VyOS 1.4.4 LTS Bolsters Security for Hybrid Cloud and Edge Networks

POWAY, CA – December 19, 2025 – VyOS Networks has announced the general availability of VyOS 1.4.4, a Long-Term Support (LTS) release that reinforces the company's open-source universal networking platform. The update delivers targeted enhancements aimed at strengthening security, improving cloud integration, and providing more granular routing control for organizations managing complex hybrid cloud and edge computing environments.

This maintenance release builds upon the platform's core promise: to offer a unified, enterprise-ready network operating system that runs consistently across bare-metal servers, major hypervisors, and public clouds, including AWS, Microsoft Azure, and Google Cloud Platform. By focusing on practical improvements, VyOS 1.4.4 addresses the immediate operational needs of network architects and security professionals tasked with maintaining resilient and secure infrastructures.

Fortifying the Network with Enhanced Security

In an era where data breaches are rampant and network visibility is paramount, the security enhancements in VyOS 1.4.4 are particularly significant. A key highlight is the introduction of TLS support for syslog. This feature enables the encryption of log data in transit from a VyOS device to a central logging server. For organizations in regulated industries like finance and healthcare, which must adhere to standards such as GDPR and HIPAA, protecting sensitive log information from interception is not just a best practice—it's a compliance mandate. Encrypting this data ensures that observability workflows remain secure, preventing attackers from tampering with logs to cover their tracks or gleaning intelligence about the network's architecture.

Further strengthening its security posture, the release enhances Border Gateway Protocol (BGP) policy control with deeper support for Resource Public Key Infrastructure (RPKI). Network operators can now create route map rules that match on BGP prefix origin validation extended communities. This allows for more sophisticated, RPKI-aware routing decisions. In practice, this means an organization can automatically reject or deprioritize routes with an 'Invalid' RPKI status, providing a powerful defense against BGP hijacking—a common attack vector that can redirect traffic, cause massive outages, and facilitate data interception. This feature is crucial for securing the critical link between on-premises data centers and public cloud networks.

Rounding out the focus on stability, the release incorporates over 50 bug fixes. For an LTS version, this commitment to resolving issues is as important as any new feature, providing enterprises with the confidence to deploy VyOS in production environments where reliability and uptime are non-negotiable.

The Open-Source Advantage in a Multi-Cloud World

As enterprises increasingly adopt multi-cloud and hybrid strategies to avoid vendor lock-in and optimize costs, the demand for a consistent networking fabric has soared. VyOS 1.4.4 directly addresses this need by providing a flexible, open-source alternative to proprietary solutions from vendors like Cisco and Juniper. Its ability to run on virtually any platform—from commodity hardware at an edge location to a virtual instance in Azure—allows network teams to standardize their tools, configurations, and automation workflows across disparate environments.

This release significantly deepens its integration with Amazon Web Services through support for the AWS Gateway Load Balancer (GWLB) tunnel handler. AWS GWLB is designed to simplify the deployment and scaling of third-party virtual appliances like firewalls and intrusion detection systems. With this new support, VyOS can now seamlessly function as a scalable security appliance within AWS. Traffic can be transparently steered from the GWLB to a fleet of VyOS instances for inspection and then returned, all without complex routing changes. This architecture provides high availability and scalability, as GWLB automatically manages the health and capacity of the VyOS fleet, making it an ideal solution for centralizing traffic inspection in a dynamic cloud environment.

Compared to other open-source alternatives like pfSense or OPNsense, which have strong roots in firewalling, VyOS has consistently maintained a focus on advanced, enterprise-grade routing. This makes it particularly well-suited for the complex routing scenarios inherent in hybrid cloud and software-defined WAN (SD-WAN) deployments, a distinction this release further solidifies.

A Practical Upgrade for Network Operations

Beyond the high-level strategic benefits, VyOS 1.4.4 LTS delivers tangible improvements for the network engineers and administrators on the front lines. The new features translate directly into more efficient management, finer operational control, and improved day-to-day workflows. The LTS model itself is a major operational advantage, guaranteeing a predictable lifecycle with at least three years of support. This allows IT teams to plan deployments and upgrades on a stable, long-term schedule, avoiding the constant churn associated with more rapidly changing software.

“VyOS 1.4.4 is a practical release focused on secure operations, cloud readiness, and policy control,” said Santiago Blanquet, Chief Revenue Officer at VyOS Networks. “It helps teams run a consistent network OS across environments while improving the security posture and reliability operators need in production.”

The release also includes important guidance for upgrades. The deprecation of SSH DSA keys, for instance, aligns with industry-wide security best practices, pushing administrators to migrate to more modern and secure cryptographic algorithms like ECDSA or Ed25519. Similarly, a change preventing the manual assignment of multicast addresses to interfaces corrects a legacy behavior that could lead to misconfigurations. While these changes may require minor adjustments during an upgrade, they ultimately contribute to a more secure and robust network configuration.

By combining enhanced security, deeper cloud integration, and a steadfast commitment to operational stability, VyOS 1.4.4 LTS provides a compelling platform for organizations seeking to modernize their network infrastructure without succumbing to the costs and limitations of proprietary hardware. It empowers them to build a unified, secure, and resilient network that spans from the data center to the cloud and out to the farthest reaches of the network edge.