Release Notes Version 7.8

Similar documents
Release Notes. Release Purpose... 1 Platform Compatibility... 1 Upgrading Information... 1 Browser Support... 2 Known Issues... 3 Resolved Issues...

Release Notes Version 8.1

Platform Compatibility... 1 Enhancements... 2 Known Issues... 3 Upgrading SonicOS Enhanced Image Procedures... 3 Related Technical Documentation...

Barracuda Firewall Release Notes 6.6.X

SonicOS Enhanced Release Notes

Release Notes. Release Purpose... 1 Platform Compatibility... 1 Upgrading Information... 1 Browser Support... 1 Known Issues... 2 Resolved Issues...

Barracuda Firewall Release Notes 6.5.x

Aventail README ASAP Platform version 8.0

BIG-IP Access Policy Manager : Portal Access. Version 12.1

EQ/OS Release Notes

BIG-IP Access Policy Manager : Portal Access. Version 13.0

Network Security Platform 8.1

Barracuda Link Balancer

Release Notes. Dell SonicWALL SRA Release Notes

How to Configure Authentication and Access Control (AAA)

BIG-IP Access Policy Manager : Authentication and Single Sign-On. Version 13.1

SOURCEFIRE 3D SYSTEM RELEASE NOTES

Load Balancing Microsoft IIS. Deployment Guide v Copyright Loadbalancer.org

vshield Administration Guide

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

Barracuda Load Balancer ADC REST API Version 2

SOURCEFIRE 3D SYSTEM RELEASE NOTES

SonicOS Enhanced Release Notes

How to Configure SSL VPN Portal for Forcepoint NGFW TECHNICAL DOCUMENT

VMware Identity Manager Cloud Deployment. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager

VMware Identity Manager Cloud Deployment. Modified on 01 OCT 2017 VMware Identity Manager

AppSense DataNow. Release Notes (Version 4.0) Components in this Release. These release notes include:

McAfee Network Security Platform 8.3

WatchGuard Dimension v2.1.1 Update 3 Release Notes

SonicOS Enhanced Release Notes

SonicOS Release Notes

McAfee Network Security Platform

McAfee Network Security Platform 9.1

McAfee epolicy Orchestrator Release Notes

BIG-IP Application Security Manager : Implementations. Version 13.0

Network Security Platform 8.1

Network Security Platform 8.1

NetScaler for Apps and Desktops CNS-222; 5 Days; Instructor-led

What is New in Cisco ACE 4710 Application Control Engine Software Release 3.1

SonicOS Enhanced Release Notes

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

CNS-207-2I Implementing Citrix NetScaler 10.5 for App and Desktop Solutions

Network Security Platform 8.1

jetnexus Virtual Load Balancer

BIG-IP Analytics: Implementations. Version 13.1

jetnexus Virtual Load Balancer

McAfee Network Security Platform 8.3

Scan Report Executive Summary

SonicOS Enhanced TZ 190 Series Early Field Trial Release Notes SonicWALL, Inc. EFT Release: May 22, 2007

Setting up Microsoft Exchange Server 2016 with Avi

Understanding of basic networking concepts (routing, switching, VLAN, firewall functionality)

AppSense DataNow. Release Notes (Version 4.1) Components in this Release. These release notes include:

Course Objectives In this course, students can expect to learn how to:

McAfee Network Security Platform 8.1

Android Mobile Single Sign-On to VMware Workspace ONE. SEP 2018 VMware Workspace ONE VMware Identity Manager VMware Identity Manager 3.

Installing and Configuring vcloud Connector

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Integrate Citrix NetScaler

Citrix NetScaler Basic and Advanced Administration Bootcamp

Juniper Networks Secure Access Release Notes

Citrix Exam 1Y0-253 Implementing Citrix NetScaler 10.5 for App and Desktop Solutions Version: 6.0 [ Total Questions: 186 ]

HP Cloud-Managed Networking Solution Release Notes

BIG-IP Access Policy Manager : Secure Web Gateway. Version 13.0

Citrix NetScaler Traffic Management

Citrix NetScaler Administration Training

Viewing System Status, page 404. Backing Up and Restoring a Configuration, page 416. Managing Certificates for Authentication, page 418

