If you’ve been managing enterprise security and network infrastructure for a while, you know the drill—endless policy updates, scattered dashboards, unreliable connections, and complex access controls. StoneOS 5.5R12 tackles these pain points head-on with four standout features that make your life easier and your network more secure.
External Dynamic List: Stop Manually Updating Every Firewall Policy
In cybersecurity, blocking malicious IPs is fundamental. Regulatory bodies and threat intelligence providers constantly publish updated lists of bad actors—IP addresses associated with malware, botnets, phishing campaigns, and more. If you’re managing multiple firewalls—maybe dozens across different sites—manually updating each one with the latest malicious IP lists becomes a full-time job. Miss one update, and you’ve left a door open. Make a typo, and legitimate traffic gets blocked. It’s time-consuming, error-prone, and frankly, unsustainable as your infrastructure grows.
In the new release, External Dynamic List changes the game by centralizing the entire process. Here’s how it works: you create a single list containing malicious IPs on a server, then reference that list in the destination address field of your firewall policy rules. That’s it. Update the IP file once on the server, and all associated firewalls automatically synchronize the changes and apply them to their security policies. The efficiency gains are immediate. Instead of touching every firewall individually, you manage one central source of truth. Your protection against malicious IPs stays current without the administrative headache. You get centralized resource management and dynamic policy updates that make your security posture more responsive and scalable. Plus, you eliminate human error from the equation—no more typos, no more forgotten devices.
iCenter Threat Overview: See Everything That Matters, Right Now
Modern security operations centers need situational awareness. You can’t protect what you can’t see, and when threats move at machine speed, having scattered information across multiple tools slows you down. A lightweight SOC solution should give you the full picture without overwhelming complexity.
The iCenter Threat Overview dashboard consolidates everything into one real-time view. You get threat distribution showing types and severities across your network, plus asset distribution highlighting which systems are most at risk. The threat analysis views dig deeper: attacker geographical distribution, top threat events, and rankings of top attackers and victims. It’s comprehensive without being cluttered. Situational awareness is the name of the game. Security teams can move from a broad overview down into specific details seamlessly. You can spot patterns faster—maybe most attacks are coming from a specific region, or perhaps one internal asset keeps showing up as a victim. This enables faster detection and better response times. Instead of hunting through logs and correlating data manually, you’re making informed decisions based on clear, consolidated intelligence.
SD-WAN Multi-Path Packet Duplication: Zero Loss, Low Latency for Critical Apps
In networking, packet loss is the enemy of reliability. For critical applications—think real-time financial transactions, voice calls, or industrial control systems—losing even a single packet can mean failed transactions, degraded quality, or operational disruptions. Traditional approaches rely on retransmissions, which add latency and don’t always solve the problem fast enough.
Multi-Path Packet Duplication takes a smarter approach. The transmit end duplicates packets and sends both the original and a copy over two high-quality links. If one link drops packets, the receive end uses the duplicates from the other link to restore the data—no retransmissions needed. This means better performance for your most important services, happier users, and fewer emergency troubleshooting sessions at 3 AM. For enterprises that can’t afford downtime or degraded performance, this feature delivers peace of mind.
Multiple ZTNA Instances on a Gateway: One Device, Many Identities
Zero Trust Network Access (ZTNA) has become the standard for secure remote access, replacing legacy VPNs with identity-based, application-level controls. The principle is simple: never trust, always verify. But implementing ZTNA across complex organizations with different user groups, authentication requirements, and security policies presents challenges.
StoneOS R12 Multiple ZTNA Instances on a Gateway lets you run multiple independent ZTNA instances on a single physical or virtual gateway. Each instance serves different user groups, and to those users, it feels like they have their own dedicated appliance—but everything is consolidated on one gateway. The platform supports diverse AAA servers and authentication methods tailored to each instance. For example, internet-facing clients might authenticate using Active Directory credentials plus SMS verification, while intranet users rely on Radius with username, password, and hardware tokens. Each instance maintains its own policies, resource access controls, and user management—completely independent of the others.
Whether you’re protecting a growing business, managing infrastructure for multiple clients, or just trying to stay ahead of evolving threats, StoneOS 5.5R12 gives you the tools to work smarter, not harder. Because at the end of the day, security should protect your business—not consume all your time. For more details, reach out to Hillstone Networks representative.
