Where would we be without software? As we all know, it is the life blood of technology — the brains behind the braun of hardware, and the engine that provides intelligence, security, the ability to optimize performance and enhance user experience, and much more. Our regularly scheduled firmware updates enable us to build in new features that continually enhance the value and capabilities of your Digi cellular routers, servers, and infrastructure management systems, and rapidly deploy security patches and bug fixes as well.
The Digi Accelerated Linux operating system (DAL OS) provides powerful intelligence to our solutions, enabling automation, security, out-of-band management and other sophisticated capabilities that support the needs of users and network managers across enterprise, industrial, transportation, government and medical use cases.
DAL OS is fully integrated with Digi Remote Manager®, our cloud-based remote configuration and management tool, and together these key software offerings enable those who use and manage Digi solutions to gain visibility and seamless access to the full value of their devices — wherever they are deployed.
In this blog post, we showcase the great new features we've added to Digi Remote Manager and DAL OS version 24.3.28.88. We invite you to take a minute and walk through the most important highlights of our software’s latest additions and changes.
Which Digi Devices Support DAL OS?
Digi has a large and growing list of devices based on the DAL operating system — including routers, console servers, USB management devices and other infrastructure management products:
Digi Pillars of Focus
The following software features revolve around the four pillars of Digi: security, ease of use, resiliency, and cost savings. Each section describes our latest patches and updates.
Security
Mission and business-critical devices often live in the field for many years. With each major release of the Digi Accelerated Linux operating system, we address common vulnerabilities and exposures (CVEs) including ongoing monitoring, alerts, and notifications related to CVEs.
Digi is highly focused on cybersecurity, and we provide a range of tools, resources and value-added services to our customers.
Our ongoing monitoring and regular updates of DAL OS are a part of our complete offering. You can learn more about Digi cybersecurity in our Security Center, our Digi TrustFence® page, and our Value Added Services page.
Updates for urgent CVE patches:
- Linux kernel version 6.7
- Python version 3.10.13 ( CVE-2020-10735, CVE-2023-40217, CVE-2023-24329, CVE-2023-0286, CVE-2022-4303, CVE-2022-4303, CVE-2022-37454, CVE-2022-42919)
- OpenVPN 2.6.9 (CVE-2023-46850, CVE-2023-46849)
- mosquitto 2.0.18 (CVE-2023-28366)
- dnsmasq 2.89 patch (CVE-2023-28450)
- rsync 3.2.7 (CVE-2022-37434, CVE-2022-29154, CVE-2018-25032)
- Netifd/ubus/UCI/libubox 22.03
The access-control list (ACL) rules for the SNMP service in DAL OS was also updated to prevent external WAN access by default.
Return-on-Investment
Monitor your site performance with Ookla Speedtest
The Ookla speed test is an integrated troubleshooting tool within Digi Remote Manager for evaluating WAN connection performance. The tool can be utilized on any Digi router than runs DAL OS with any type of Internet connection, whether that is a cellular modem, wireless Wi-Fi WAN, and wired WAN connection.
The speed test provides results for throughput, jitter, and latency of a device's WAN connection, which can help you identify the optimal location for installing the Digi device. The Speed Test History tab in Digi Remote Manager can also be utilized for monitoring for any changes in expected throughput at the site.
Audit firmware and configuration changes through Digi Remote Manager
Digi Remote Manager has a wealth of information for monitoring and managing your Digi devices. For devices managed by multiple entities, having historical records of when major changes happened on the device is critical for auditing and troubleshooting purposes. Two new pieces of information now available in Digi Remote Manager are the Firmware History tab on the device’s details page and the Configuration Change History in configuration template. These can be utilized to have a historical record of when firmware updates and configuration changes happened to your fleet of devices, what those changes were, and records of who made those changes, all of which are crucial information when troubleshooting a device that is not behaving as expected or when complying with annual system audits.
Ease-of-Use
View your Digi RM licenses information
Managing your Digi Remote Manager premier license subscriptions just got a lot easier.
System administrators can now see in their Account subscriptions a live count of active Digi RM licenses and their expiration dates, which helps with planning license renewals and adding devices to their account.
Expanded VPN support with Wireguard
Digi devices already supported multiple VPN protocols like IPSec and OpenVPN, and now we have expanded that to include the WireGuard VPN protocol directly in the Digi firmware. WireGuard is a simple, fast, lean, and modern VPN that utilizes secure and trusted cryptography. WireGuard operates at the network layer to provide communication between devices over a public network. It encrypts and encapsulates traffic to protect information.
WireGuard supports full networking capabilities including standard, policy-based, and static routes, as well as firewalls. In addition to having IPs inside the tunnel, like IPSec and OpenVPN, you can use this WireGuard for policy-based routing to send only certain traffic through the tunnel or use it for static routes to send routing and networking through regardless of the source IP. Digi devices can be configured to establish one or more WireGuard VPN tunnels, as well as handling both client-mode (outbound) and server-mode (inbound) connections.
- Client mode, configure the Digi device to act as a client, so it establishes an outbound WireGuard VPN tunnel to a remote server.
- Server mode, configure the Digi device to act as a server, so one or more remote devices can establish an inbound WireGuard VPN tunnel to the device.
See this section in our Digi user guides for details on setting up, monitoring, and managing WireGuard VPN tunnels on your Digi devices.
Roll-up datastream metrics by average or total usage by day
Each datastream metric that is tracked by DigiRM over time can be inspected to view those datapoints individually. New enhancement is the datapoints can be condensed and view as a single metric per day, where the metric is the sum total or average of the datapoints by day. This provides powerful insights and notifications for changes in the device over time, or with alerting on spikes in daily device usage.
Resiliency
Enhanced versatility of Automation steps with multiple match strings
Digi Remote Manager’s Automation feature has proven to be a powerful tool to users for performing complex, custom tasks or services on their Digi devices.
Digi has expanded the versatility of Automations even further by adding the ability to add one or more matching filters to an Automation step, ensuring that the Automation dynamically determines and performs the defined task on the desired target devices, all without the user having to manually specify those devices beforehand.
Secure layer-2 network traffic over a private cellular network with GRETap tunneling
Digi devices running DAL OS have supported IP tunneling with GRE/mGRE, and now expand that to include GRETAP tunneling. A Generic Routing Encapsulation Terminal Access Point (GRETAP) tunnel operates on OSI level 2 and encapsulates Ethernet traffic in IPv4 packets as described in RFC 2784, which can be utilized to create a multi-site layer-2 flat network. This type of multi-site networking is incredibly beneficial for private cellular networks for sending realtime data between sites while minimizing packet overhead and latency.
More information on setting up an GRETAP IP tunnel can be found in our Digi user guide.
Improve cellular connection reliability at congested sites by locking the modem to a particular set of LTE or 5G bands
Cellular connectivity sometimes require site-specific settings to ensure it is connecting to the best tower or the desired cellular network, especially for MVNO SIMs or sites that have multiple towers in the area with one being clearly the best. Users now have the ability to lock the Digi device to utilize a specific set of LTE or 5G bands at a site, or configure the Digi device to exclude a specific set of bands from use.
This should be a rarely-used option, as the Digi device and cellular network have built-in optimization tools for determining the best tower and bands to utilize for each active cellular connection. However, for the sites that need this manual intervention, having the ability to lock the modem to specific cellular bands can ensure a stable and lasting cellular connection.
Monitor changes on your Digi router with SNMP and email alerts
Device monitoring happens at multiple levels depending on how users need that information integrated into their systems. Digi Remote Manager is Digi’s primary and most versatile tool for actively monitoring and fully managing your Digi device. That said, many users have their own external systems for monitoring their equipment. Digi devices that run DAL OS now support two new options for providing system-level notification alerts: SNMP traps and SMTP emails. Digi devices can be configured to sent one or more event types as SNMP traps or SMTP email to one or more remote servers. See this section in our Digi user guide for more information on setting up external event notifications.
Full Changelog
For more details on the above features included in the new DAL OS firmware along with details on additional enhancements, bug fixes, and security updates, please see the changelog link for the relevant product family:
If you have any questions or concerns about the below features, or for assistance updating your device(s), please contact the Digi Support team.
Next Steps