IBM Security Access Manager Version December Release information

Overview. ACE Appliance Device Manager Overview CHAPTER

Load Balancing Censornet USS Gateway. Deployment Guide v Copyright Loadbalancer.org

Scan Report Executive Summary

McAfee Network Security Platform 8.3

SOURCEFIRE 3D SYSTEM RELEASE NOTES

How to configure the UTM Web Application Firewall for Microsoft Lync Web Services connectivity

Realms and Identity Policies

CommandCenter Secure Gateway Release 3.0.2

Deploying VMware Identity Manager in the DMZ. SEPT 2018 VMware Identity Manager 3.3

SpamCheetah manual. By implementing protection against botnets we can ignore mails originating from known Bogons and other sources of spam.

Barracuda Web Application Firewall Foundation - WAF01. Lab Guide

This Readme describes the NetIQ Access Manager 3.1 SP5 release.

High Availability Synchronization PAN-OS 5.0.3

Lenovo ThinkAgile XClarity Integrator for Nutanix Installation and User's Guide

Security in the Privileged Remote Access Appliance

Remote Support Security Provider Integration: RADIUS Server

McAfee Network Security Platform 8.3

AppGate 11.0 RELEASE NOTES

Load Balancing Sage X3 ERP. Deployment Guide v Copyright Loadbalancer.org, Inc

HP Load Balancing Module

BIG-IP Access Policy Manager : Visual Policy Editor. Version 12.1

User Identity Sources

Venafi Platform. Architecture 1 Architecture Basic. Professional Services Venafi. All Rights Reserved.

Cisco ISE Ports Reference

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3

McAfee Network Security Platform 8.3

Antivirus Solution Guide. NetApp Clustered Data ONTAP 8.2.1

Access Manager Appliance 4.3 Release Notes

Migrating vrealize Automation 6.2 to 7.2

McAfee Network Security Platform 9.1

Microsoft Exchange Server 2013 and 2016 Deployment

Network Security Platform 8.1

Transcription:

Please Read Before Updating Before installing any firmware version, be sure to make a backup of your configuration and read all release notes that apply to versions more recent than the one currently running on your system. Do not manually reboot your system at any time during an upgrade, unless otherwise instructed by Barracuda Networks Technical Support. The update process typically takes only a few minutes after the update is applied. If the process takes longer, please contact Barracuda Networks Technical Support for further assistance. Please make sure that the system has attack definition 1.45 if the system is being upgraded using the offline upgrade process. Fixes and Enhancements in 7.8 Security Feature: Barracuda IP reputation database (BBL) is now integrated with the Barracuda Web Application Firewall. [BNWF-13834] Feature: The extension "*.css" is added by default to the list of Excluded URL patterns under the website profiles. [BNWF-13661] Enhancement: New action policies have been added for DDoS policies using Captcha based protection.[bnwf-14655] Enhancement: Response body rewrite is now performed for the content-type "application/x-java-jnlp-file" too. [BNWF-14608] Enhancement: OWA 2010 is added to the list of default Security Policies. [BNWF-11698] Fix: Sensitive parameter names that needs to be masked can include colon (:) in it. [BNWF-14281] Fix: The sensitive parameters in the query string are cloaked when a request matches the rule group. [BNWF-14641] Fix: The encoded parameters in the URL are not decoded once the SSO Cookie Update Interval is triggered. [BNWF-14522] Fix: The follow up action in the action policy feature is now fixed to check for values in the x-forwardedfor headers. [BNWF-14255] Fix: SOAP1.2 requests are checked for attacks and blocked. [BNWF-14220] Fix: Secure browsing feature is now compatible with Safari and Firefox browsers running on Macintosh computers. [BNWF-14204] Fix: A reflexive XSS vulnerability in the URL ACL name field has been fixed. [BNWF-14151] Fix: An attack variant of an SQL injection attack that uses white space characters for obfuscation can be blocked through an addition of a new pattern called "SQL-Command-strict" to the SQL Strict pattern list. [BNWF-13371] Fix: All the configured Authorization policies in the Access Control > Authorization page are now visible to an administrator. [BNWF-13481] Fix: Cookie entries can include a # in the name. [BNWF-13479] Fix: Forceful browsing of /README URI is not allowed. [BNWF-12046] Fix: The SSLv3/TLS attack referred in CVE-2009-3555 has been addressed. [BNWF-4970] Fix: Response headers are suppressed/cloaked for all pre-defined security policies. [BNWF-4444] Fix: Pattern algorithm can now be configured for input types and attack types. [BNWF-889] Fix: OpenSSL has been upgraded to 1.0.1e. 1 / 5

