AIONCLOUD Docs

Release Note

[Announcement] WMS Service Expansion and Name Change

 WSPC
Website Security Posture Check

As part of the enhanced capabilities of AIONCLOUD's existing Website Malware Scanner (WMS), we are pleased to announce its renaming to Website Security Posture Check (WSPC).

New features, such as SSL/TLS Certificate Monitoring, DNS Record Monitoring, and Blocklist Registration Monitoring, have been added to help you more comprehensively manage your website's security.

In today's digital age, website security is crucial for maintaining trust and ensuring sustainable business operations. While many companies focus on real-time traffic defense, comprehensive security assessments of websites are equally important. WSPC provides an all-encompassing security solution, monitoring your website's overall security posture to detect potential threats and ensure safe operations.

Furthermore, this enhancement marks only the beginning. We plan to expand the service to include vulnerability checks and other advanced security features. AIONCLOUD remains committed to continuously improving its services to safeguard your website’s security.

Thank you for your continued support and interest.



2024-09-30 Release

 WMS 
New Feature: Blocklist Monitoring

In this release, we have added the blocklist Monitoring feature to monitor the blocklist status of registered domains in real time. If your domain gets listed on a blocklist, It can lead to consequences such as email and web service traffic being blocked by security systems, or search engines applying SEO penalties. This feature enables users to quickly identify and respond if their domains have been listed in spam or malicious site databases, helping to maintain both security and trustworthiness.

• Provides comprehensive blocklist information by integrating with multiple CTI platforms.
• Offers a Risk Score based on various security evaluation criteria.


New Feature: SSL Certificate Monitoring

We have introduced SSL Monitoring, which continuously monitors the validity of SSL/TLS certificates and promptly detects tampering attempts to ensure secure communications. This feature helps prevent phishing and man-in-the-middle attacks caused by certificate tampering, providing users a safer browsing experience. Additionally, it monitors the certificate expiration dates, allowing users to prevent issues caused by expired certificates in advance.

•Monitors the validity of internal elements within the uploaded SSL certificates.


New Feature: DNS Records Monitoring

We have introduced DNS Monitoring, which ensures the integrity of DNS settings and records by monitoring for potential tampering. This feature helps prevent traffic interception and phishing site redirection and maintains domain trustworthiness by detecting any unauthorized changes to DNS records. In large organizations, where security and system operations are often managed separately, DNS record management can become complex. This can lead to situations where changes to DNS records are not timely reflected or properly managed. DNS Monitoring addresses these challenges by ensuring that DNS record updates are monitored and maintained effectively.

• Provides monitoring for selected DNS records by allowing users to upload their current DNS zone files.


Update Feature: Malware Scanner Engine Updated

The malware scanner engine has been updated to the latest version. This update includes enhanced detection algorithms, 
allowing for identifying a broader range of threats, significantly improving malware analysis speed, and providing more detailed malware information.



2024-08-22 Release

 SIA 
New Feature: URL Rewrite Update

The URL Rewrite feature has been added to Security Policies, allowing administrators to enforce specific modes or feature restrictions based on HTTP headers. For example, administrators can restrict YouTube viewing modes by using headers such as YouTube-Restrict: Strict or YouTube-Restrict: Moderate. 

Usage Examples:
• Request URL Rewrite - Add headers such as X-Forwarded-For to effectively manage and monitor traffic.
• Response URL Rewrite - Add security headers like X-Content-Type-Options to protect users from harmful websites.


Update Feature: Enhanced Access Control Toward Public Internet

Access Control has been updated to now include not just context-based access control to corporate resources, but also control over public web access. When an Internet zone is specified in Access Control, it will be reflected in the control zone. Any Internet zone that is not specified will not be subject to control.    



2024-08-12 Release

 SIA 
UI/UX Improvements

The console's interface has been redesigned to provide a more intuitive and streamlined experience.


 SRA 
New Feature: Device Posture Check(DPC)

In this release, we have added the Device Posture Check (DPC) capabilities in our Secure Remote Access (ZTNA) service. The updates include:

  • Posture Checks by End-point Devices
    • Available for Windows, macOS, Android, and iOS devices.
  • Posture Check Attributes
    • Antivirus: Checks whether antivirus software is enabled.
    • File Path: Verifies the presence of specific file paths or files.
    • Process: Confirms whether specific processes are running.
    • OS Version: Checks the OS version and whether the latest patches are applied.
    • Firewall: Verifies if the OS firewall is enabled.
    • Certificate: Checks for the presence of specific certificates.
    • AD Domain: Ensures that a user is a member of a specific Active Directory domain.
    • Device Serial Number: Confirms if the device serial number matches an authorized serial number.

