The 0.7 series firmware, released October 30, 2008, offers a number of new features and positions TMI devices for additional features and enhanced performance in the future.
Features available now
Brickproof firmware
The 0.7 series TMI firmware is brickproof. 'Bricking' a device is computer slang for upgrading device firmware in some manner that causes the system to become unbootable. Most device manufacturers place stringent warnings on the upgrade process, noting that a bad firmware upgrade will make the device unbootable. TMI devices running the 0.7 series firmware are brickproof, in that firmware upgrade operations, and even some forms of hardware failures, will not 'brick', or make unbootable, the appliance. The brickproof feature is implemented with additional boot intelligence. On reboot, the boot loader attempts to boot the preferred firmware image. Recall that there are always two images available. If in a reasonable time the preferred image fails to boot to a known good state, the boot loader reasserts control and boots the alternate image instead. Even repeated attempts to upgrade firmware that are aborted mid-process due to power or network issues will not make the system unbootable. Brickproof builds on other TMI features also available in the 0.6 series. - Dual firmware partitions
- Firmware identification prevents upload of a non-firmware image.
- Firmware compatibility information prevents upload of a firmware image not suitable for the given device model.
- Firmware cryptographic hash allows for identifying firmware images that have become corrupted.
- Upgrade limitations ensure that at least one firmware image is always valid and bootable.
- Firmware verify feature available for administrator use.
Improved DNS securityRecent DNS vulnerabilities presented to the internet community allow for cache poisining, where a malicious attacker may change the IP address in the DNS for a given domain name, to redirect traffic to that domain to a rogue site. This is a serious vulnerability that has been greatly mitigated by recent changes to DNS software. TMI series 0.6 firmware is not subject to this vulnerability, as customers do not provide name resolution services to internet systems. By limiting public internet DNS traffic from a TMI device to forward traffic only, the ability for a malicious user on the internet to inject poison records is effectively eliminated. The series 0.7 firmware improves upon the DNS security features in the 0.6 series by further constraining the network access permissions rules to further limit the possibility of abuse.
High performance Active Objects
New in the 0.7 series is a high performance Active Objects architecture that promises to deliver significantly reduced boot times and significantly improved event responsiveness. While rel-0.7.1 only modifies a small number of system classes to take advantage of the new high performance architecture for a modest performance gain, future firmware releases in the 0.7 family will eventually adapt all classes for significant improvements. Coming soon
RADIUS authentication
A future 0.7 firmware release will allow authentication of remote access users by an external RADIUS server. This feature allows larger businesses to consolidate user information and maintenance activities. RADIUS authentication will be an optional feature, so that smaller customers who are not well served by implementing a RADIUS server need not do so.
Reduced boot times
As pointed out above, future releases of the 0.7 firmware series will migrate more and more system classes to the high performance Active Objects architecture. These changes will result in a continual improvement over time of system responsiveness and a reduction in reboot times. Firmware and configuration uploadCustomers have expressed that firmware update would be simpler if they could simply upload a firmware image from a personal computer, rather than pointing the firmware page to a URL containing the new firmware. Core support for this feature is present in the 0.7 series, and this specific feature will be available soon.
Supported models
New TM0100 and TM0310 models shipping on or after October 30, 2008 will ship with the new 0.7 series firmware and may be upgraded to future 0.7 series firmware releases as they become available. The first release of the 0.7 series, rel-0.7.1, is not certified for use on older TM0100 and TM0300 models, nor on TM1100 models. Compatibility with 0.6 series firmware
The 0.7 series uses a revised boot loader and is not compatible with firmware releases in the 0.6 or earlier firmware series. Upgrading from rel-0.6.32 through rel-0.6.46 will be possible as models running the 0.6 series become certified to run the 0.7 series, but downgrading from the 0.7 series to any earlier series will not be supported. When to upgrade
TMI does not recommend updating firmware unless you are having a specific problem that is addressed by a newer firmware version. Please contact us if you have specific questions. |