Networking System Enhancement: The ACLs, routes for the management network are now synchronized as part of the configuration synchronization in a cluster. [BNWF-14453] Enhancement: Ability to have system IP address on a VLAN interface. [BNWF-5013] Fix: Source port range and destination report range options are disabled if the protocol selection is "All- Protocols" during ACL configuration. [BNWF-14203] Fix: The configuration file restore operation on a different system ensures proper import of static routes created under the management network group. [BNWF-14202] Fix: Multiple source NAT policies can be created if the source port value is different in each policy. [BNWF-14180] Fix: An issue where the interface routes were not persistent across reboots has been fixed. [BNWF-13846] Fix: The external syslog server communication is initiated through the required interface after checking the routing table. [BNWF-13600] Fix: With certain NAT or firewall devices, aggressive socket recycling could lead to dropped SYN requests due to differing timestamps sequences from the devices for multiple hosts behind them. The system now employs a safer alternative of reusing sockets that works well with remote NAT devices and doesn't reduce performance either. [BNWF-11488] Feature: Persistence method based on HTTP headers can be configured for server load balancing under the service configuration. [BNWF-14124] Feature: A certificate revocation list can be configured on the. [BNWF-13739] Feature: Ability to unblock clients that got blocked due to a follow up action configuration. [BNWF-13707] Feature: It is now possible to select the required cipher suites for SSL negotiation. [BNWF-13769] Feature: Multiple certificates can be associated to a single Service, using SNI. [BNWF-13678] Enhancement: Client IP address is logged in the System Logs when the verification of client certificate fails. [BNWF-14493] Enhancement: Report graphs are now displayed with all legends in High Chart layout. [BNWF-14364] Enhancement: Remote Support can now be enabled through console to override the disable option set in web UI. [BNWF-14574] Enhancement - The default access control login page for a service can be modified to include a descriptive text. [BNWF-13502] Enhancement: Widget to select HTTP Methods has been added to filter the logs (Web Firewall and Access Logs). [BNWF-1359] Fix - The appliances that are not connected to the internet for activation can now be activated offline. [BNWF-13873] Fix: Browsers cannot save the password for the authentication login page automatically. [BNWF-14362] Fix: Trusted hosts IP addresses are also checked while inserting values for client IP address if "Header for Client IP address" option is configured. [BNWF-14640] Fix: A service group cannot be deleted until all the Services within the group are deleted. [BNWF-14465] Fix: An issue where a TCP connection between the client and the was getting abruptly closed due to receiving a 401 response from the back-end server during NTLM authentication handshake has been fixed. [BNWF-13826] Fix: When authentication service is created to use LDAP over SSL, credentials are not cached thus allowing valid credentials to be used after a failed login attempt. [BNWF-13801] Fix: An issue which resulted in heart beat traffic with the wrong version being used after a firmware upgrade is now fixed. [BNWF-13730] Fix: It is now possible to configure a rewrite condition while configuring a request rewrite rule. [BNWF-13726] Fix: Template for URL ACLs now displays only the list of Service(s) that have URL ACLs configured in it. [BNWF-11432] Fix: Administrator can set the required ICMP response code while configuring Network ACLs. 2 / 5

