Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Please note the different update files for different Orbiter versions

To update an Orbiter running a 2.x or 3.0 release a special update file is required. It will perform two reboots, so the update will take longer than usual.

All firewall modules for handling specific application protocols (ALGs) disabled

The update will disable all firewall modules, supporting certain application protocols which are problematic for firewalls. The modules are not required for connections via VPN and are rarely used for direct Internet connections, so there should be no impact on most devices. If required you can re-enable the individual modules in the administration interface. Usually this will be limited to the protocols SIP or FTP.

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Please note the different update files for different Orbiter versions

To update an Orbiter running a 2.x or 3.0 release a special update file is required. It will perform two reboots, so the update will take longer than usual.

Memory corruption in NSS crypto library

The library is used by IPsec. An unauthenticated attacker might be able to execute code.

Partition for temporary files full

A logfile filled the partition for temporary files over time. It was then no longer possible to login until the device was power-cycled.

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Please note the different update files for different Orbiter versions

To update an Orbiter running a 2.x or 3.0 release a special update file is required. It will perform two reboots, so the update will take longer than usual.

WLAN security flaw FragAttacks

On devices with WLAN extension, the update protects the WLAN protocol stack against FragAttacks.

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Please note the different update files for different Orbiter versions

To update an Orbiter running a 2.x or 3.0 release a special update file is required. It will perform two reboots, so the update will take longer than usual.

DNS cache poisoning

The update includes a security fix for the DNS forwarder. It was possible for an attacker to place forged entries in the DNS cache.

System base

Linux kernel, system libraries and software has been updated.

Improved bandwidth management

With high bandwidth Internet connections the priority classes "low" and "standard" will now benefit from higher and more even throughput.

Crashes of bandwidth management

Start and stop the IPsec service via administration interface

Display and terminate remote access connections for technical support via administration interface

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Please note the different update files for different Orbiter versions

To update an Orbiter running a 2.x or 3.0 release a special update file is required. It will perform two reboots, so the update will take longer than usual.

System base

Linux kernel, system libraries and software has been updated.

Ready for 64 bit update

On suitable hardware the next update can be installed as 64 bit version. A prominent notice in the update menu indicates 64 bit support.

Wake-on-LAN

It is now possible to send Wake-on-LAN packets via the network menu of the administration interface.

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Please note the different update files for different Orbiter versions

To update an Orbiter running a 2.x or 3.0 release a special update file is required. It will perform two reboots, so the update will take longer than usual.

New tabs in menu "Monitoring"

On one of the tabs the current VPN server certificate and the corresponding CA certificate is shown. The other tab shows information fromt he system level which might be helpful in case of technical problems.

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Please note the different update files for different Orbiter versions

To update an Orbiter running a 2.x or 3.0 release a special update file is required. It will perform two reboots, so the update will take longer than usual.

Crashes of systems with newest hardware generation

Systems running on the new hardware generation crashed due to a problem with the network device driver. Systems shipped since December 2017 are affected.

DHCP/DNS server

In release 3.1.3 the DHCP/DNS server didn't start after a reboot on some systems.
Depending on the VPN configuration, DHCP requests have not been routed into the VPN tunnel in DHCP relay mode.

Connection problems with DS-Lite

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Please note the different update files for different Orbiter versions

To update an Orbiter running a 2.x or 3.0 release a special update file is required. It will perform two reboots, so the update will take longer than usual.

DNS server

Several security vulnerabilities have been fixed in the DNS server. As remote code execution is possible in the worst case we recommend to update quickly.

Access from LAN network

On devices configured for Internet access via VPN tunnel, it might no longer be possible to access to the device from the LAN. If you cannot access the administration interface from the LAN, please connect the browser to the external instead of the internal IP. Alternatively you can connect via VPN to the internal IP.

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Please note the different update files for different Orbiter versions

To update an Orbiter running a 2.x or 3.0 release a special update file is required. It will perform two reboots, so the update will take longer than usual.

WLAN

The WLAN status and the list of associated clients wasn't displayed in release 3.1.1.

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Web proxy

For security reasons we recommend to access the Internet via the VPN to the central firewall which ensures a higher level of protection by features like e.g. Intrusion Prevention and Content Filtering. However the transfer of large amounts of data as often required by updates for example may be challenging in this case. With this in mind we've integrated a web proxy which can be enabled and configured in the browsers or in software components used to manage updates. In the proxy configuration you can add servers the proxy should contact directly, so the corresponding traffic won't affect the central Internet connection. Connections to all other destinations will be forwarded to the central proxy.

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

System update

The system base and all core components have been updated.

VPN not working after reboot

A timing problem in the boot procedure could occur especially on VDSL dial-up lines. The VPN service wasn't initialized correctly then and the VPN didn't work.

IPv6 support

Internet access to administration interface

It is no longer necessary to configure a port forwarding rule. On the new tab "Internet administration" remote access can be configured more easily.

Internet access for guest LAN

The problem affects the separate guest LAN option which was introduced in 3.0.0. No NAT was applied to connections from the guest LAN to the Internet if an IPsec tunnel to any destination IP is configured. So Internet connections from the guest LAN ususally didn't work.

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Update procedure for release series 2

Systems running a 2.x release can now be updated.

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Minor bugfixes and improvements

Access data

The download is password protected. Please enter the support IP of the corresponding DEFENDO as username (e.g. 172.18.253.15) and its hardware ID as password (e.g. 473I-QN34-O@:5).

Pre-release

Version 3.0 is a pre-release. It's required for the new hardware delivered from mid-2015 on. There are no plan to provide an update from release series 2 to 3.0.

System update

The system base and all core components have been updated.

Two separate LAN networks

When delivered, the two LAN interfaces are still connected in bridge mode. But now it's also possible to get two separate interfaces instead. The interface in the middle can either be used as a second trusted network with potential access to the VPN (e.g. for VoIP) or it can be used as an isolated network which must neither access the VPN nor the administration interface (e.g. for guests or the private home network). On systems with WLAN support you can choose to which network the WLAN belongs.

Temporary logging to file

The log is kept in memory, so it used to be lost after a reboot. Now there's a new option which temporarily redirects the log to a file until the system is rebooted.

DHCP relay

As an alternative to the integrated DHCP server, the new DHCP relay option can be used to delegate the IP address assignment to a central DHCP server.

Configurable network card parameters

If it should be necessary to override autonegotiation, a static speed and duplex mode may now be configured.

Minor bugfixes and improvements

Secure

DEFENDO forces a collection of best-of-breed security modules like firewall, VPN, proxies, virus scanner and anti spam system to interact for one purpose:
To be protected from all online threats and unwanted contents like malicious code, spam and hacker attacks.

Flexible

Each IT scenario is different. The DEFENDO product family will adapt precisely to your demands.
DEFENDO applies for simple Internet connections of small companies, for headquarters / branch office WANs, as well as for complex multi-tiered firewall systems.

More good reasons

  • No backdoors
  • More than 20 years of Internet security experience
  • Award-winning product
  • Support by our development engineers
  • Reseller loyalty
  • Made in Germany