Software updates are vital to optimize performance, enhance user experience and ensure a high-level of security. Digi is committed to providing regularly scheduled firmware updates for our networking solutions, not only to deploy security patches and bug fixes in a timely fashion, but to enable new features that continually enhance the value and capabilities of your Digi cellular routers, servers, and infrastructure management systems.
The Digi Accelerated Linux operating system (DAL OS) provides powerful intelligence to our solutions, enabling automation, security, out-of-band management and other sophisticated capabilities that support the needs of users and network managers across enterprise, industrial, transportation, government and medical use cases.
DAL OS is fully integrated with Digi Remote Manager®, our cloud-based remote configuration and management tool, and together these key software offerings enable those who use and manage Digi solutions to gain visibility and seamless access to the full value of their devices — wherever they are deployed.
Digi is excited to announce that we have added several great new features to Digi Remote Manager and DAL OS version 23.12.1.56. We invite you to take a minute and walk through the most important highlights of our software’s latest additions and changes below.
Which Digi Devices Support DAL OS?
Digi has a large and growing list of devices based on the DAL operating system — including routers, console servers, USB management devices and other infrastructure management products:
Digi Pillars of Focus
The following software features revolve around the four pillars of Digi: security, ease of use, resiliency, and cost savings.
Security
Mission and business-critical devices often live in the field for many years. With each major release of the Digi Accelerated Linux operating system, we address common vulnerabilities and exposures (CVEs) including ongoing monitoring, alerts, and notifications related to CVEs.
Digi is highly focused on cybersecurity, and we provide a range of tools, resources and value-added services to our customers.
Our ongoing monitoring and regular updates of DAL OS are a part of our complete offering. You can learn more about Digi cybersecurity in our Security Center, our Digi TrustFence® page, and our Value Added Services page.
Updates for urgent CVE patches:
- Linux kernel version 6.5
- OpenSSH 9.5p1
- OpenSSL 3.1.3 (CVE-2023-4807, CVE-2023-3817)
- curl 8.4.0 (CVE-2023-38545, CVE-2023-38546)
- frrouting 9.0.1 (CVE-2023-41361, CVE-2023-47235, CVE-2023-38802)
- sqlite 3.43.2 (CVE-2022-35737)
- Netifd/ubus/UCI/libubox 21.02
There were also two SCEP-related updates to remove sensitive SCEP details from the internal system logs, as a precautionary measure to ensure any SCEP keys or passphrases cannot be read from the Admin CLI or web UI.
Ease-of-Use
Quickly get to the pages in Digi Remote Manager with our improved navigation menu
The navigation menu on the left side of the Digi Remote Manager site has been streamline and simplified.
Gone are the days of nested menu items, and the admin-related pages have been moved under the Setting icon on the top-right of the site to better highlight the device management and Insights sections of Digi Remote Manager, which is where your day-to-day tasks will be done.
Further organize access to you devices with nested sub-accounts
Many Digi Remote Manager users handle devices that either belong to end customers they are managing or are shared with other companies for tasks like third-party support or auditing. Digi Remote Manager now supports multiple tiers of sub-accounts for greater flexibilty for service providers and large corporations that wish to segregate their devices based on individual customers or user bases.
Quickly scan and remediate one or more devices for configuration compliance
Digi Remote Manager offers configuration profiles for maintaining and managing the proper firmware version, configuration settings, Digi Containers, and filesystem settings on Digi devices. Historically, the Configuraton Profile would scan all devices within the groups linked to the profile. Now, users have an option to selectively choose which devices they would like to have the Configuration Profile scan outside of its automated schedule, thanks to the Scan Configuration item added to the Actions drop-down menu on the Devices page. This can be utilized to perform ad-hoc configuration scans and remediations on one or more selected devices, which can greatly assist users when staging or troubleshooting specific sites in their account.
Resiliency
Expand your use of DMVPN with OSPF routing
Dynamic routing helps keep your network packet handling up to date, and ensures your data gets to where it needs to go. Dynamic Multipoint Virtual Private Network (DMVPN) is a dynamic tunneling form of a virtual private network (VPN). It uses a multi spoke-to-hub network in which the network addresses of the spoke routers do not need to be known, and therefore do not need to be configured in the hub router.
Digi routers have supported DMVPN phase 3 spoke tunnels along with NHRP and mGRE routing protocols since our 23.3 firmware release. Now, Digi has expanded our DMVPN support to include OSPF routing through the DMVPN tunnel, which leverages link-state routing to share routes amongst DMVPN spokes and determines the best logical path for every possible destination in the shared network.
See the DMVPN section of the Digi device’s user guide for additional details.
Rapid Spanning Tree Protocol
Digi devices expand their network bridging capabilities by now supporting RSTP in addition to standard STP. RSTP can provide incredibly valuable benefits and improvement in overall uptime of the network by allowing users to customize the bridge priority for each router, switch, or bridge on their network. RSTP also provides a faster response to topology changes (2-6 seconds compared to 30-50 seconds with STP). Note that to utilize RSTP on your Digi device, all other routers/switches/bridges on the network must also support RSTP; otherwise, it will fallback to using STP. See "Configure a bridge" in the user guide for more details about setting up STP/RSTP options on your Digi device.
Keep an always-on remote out-of-band access to your serial consoles using device-initiated Realport connections
Digi RealPort allows users to easily network-enable devices connected to the serial port(s) of a Digi device, providing users the ability to remotely connect to those serial devices as if they were a native COM/TTY port on their PC.
The new Device-initiated mode for RealPort takes this one step further, by having the Digi device automatically establish the RealPort connection to the user’s PC, thereby removing the requirement for the Digi device to have an IP address that the PC can directly reach. Users can now have an always-available COM port to connect to their remote serial equipment behind the RealPort Digi device.
Return-on-Investment
Monitor additional onboard equipment by using the Digi TX54-series ignition sense as a digital input
The ignition input on the power input port for the Digi TX54 router provides a way for the device to properly shut down or delay its shutdown after a vehicle is turned off. This option is especially important in situations where the TX54 must upload mission-critical data after the vehicle is parked and out-of-service for the day.
Now users can expand the use of the Ignition sense line on the TX54 router so it also acts as digital input for monitoring and reporting on changes to relays, physical switches, or buttons in the vehicle. What’s more, the power button on the front of the TX54 also can now be utilized as a manually-triggered digital input, for technicians or installation teams that need to keep track of how many times the device has been serviced.
Improve your WAN bonding performance with a bonding proxy
Digi WAN Bonding integrates Bondix S.A.NE software to optimize and extend the capabilities of your Digi connectivity solution. The S.A.NE software now includes a Bondix proxy to further optimize standard TCP traffic such as web browsing and speed test, providing users with faster observed throughput on their Digi devices.
This WAN bonding proxy can be enabled and configured along with all the other WAN bonding settings already available in the Digi device’s configuration, including the ability to manage and update these settings all together through Digi Remote Manager. See the Use Digi Remote Manager to enable and configure WAN bonding on multiple devices section in the user guide for more details.
Keep legacy BOOTP equipment alive by connecting it to a Digi router
BOOTP is an older protocol utilized on industrial networking equipment before DHCP became the prevalent protocol for devices to get a dynamically-assigned IP address to their device. Digi devices now support the ability to provide dynamic IPs to client devices via both DHCP and BOOTP protocols. See "Configure a local area network (LAN)" in the user guide for details about setting up a LAN DHCP network on your Digi device.
Full Changelog
For more details on the above features included in the new DAL OS firmware along with details on additional enhancements, bug fixes, and security updates, please see the changelog link for the relevant product family:
If you have any questions or concerns about the below features, or for assistance updating your device(s), please contact the Digi Support team at tech.support@digi.com.
Next Steps