Main new features are:

Wireless Captive Portals
Managing your wireless access is now easier with the addition of a captive portal system. As the admin, you create voucher dispensers via WebAdmin, and then can allow users to create and distribute access vouchers via the UserPortal. This favored system which is widely used in hotels, coffee shops, and managing guest access. The system can be used to create one-time passwords or generate a password-of-the-day and supports both time and bandwidth limits for issued vouchers as well. You can work with and configure this feature from Wireless Protection–>Captive Portals.

Endpoint Protection
UTM 9 offers a new Endpoint Protection system which is configured in a new, dedicated section inside WebAdmin. Clients are managed with the same ease that has made our Wireless Protection and RED products so popular, and our Endpoint Protection launches with Anti-Virus and USB port control. Endpoints are fully managed from within WebAdmin, and are licensed on a per-desktop basis using a licensing system that operates alongside normal UTM functionality on a new tab in the licensing area of WebAdmin. Much more information will be available as we approach GA until then, try it out!

HTML5 VPN Portal
A brand-new clientless portal has been added which allows you access to applications using only a browser windows. Using HTML5 technology, you are able to control your desktops and access servers with a level of responsiveness never before possible in such a feature. Unlike our competitors, when we say clientless, we mean it; there is no need to install any plugins, browser add-ons, or download and run an application. Even more attractive is the clean-up process, simply close the browser window and no trace is left behind, meaning you can confidently use your access at public terminals without having to wipe your tracks.
Configure this access from WebAdmin in Remote Access–>HTML5 VPN Portal and then use the UserPortal to access your application(s).

Sophos Anti-Virus (SAV)
UTM 9 adds Sophos Anti-Virus which replaces the Clam AV scanner that was used as one of two possible engine choices in previous versions. The Avira engine remains and complements SAV as a separate, parallel Anti-Virus scanner for use in Web, Mail, and Web Application Protection. Faster and much more capable than Clam, SAV brings with it the years of expertise and considerable capabilities of the Sophos core technology. You may now also select which engine to use when single scan is selected throughout WebAdmin. This can be configured from Management–>System Settings–>Scan Settings.

Summary:

In the HTTP proxy of Astaro Security Linux, there is a feature that can be enabled which is titled “Block CONNECT method on HTTP port:”. This feature, if activated, will instruct the proxy to only service ‘Post’ and ‘Get’ requests, with other types of commands over the proxy being rejected. Some types of programs, such as Peer-to-Peer, Instant Messaging, and Spyware, attempt to connect to the Internet using the connection request over the HTTP proxy. With the proxy restricted to only ‘Post’ and ‘Get’ requests, these types of programs are largely restricted from connecting to the Internet, while normal web page traffic proceeds unimpeded.

While this option has none of the fine granularility of the Intrusion Protection System, it does offer the ability to globally disable many types of programs that admins seek to deny, or spend time blocking by destination IP address using the Packet Filter. If this option mistakenly blocks a program that is needed, it is best to disable it and perform a more specialized configuration using Astaro’s Intrusion Protection.