrastructure.

According to RED Security, over the past year, the number of cyber attacks on Russian companies has grown 2.5 times. We are expanding the number of tools to improve the stability, resiliency and security of infrastructure. Our customers will be able to quickly start working with UserGate NGFW on the VK Cloud platform both in the public and private cloud, "said Dmitry Lazarenko, Product Director of VK Cloud.

We see a steady trend towards the increasing use of cloud services by companies. In addition to flexibility, convenience and cost-effectiveness, cloud platforms are able to provide their customers with a high level of information security, - said Mikhail Penkovsky, vice president of sales and marketing at UserGate. - We protect the digital infrastructure of our customers, regardless of the scope and scale of their activities, and we are constantly expanding cooperation with leading cloud providers. The proven compatibility of our solution with VK Cloud virtualization tools will ensure the security of the cloud platform client infrastructure.

2024

UserGate NGFW 7.2

UserGate on December 17, 2024 announced the release of the next version of its flagship product - UserGate NGFW 7.2. The main goals of the release were: support for the UserGate FG platform with an FPGA-based hardware accelerator, development of UserID capabilities, as well as feature optimization and increased stability.

𝓲

Фото: UserGate

According to the company, the main feature of the UserGate NGFW 7.2 version is support for the UserGate FG platform with an FPGA (Field-Programmable Gate Array) hardware accelerator. It allowed to achieve optimal performance of the firewall with session status control (FW L3/L4) - 150 Gbps on UDP traffic with packets of 1518 bytes, and 90 Gbps on EMIX traffic. At the same time, the device is able to support 22,000,000 simultaneous TCP sessions and create 80,000 sessions per second. As part of version 7.2, UserGate FG can work with 10,000 firewall rules. The platform is made in the 1 RU form factor and has 16 SFP + 10 Gb/s interfaces and 2 100 Gb/s QSFP28 interfaces. Commercial deliveries of the device have already begun.

Another significant change in UserGate NGFW 7.2 was the expansion of the UserID function, which allows you to correlate users and associated network traffic.

Now you can get user information for UserID using Radius accounting, the part of the RADIUS protocol that allows you to collect, process and store information about user actions from certain LDAP directory groups. Also, user information for UserID can now be obtained from WEC (Windows Event Collector) servers, usually used by large organizations. To this end, a WEC agent was implemented for the UserID.

Other changes and fixes implemented in UserGate NGFW 7.2 include:

• Cluster
  • Fixed issue with possible cluster out of sync after upgrade.
  • Fixed an error when synchronizing a large number of IP addresses.
  • Fixed an error saving and synchronizing ME rules between cluster nodes when using nested lists.
  • Fixed synchronization error between cluster nodes after disconnection.
  • Fixed the long switch of the "master" role in the cluster in manual mode.
  • Optimized synchronization of lists and their content from UserGate Management Center to managed UserGate NGFW devices in the cluster.

• VPN
  • Optimized the stability of VPN connections.
  • Fixed VPN authentication (IKEv2) over RADIUS.
  • Fixed the import of tunnel VPN interfaces.
  • Fixed traffic labeling by user for VPN Site-to-Site.

• Rules
  • Optimized performance for more rules (> 10,000).
  • Optimized firewall rule validation in API.

• Proxy
  • Fixed reverse proxy operation.
  • Added ability to use SNMP Proxy in VRF.
  • Fixed operation of explicit proxy with reverse traffic at GET request.

• Other
  • More detailed creation error messages added. backup
  • The ability to display and reset authorized users is implemented.
  • It is possible to run UserID on each of the nodes of the UserGate NGFW cluster.
  • Fixed multicast and broadcast traffic through the L3 Bridge interface.
  • Added fan speed adjustment for UserGate C150.
  • Unified rules naming requirements in UserGate Management Center and UserGate NGFW.
  • More than 70 other changes and fixes.

The release of UserGate NGFW 7.2 is an important step for the implementation of our long-term product development strategy. As part of the work on the release of UserGate NGFW, about 70% of the resources of the UserGate development department were allocated to closing technical debt, correcting errors found and optimizing. To increase the quality of testing, the QA team set up and ran more than 4,000 automatic tests during the year. told Kirill Pryamov, UserGate NGFW Development Manager

UserGate NGFW 7.2 distributions and documentation are already available on the official UserGate resources and are available to customers and partners of the company.

Integrating UserGate NGFW v7 with Netopia Firewall Compliance Platform

The Russian company-developer of solutions for monitoring and control of network equipment Netopia and the Russian developer of the ecosystem of information security solutions UserGate carried out technological integration of their products. This was announced on August 15, 2024 by representatives of UserGate.

The Netopia Firewall Compliance network security control and attack vector calculation platform was integrated with the domestic UserGate (NGFW) firewall.

Technology integration has optimized the sharing of company products and reduced the number of misconfiguration incidents.

During the tests, UserGate specialists provided API for export data the configuration of the domestic firewall UserGate (NGFW) version 7. Netopia engineers were responsible for deploying attacks the Netopia Firewall Compliance network security control and vector calculation platform.

The coordinated work of the two companies made it possible to solve the issues of managing security policies and determining critical assets. This will simplify the NGFW import substitution process for Russian customers.

Compatibility of UserGate Next-Generation Firewall 6.1.9 with ALD Pro 2.2.1 and Brest virtualization 3.2

Astra Group and UserGate on May 15, 2024 announced the certification of the next generation firewall UserGate Next-Generation Firewall 6.1.9 (NGFW) as part of the Ready for Astra technology partnership program. The experts conducted a series of tests and made sure that the product works correctly in a single circuit with the latest updates to the Brest 3.2 secure virtualization platform and the software complex for managing ALD Pro 2.2.1 domain objects - Astra Group solutions in demand on the market.

UserGate Next-Generation Firewall combines intrusion detection with a firewall to provide a high level of security for networks of all sizes and sizes with maximum visibility of security events. Various delivery options, such as a hardware and software complex, a virtual image and SECaaS (Security as a Service), open up a wide range of possibilities for embedding INFORMATION SECURITY the -function NGFW in the IT customer's architecture. The product is included registers of the Ministry of Digital Development in both certified tools and information protection FSTEC of Russia meets the requirements of the fourth level of trust.

Confirming the compatibility of UserGate Next-Generation Firewall with ALD Pro virtualization "Brest" and gives customers confidence that the selected security tools will be able to work correctly in their information systems. This is very important in terms of reliability and continuity. business processes The vectors for the development of information security solutions are directly related to the trends of everything - and ITindustries we always strive to meet the needs of the market. We adapt to customers' business needs and protect their infrastructures and data in the environment and with the tools they use. Our company is open to cooperation, we will test as many demanded products as possible and, if necessary, refine and optimize our ON devices and devices for customer tasks, "said UserGate Ivan Chernov Development Manager.

The number and variety of threats to IT systems is constantly growing, so it is necessary to establish the correct operation of the security tools that organizations use in conjunction with domestic infrastructure solutions. This will allow you to most effectively use the functionality of technological stacks and ensure their stable functioning. We thank our colleagues at UserGate for their active cooperation, appreciate the company's attention to this issue, and plan to continue to interact. Our cooperation in terms of testing product compatibility is a guarantee that the most modern, reliable and convenient information security solutions will always be available to end users, "said Alexey Trubochev, Director of the Astra Group Support Department.