[BNWF-12382] Fix: Passive mode FTP on Microsoft IIS FTP is supported. [BNWF-13298] Logging and Reporting Feature: Client IP addresses are included in system logs messages generated for renegotiation and handshake abortions. [BNWF-13781] Enhancement: Ability to change the font type while generating the reports in HTML or PDF format. [BNWF-12772] Fix: An issue while filtering the logs (Web Firewall/Access/Audit Logs) using Time as an additional filter has been fixed. [BNWF-13691] Fix: The virtual IP address is not duplicated in the database after the firmware upgrade. [BNWF-13778] Fix - Booting up issues on virtual machine instances installed on Citrix XEN Hypervisor have been fixed. [BNWF-14270] Fix: Server Time field in access logs was not displaying proper time in some cases. Fixed now. [BNWF-14410] Fix: In some cases, the cookie tampered logs were not logged due to the event manager process crashing. This issue has been fixed. {BNWF-14460] Fix: All necessary fields as prescribed by ArcSight SIEM are now added in the log format while configuring export log. [BNWF-13899] Fix: The log severity for the OCSP status check logs has been changed from error to Notice/Information. [BNWF-13841] Fix: In rare cases, the Web Firewall and Access Logs were not updated correctly. This issue has been fixed. [BNWF-13716] Fix: An issue that resulted in the configuration summary report for the URL profile and ACL getting generated as a blank report is now fixed. [BNWF-13660] Fix: Custom headers in the Access Logs display proper information. [BNWF-12987] Fix: Issue of logging random IP addresses when Header Name for Actual Client IP is specified and header has non-numeric value has been fixed. [BNWF-12979] User Interface Feature: IP lookup tool is now provided to check the IP categorization based on location. [BNWF-13740] Feature: Bulk edit option has been provided to edit file upload extensions. [BNWF-13659] Enhancement: Bulk edit option is available for ACLs, Static Routes, Interface Routes and Custom Virtual Interfaces. [BNWF-11621] Fix: The X509_subject macro is now handled correctly in request rewrite rules. [BNWF-14723] Fix - Local Host Map entries on the BASIC > IP Configuration page can now be bulk edited. [BNWF-13998] Fix: CPU Utilization graph on the BASIC > Status page displays accurate value for the time scale "Month". [BNWF-14344] Fix: When CSRF protection is enabled under the URL protection, a PCI report generation on the Barracuda Web Application Firewall will show CSRF protection as "fully satisfied". [BNWF-14052] Fix : An issue which prevented an admin from editing the "More action" link in the Japanese language UI is now fixed. [BNWF-13733] Fix: An issue which resulted in the security policies not getting shown in the UI after a join cluster operation has been fixed. [BNWF-13728] Fix: Syslog details contain login/logout activity of Guest user. [BNWF-12828] Fix: Preferences option is available to set the Parameter profiles to be displayed per page. [BNWF-12692] Fix: Trusted certificates getting deselected automatically while editing the Service has been fixed. [BNWF-11008] Management Enhancement: FTP Allowed Verbs list now includes MLSD and MLST commands. [BNWF-7302] Fix: An STM crash due to the brute force prevention feature is now fixed. [BNWF-14553] 3 / 5

Fix: In some instances, the website profiles page displayed the directory structure information incorrectly. This has been fixed. [BNWF-14478] Fix: It is now possible to backup configuration remotely using NTLMv2 authentication. [BNWF-14450] Fix: Ability to configure a custom admin role with permission to APPLY-FIX-FOR-ATTACKS which allows the user to apply policy violation fix rules in web firewall logs. [BNWF-14372] Fix: An issue where the SNMP agent on the would not respond to SNMP queries due to heavy system load has been fixed. [BNWF-14321] Fix: SMB share names with white space can now be added during remote backup configuration. [BNWF-14296] Fix: Having a password less than five (5) characters in SNMP Manager was preventing further configuration changes under the Administration tab. This issue has been fixed now. [BNWF-14188] Fix: It s possible to configure `--no-check-certificate' option while specifying the target URL for wget troubleshooting option. [BNWF-14059] Fix: An issue where client impersonation feature stopped working after a firmware upgrade is fixed. [BNWF-13820] High Availability Fix: Join Cluster operation does not remove Management routes on the secondary/backup device. [BNWF-14420] Fix: An issue where the services stopped working due to incorrect system gateway information during cluster synchronization tasks has been fixed. [BNWF-14359] Fix: Cookie persistency is applied during HA failover. [BNWF-13927] Fix: In some instances, the services were not getting failed over to the peer system in the HA. This is now fixed. [BNWF-13684] Fix: Service disruption after recovering from network partitioning in cluster where the failback mode was set to manual has been fixed. [BNWF-14776] 4 / 5

5 / 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback