WinGate 6.0 is a major update to version 5.2.3, including enhanced support for Terminal Services and Active Directory, Bandwidth control, dynamic service binding, a re-written mail server with many new features, including POP3 retrieval, remote queue management, extensive routing and SSL/TLS options, attachment blocking, spam-rejection and more; a re-written web proxy for increased performance, HTTP1/1, PHP and SSL compatibility, and support for several authentication methods (including NTLM), major re-work to the WinGate Client, including centralised administration, application execution control and remote deployment, command shell window allowing remote access to command-line utilities, connection failover, remote gateway monitoring and selection, DMZ support, ARP responder, and several bug fixes
Release notes
The following main features and changes were introduced with WinGate 6.0
1. A major rewrite of WinGate Mail with the following additional features:
a) New SMTP delivery engine, with support for TLS connections, SMTP authentication (CRAM-MD5, NTLM, and PLAIN). This can be configured on a server by server basis, so you can now set up trusted email networks.
b) Several new enhancements added to WinGate Mail specifically designed to combat spam. These include: - IP vs email domain verification, based on MX and PTR->A record lookups. - optional blocking of numeric sender domains for untrusted senders - optional blocking of blank return-path for untrusted senders. - attachment blocking.
c) POP3 collection has been added. You can now retrieve email from a number of POP3 accounts and deliver these to a defined email address or based on local domain configurations.
d) advanced mail routing, including per-email address restrictions (message size, attachment blocking, and copying mail)
2. Major improvements to the WinGate Client application (known as WGIC). The main benefit of the WGIC now is to be able to centrally control whether applications that use networking are allowed to be launched or access local or remote networks. New features include:
a) Support for centralised configuration management so administrators no longer need to configure settings on individual machines
b) Support for complete network-lockdown or even termination of an unauthorised application.
c) Support for authentication and application control only (no redirection).
d) Separate MSI-based installer allowing for remote deployment. This is available in your
3. A major overhaul of the WWW Proxy. New features include:
a) HTTP authentication by NTLM or HTTP Basic methods for proxy connections, TR intercepted connections, and server requests.
b) Support for HTTP/1.1 including keep-alives and chunking (this results in a great improvement in performance) for proxy and server.
c) Improved Support for server-parsed CGI (e.g. PHP) in readiness for our Webmail product.
4. Added support for Terminal Services. Changes have been made to the engine to allow multiple user contexts per single IP address. This means WinGate users can now specify user-level access control and policies for their Terminal Services clients.
5. Several improvements to overall performance and resource/memory footprint make WinGate faster, consume less memory and CPU and more reliable than ever.
6. Added a new utility to GateKeeper, providing secure access via the GateKeeper connection to cmd.exe on the WinGate server. This allows you to run console applications to perform functions like modifying the system route table, testing network connectivity with ping or tracert from the server, viewing and killing processes, running batch files etc etc.
7. Bandwidth throttling functions in the ENS. Users can now throttle bandwith for client machines, services, by time of day, direction of traffic, source and destination IPs, port and protocol.
8. New dynamic binding system. Prior versions of WinGate bound services statically to fixed IP addresses. If these addresses changed then bindings could cease to function, or be removed. WinGate now dynamically binds all services to all available adapters based on a policy configurable by the user. This allows the user to set more intuitive bindings, which will reflect changes in the network as they happen. For instance if you plug in a USB network adapter, WinGate will determine if it is an internal or external adapter, and bind the IP addresses of this adapter to any service that is configured to dynamically bind to that type of adapter (i.e matches the service's binding policy).
9. Bind services to multiple port numbers. You can now bind services to multiple port numbers by setting binding policies which override the service port.
10. Accept SSL connections on services. Certain services (WWW Proxy, SMTP and POP3 Services) now allow you to accept SSL connections This means that you can set up secure web access, or secure mail using SSL (as well as using the previous TLS support). This provides Outlook mail users with a maximally-secure mail option. You can even use a different certificate per interface, to allow mail clients that use the internal adapter to validate a specifically generated certificate for that interface.
11. Support for IPSEC NAT-T added. Fixed a bug in UDP processing where lack of a UDP header checksum caused packets to be dropped. This had caused IPSEC NAT-T to break.
12. Centralised certificate management added. Many services now accept SSL connections. Certificates may now be generated and accessed from a central certificate manager.
13. Added gateway selection. Now you can direct traffic from your proxies through specific next hop gateways on your LAN, or through specific dialup adapters. Enhanced support for multiple dialups has also been incorporated.
14. DMZ support has been added, with an ARP responder to assist in subnetting where there are address restrictions.
15. Fixed a problem with the internal DNS resolver relating to following chains of CNAME records.
16. Fixed a problem with some RealTek network adapters.
17. Fixed a security problem in the WWW Proxy which would allow unauthorised read-access to files.
18. Several other bug fixes.
19. Major GUI overhaul in GateKeeper, including the following features:
a) Mail queue window added, you can now see details of all the queued domain jobs, view the messages that are queued remotely, and abort or force domain queue processing
b) Network window overhauled, including the addition of a Network Connections frame. This allows you to see the status of your network adapters just like the OS version, with notifications of when adapters are connected or unplugged. Even on Windows 95, and NT, which don't themselves support notification of LAN cable status, you can now see when a cable is unplugged, plus more useful information like IP addresses, MTU etc.
c) Adapter Properties dialog. Double click on an adapter in the Network connections window, and view its details, and a graphical view of the traffic going through the adapter.
d) Changes to the way service dialogs are displayed. The new "TreeSheet" allows the display of many more tabs without the normal problem of tab controls becoming cluttered with too many tabs.
e) Quarantine Preview. You can now preview items that are quarantined. This allows you to make a better decision about whether to release or delete the quarantined file.
20. New Help file, based on HTML help.