* Supported end-point devices and attributes table

릴리즈노트_DPC테이블.png


2024-04-30 Release

 SIA  
  • Add Remote Browser Isolation
 SRA  
  • AIConnector Profile
    • Automatic AIConnector Upgrade
    • Lock AIConnector Switch
  • Dynamic Connector lineup for RBI

2024-04-11 Release

 WAAP  Enhance API Security
  • Enhanced UI convenience

  • Add token validation
  • Add payload validation
  • Add access control
  • Add block message
 WAAP  Enhance Security Event
  • Add IP Reputation Search to the detailed view of a security event.

2024-03-28 Release

 SIA  
  • v3.2.1 bug fix
  • Add block page user option
  • Add gateway connector

2024-02-29 Release

 SIA  
  • Add ATP to signature Mgmt
  • Add ATP to report
  • Add detailed view of audit log
  • Add SaaS security analytics

2024-01-31 Release

 SIA  
  • Add SaaS Category DB  
  • Add ATP Inspection with Ailabs
  • Add PII(Personally Identifiable Information) inspection 
  • Add logging action 
  • MFA apply user and usergroup
  • Add Audit Log

2023-01-17 Release

 WAAP  Enhance Activity Stream
  • Display more detailed information in the activity log
 WAAP  The root domain can also be assigned an ANAME or Alias

2023-12-06 Release

 SIA  
  • v3.1.1 bug fix 
  • Enhance Usability and Functionality

2023-11-15 Release

 SIA  
  • v3.1.0 bug fix 
  • Enhance Usability and Functionality

2023-11-02 Release

 SIA  

2023-10-12 Release

 WAAP  Add Slow DoS
 WAAP  Add Forced Browsing
 WAAP  Add Request Throttling
 WAAP  Add Credential Stuffing
 WAAP  Separate sorry page from health server checker.
  • Change name of Sorry Page to Fallback Page
 WAAP  Enhance Rate Limit
  • Add cookie and header as a criteria for determining the same client.
 WAAP  Enhance User-Defined rule
  • Add File Extension field to condition list


2023-08-02 Release

 WAAP  Add CDN
 Billing Info  Change the Pricing Policy
  • Free, Essential, Business, Enterprise
 WAAP  Rename WAF to WAAP
  • WAAP : WEB Application & API Protection
 WAAP  Add malicious bot detection function.
  • Honeypot Trap: Sets the network connection system as bait to attract cyber attackers and identifies unusual approaches.
 WAAP  Add Header based Client IP Identification & Custom Client IP Injection
 WAAP  Enable asterisk(*) regular expression in Rate Limit
  • An asterisk (*) matches zero or more characters, enabling the detection of URLs with the same pattern.
 WAAP  Add request body to detail view of Security Event (Only for Enterprise Users)



2023-06-28 Release

 WAF  Enhanced malicious bot detection function
  • IP Reputation: Identifies and detects the Bot using Bot Management IP reputation information
  • Rate Limit: This is a function that allows you to create and query threshold-based rules for repetitive access from the same client.
  • Advance: You can choose how to automatically identify and mitigate malicious Bot's website visits to websites.

2023-01-02 Release

 WAF  User interface changes a lot
 WAF  Add User-Defined rule
 WAF  Add API Security
 WAF  Change Access Control Rule based
 WAF  Added policy copy function by domain
 WAF  Web security, detection function available
 WAF  Enhanced stability and UI convenience


2022-04-27 Release


 WAF  Web Cache



2021-11-16 Release


 WAF  Error Clocking Detailed Settings





2021-11-02 Release


 WAF  WAF Customize Block Page



2021-08-19 Release

 WAF  WAF Login Enhanced Authentication



2021-08-01 Release


 SIA  SIA SERVICE OPEN of ZTNA(SDP)



2021-02-15 Release


 WAF  The feature to add new records has changed

When adding a record to DNS, "Name" cannot contain host.

 WMS  Add Direct IP feature

When diagnosing, WMS accesses the server without going through a proxy such as WAF service.

 WMS  API Updated

Added request body for new features.


2020-12-07 Release

 WAF  WAF Detect Log UI Improvement
 WAF  Add Stripe Korean Won Payment


2020-11-17 Release

 WMS  Changed the service name WMD to WMS (Website Malware Scanner)
 WMS  Add Screen switching feature
  • This is a feature that protects website visitors from malicious infected pages.
  • Based on the latest diagnosis results, malicious pages are redirected to safe pages.
  • To collect malicious pages, you need to add the code to your site.


2020-10-12 Release

 WAF  Add Server side loadbalancing(SLB) feature
  • This feature is used when there are more than one origin server.
  • When SLB is enabled, the dashboard displays server status information.
  • When all servers become inaccessible, the Sorry page is responsed to the client.
 WAF  Changing the setting value of a threshold-based policy
  • You can set Period, Count, and Block Time in the DoS Detection policy.
  • The maximum Period for the Brute Force Detection policy has been increased to 300.




2020-09-21 Release

 WAF  Add detect log excel download feature
  • Added the feature to download detect logs as an Excel file.


2020-08-13 Release

 WAF  Add JS Challenge policy
  • The JS Challenge policy has been added to the user defined tab of the policy.
    Upon receipt of the HTTP request, the WAF responds with Javascript challenge script, which can only be interpreted in a web browser. It allows access to the actual website only when interpreting this script, and it defends automated attacks such as bots that cannot be interpreted. 



2020-03-02 Release

 AIONCLOUD  Change UI Design
  • Improved overall UI design.
  • The pages are sorted by service.
 SWG  SWG Service Launch

It has launched client security service SWG(Secure Web Gateway).

 WAF  Add domain permissions by member




2020-01-20 Release

 WAF  Add ldap injection policy

The ldap injection policy has been added to the security tab of the policy. 

 WMD  WMD UI changed
  • Changed "Site Map View"
  • Add Sitemap Option in "Site Management > Add site"
  • Diagnose only newly added or changed URLs.
  • Changed "Diagnosis Status > Report"




2019-10-30 Release

 WAF  Add AIONCLOUD DNS Sever
  • If you change your name server to the ones provided by AIONCLOUD, you can register root-domain.
  • DNS management screen has been added in domain info. You can register or delete DNS records.
 WAF  Add API

The API for DNS services has been added. Details can be found in API DOCS.




2019-09-30 Release

 Billing Info  Add modify the payment information
  • You can check the current card information in the 'Information menu' and click 'Change' to modify the card information.
  • In 'Payment Information', you can check payment information based on service use and payment history by period. You can change the item by clicking 'Change'.
  • The function to select the product has been added. If you change the product it will be changed on the 1st of next month.
 Billing Info  Change payment method(Stripe)
  • The function to modify card information has been added. You can edit your credit card information
  • The function register payment information has been added.
    After you register your card information, the fee for this month's use will be paid on the 1st of next month. The fee for this month's use will be calculated according to the number of days.
  • The charge based on the traffic has been added to the product



2019-08-30 Release

 WAF  Add BPS graph

The site Dashboard's UI page has been better. and you can view the BPS graph.

 WAF  Add Auto generate monthly report function

If you check "Auto generate monthly report", the report will be generated automatically on the first day of each month.

 WAF  Add EC Private Key supports
 WMD Add API

The WMD service's API has been added. Details can be found in API DOCS.

 WMD  Add Report

Excel file were added for type of report file.




2019-07-19 Release

 WMD  Improvement of site map's UI

Changed the site map's UI look better. and you can view the start time and create time.

 WMD  Improvement of diagnosis report's UI
  • "View Threat Info Only" function add. If you check this, you can only see threat information.
  • Added Host, URI items to threat information.
 WMD  Add notification email setting.

You can set up multiple emails to receive notifications about malicious information detection.

 WAF   WMD  bug fixes

Minor bug fixes




2019-06-21 Release

 My Page  Add Member menu

The invited member shares the data of your account.

 WAF  Add API

The WAF service's API has been added. Details can be found in API DOCS.

 WMD  Improvement of Report

Revised the report to make it look better.

 WAF   WMD  bug fixes

Minor bug fixes




2019-05-24 Release

 WMD  'Diagnosis level' function add

When you start 'Diagnosis', you have the 3 option of a diagnostic level to choose from.
The level option sets the diagnostic time for individual URLs.
the 3 options are quick (1 second), normal (10 seconds), and deep (30 seconds).
The reason for setting the url diagnosis time is to detect the type of malicious code that is running for a certain period of time to avoid detection such as APT solution.

 WMD  'Diagnosis abort' function add

When the diagnosis is in progress, the 'diagnosis start' button is changed to the 'diagnosis abort' button so that the diagnosis can be canceled.

 WMD  'Remaining time' check function add

'Remaining time' can be checked in Current diagnosis info of Dashboard menu.

 WMD  'Report' view function improving

'Report' can be checked in diagnosis progressing.

 WAF   WMD  bug fixes

Minor bug fixes