v1.10.0 adds Threat Intelligence and an Alerts & Scheduling engine - two features that turn Network Optimizer from a diagnostic tool into something that watches your network while you're not looking.
What's New
For users upgrading from v1.8.x, here's what you missed in the v1.9 series:
- Config backup/restore (v1.9.0) - Export full or settings-only backups as encrypted
.noptfiles with version compatibility checks on import - Visual refresh (v1.9.0) - Neutral dark palette inspired by Linear and Vercel, replacing the blue-tinted theme. Flatter cards, tighter typography, and dozens of hardcoded colors consolidated into CSS custom properties
- Network purpose override (v1.9.0) - Override the audit's auto-classification per-network from the Network Reference table, shared with the Wi-Fi Optimizer
- Antenna pattern and heatmap fixes (v1.9.1) - Corrected azimuth indexing, wall-mounted AP pattern swaps, outdoor omni rotation, plus cached buildings/walls and parallel grid computation for faster heatmaps
- Smarter management VLAN check (v1.9.1) - The audit now checks whether management devices have fixed IP assignments instead of blanket-warning whenever DHCP is enabled
Threat Intelligence
Your UniFi gateway's IPS blocks threats all day, but the controller buries this data in a flat event log with no context. The new Threat Intelligence dashboard pulls those IPS events and analyzes them - who's attacking you, where they're coming from, what they're after, and whether it's random noise or a coordinated effort.
- Exposure analysis - Cross-references your port forwards with actual threat data so you can see which exposed services are getting hammered and from where
- Attack sequence detection - Watches for the same source IP progressing through kill chain stages (reconnaissance to exploitation to post-exploitation) and flags the ones that look like real campaigns rather than drive-by scanning
- Geographic and ASN breakdowns - Shows which countries and networks are generating the most traffic against your infrastructure
- CrowdSec CTI integration - Adds reputation scoring and MITRE ATT&CK classification to source IPs, so you know whether an IP has a history across the broader internet (optional, free tier available)
- MaxMind GeoIP - Geographic context for threat sources with one-click database download (optional, free tier)
- Configurable noise filters - Hide noisy traffic patterns to focus on real threats
- IP / Port / Protocol drill-down views - Click any IP or port to inspect detailed attack patterns and history
Alerts & Scheduling
Set up automated speed tests and security audits on a schedule, and get notified when something goes wrong.
- Recurring schedules - Automated WAN speed tests, LAN speed tests, and security audits with configurable frequency, time windows, and Run Now support
- Alert rules - Watch for audit score drops, WAN speed degradation, LAN speed regression, IPS attack chains reaching active exploitation, and scheduled task failures. Each rule has configurable severity thresholds and cooldown periods
- Threshold gating - Tune sensitivity to your environment (e.g., "alert me when WAN speed drops 40% below the recent average")
- Multi-channel delivery - Email (SMTP with STARTTLS), Discord, Slack, Microsoft Teams, and generic webhooks with HMAC signing
- Digest mode - Low-priority alerts bundle into daily summaries instead of pinging you every time your neighbor microwaves lunch and your 2.4 GHz channel gets congested
- Incident correlation - Groups related alerts into incidents so multiple devices on the same switch going offline shows as one event, not twenty
Dashboard
- Threat Events (24h) and Active Alerts stat cards on the main dashboard for at-a-glance status
Installation
Windows: Download the MSI installer below
Docker:
docker compose pull && docker compose up -dmacOS (native, recommended for accurate speed tests vs Docker Desktop):
git clone https://github.com/Ozark-Connect/NetworkOptimizer.git && cd NetworkOptimizer && ./scripts/install-macos-native.sh
# or if you already have it cloned
cd NetworkOptimizer && git pull && ./scripts/install-macos-native.shProxmox:
bash -c "$(curl -fsSL https://raw.githubusercontent.com/Ozark-Connect/NetworkOptimizer/main/scripts/proxmox/install.sh)"For other platforms (Synology, QNAP, Unraid, native Linux), see the Deployment Guide.