Integrity 6.0 HFA5 Release Notes

Similar documents
Pulse Secure Desktop Client

The SSL device also supports the 64-bit Internet Explorer with new ActiveX loaders for Assessment, Abolishment, and the Access Client.

VMware Identity Manager Connector Installation and Configuration (Legacy Mode)

This Readme describes the NetIQ Access Manager 3.1 SP5 release.

Pulse Secure Desktop Client

Aventail README ASAP Platform version 8.0

Avigilon Control Center 5.0 Release Notes

Endpoint Security. Administrator Guide Version NGX 7.0 GA

Cisco NAC Appliance Agents

Novell Access Manager

McAfee Agent Interface Reference Guide. (McAfee epolicy Orchestrator Cloud)

Installing and Configuring vcloud Connector

Juniper Networks Secure Access Release Notes

BlackBerry Enterprise Server for IBM Lotus Domino Version: 5.0. Administration Guide

McAfee epolicy Orchestrator Release Notes

TechTalk: Implementing Citrix Receiver from Windows to iphone. Stacy Scott Architect, Worldwide Technical Readiness

Endpoint Security. Gateway Integration Guide R72

Platform Compatibility... 1 Known Issues... 1 Resolved Issues... 2 Deploying the SRA Virtual Appliance... 3 Related Technical Documentation...

Pulse Secure Desktop Client

Remote Support Security Provider Integration: RADIUS Server

NGFW Security Management Center

Release Notes. Release Purpose... 1 Platform Compatibility... 1 Upgrading Information... 1 Browser Support... 1 Known Issues... 2 Resolved Issues...

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Pulse Connect Secure. Network Connect and Windows Secure Access Manager (WSAM) Error Messages. Product Release 8.1

Sangfor adesk v5.1 Feature List

ZENworks Service Desk 8.0 Using ZENworks with ZENworks Service Desk. November 2018

VMware AirWatch Chrome OS Platform Guide Managing Chrome OS Devices with AirWatch

NGFW Security Management Center

SonicWALL strongly recommends you follow these steps before installing Global VPN Client (GVC) 4.0.0:

IMC Network Traffic Analyzer 7.2 (E0401P04) Copyright 2016 Hewlett Packard Enterprise Development LP

BIG-IP Access Policy Manager : Portal Access. Version 12.1

Remote Access Clients for Windows 32-bit/64-bit

Security Gateway Virtual Edition

Pulse Secure Desktop Client

Installation and Administration Guide

Release Notes. Dell SonicWALL SRA Release Notes

RSA Authentication Manager 8.1 Service Pack 1 Patch 12 Readme

McAfee Enterprise Security Manager

Release Notes for Cisco IronPort AsyncOS 7.7 for Security Management

McAfee Network Security Platform

Novell Access Manager

What Is Wireless Setup

McAfee Endpoint Security

Using ZENworks with Novell Service Desk

VMware AirWatch Chrome OS Platform Guide Managing Chrome OS Devices with AirWatch

Security Provider Integration RADIUS Server

Version Release Date: September 5, Release Client Version: Release Overview 7 Resolved Issues 8 Known Issues 8

Contents. Platform Compatibility. Directory Connector SonicWALL Directory Services Connector 3.1.7

SSL VPN Reinstallation

Identity Firewall. About the Identity Firewall

Installing and Configuring vcenter Support Assistant

Set Up Cisco ISE in a Distributed Environment

Network Security Platform 8.1

SonicWALL strongly recommends you follow these steps before installing Global VPN Client (GVC) 4.1.0:

Contents. Platform Compatibility. Directory Connector SonicWALL Directory Services Connector 3.1.7

Sophos Mobile Control Technical guide

NetConnect to GlobalProtect Migration Tech Note PAN-OS 4.1

Desktop App Release Notes

Desktop App Release Notes

Guest Access User Interface Reference

vcenter Server Appliance Configuration Modified on 17 APR 2018 VMware vsphere 6.7 VMware ESXi 6.7 vcenter Server 6.7

Configuring Cisco TelePresence Manager

FileCruiser. Administrator Portal Guide

vcenter Server Appliance Configuration Update 1 Modified on 04 OCT 2017 VMware vsphere 6.5 VMware ESXi 6.5 vcenter Server 6.5

VMware Identity Manager Administration

NGFW Security Management Center

Welcome to PDQ Inventory

Horizon Workspace Administrator's Guide

KACE Systems Deployment Appliance 5.0. Administrator Guide

Solution Integration Guide for Multimedia Communication Server 5100/WLAN/Blackberry Enterprise Server

Equitrac Embedded for Ricoh Basic. Setup Guide Equitrac Corporation

Colligo Manager for Outlook Release Notes. Release Notes

Setting Up Resources in VMware Identity Manager (On Premises) Modified on 30 AUG 2017 VMware AirWatch 9.1.1

Installing the Cisco Unified MeetingPlace Web Server Software

R&S Browser in the Box Release Notes

Avalanche Remote Control User Guide. Version 4.1

Online Documentation: To access the online documentation for this and other Novell products, and to get updates, see

Getting Started with Prime Network

Colligo Briefcase for Mac. Release Notes

Installation and Configuration Guide

IBM Single Sign On for Bluemix Version December Identity Bridge Configuration topics

Installing and Configuring vcloud Connector

Polycom RealPresence Resource Manager System, Virtual Edition

KYOCERA Net Admin Installation Guide

Juniper Networks Access Control Release Notes

AppSense DataNow. Release Notes (Version 4.1) Components in this Release. These release notes include:

Installation Procedure Windows NT with Netscape 4.x

Avigilon Control Center 6 Release Notes

McAfee Red and Greyscale

Getting Started with VMware View View 3.1

McAfee Network Security Platform 9.1

Junos Pulse Secure Access Service Release Notes

Microsoft Exchange Server 2007 Implementation and Maintenance

NGFW Security Management Center

Online Documentation: To access the online documentation for this and other Novell products, and to get updates, see

KACE Systems Deployment Appliance (K2000) 4.1. Administrator Guide

Avigilon Control Center 5.4 Release Notes

BCPro Installation Instructions Code No. LIT Software Release 3.0 Issued September 2017

McAfee Gateway Appliance Patch 7.5.3

Quick Start Access Manager 3.1 SP5 January 2013

Transcription:

HFA5 IMPORTANT Check Point recommends that customers stay up-to-date with the latest service packs, HFAs, and versions of security products, as they contain security enhancements and protections against new and changing attacks. Table of Contents Integrity 6.0 HFA5 Notes page 2 Integrity Client Issues Fixed: page 2 Integrity 6.5 HFA4 (February HFA) Notes page 3 Integrity Client Issues Fixed: page 3 Integrity 6.5 HFA3 (December HFA) Notes page 4 Integrity Client Issues Fixed: page 5 Integrity 6.5 HFA2 (October HFA) Notes page 6 Integrity Client Issues Fixed: page 7 Integrity 6.5 HFA1 Notes page 8 Integrity Client Issues Fixed: page 9 page 10 page 11 page 12 Integrity 6.0 HFA5 Notes In addition to the fixes below, we have released a troubleshooting utility that many customers requested which generates an uninstall password that works once for an end-user. For more details 2007 Check Point Software Technologies Ltd. All rights reserved.

see Uninstall Password Hash Utility in the Downloads site at http://www.checkpoint.com/downloads/index.html Integrity Client Issues Fixed: Added: Forced Reboot Dialog feature Added: Support for password hash utility Don't automatically connect to cm2.zonelabs.com High CPU and OS hang with IA and SMS 2003 Vsmon crash during the silent uninstallation Support for detecting Trend PC-Cillin 2006 Unnecessary desktop flashing on policy import Programs are not terminating when "Enforce by checksum" is checked Add HU100 key to uninstall password screen Memory leak ArchiveLogFile: zipopen error creating zip C:\WINNT\Internet Logs\tvDebug. In the past, when a non-administrator user logged into a machine after client installation, the client was not correctly licensed. Now, after rebooting the client machine, both admin and nonadmin users are fully licensed Various other ADA fixes Problem on Oracle during installation Policy is now added to cache upon being deployed "24 hours" item in client events Fix for Apache caching issue in non-english locales client_events table was not being purged Connection Leak on returnconnection Connection leak fix on DB2 2007 Check Point Software Technologies Ltd. All rights reserved. Page 2

Gateway Clustering fix iextranet.exe has IAS ip address default 2007 Check Point Software Technologies Ltd. All rights reserved. Page 3

Integrity 6.0 HFA4 (February HFA) Notes Integrity Client Issues Fixed: Client not authenticating with ldap parameters Policy export does not work with Japanese Client No proxy login, but cached Enterprise policy became active Error: Bad result from MSIUninstallService call. TrueVector Shutdown did not happen. IFlex 6.0.197.000 cannot get AV provider info for McAfee VirusScan 2006 AV fails to get turned with AV global settings present in a disconnected policy of a client package Bluescreen during installation 6.0.182 Integrity client User is prompted twice for Integrity Server address when using Nortel Personal Policy is active with Disconnected Policy which has setting "Enforce enterprise policies only" UTF16 Characters in Program Description causing problems in IS Paginate Program Manager to improve performance N o result returns if only one record in the program list (exit in K2E and Bentley NGX) 2007 Check Point Software Technologies Ltd. All rights reserved. Page 4

Integrity 6.0 HFA3 (December HFA) Notes Integrity Client Issues Fixed: Control-S shuts down the UI of Integrity Agent (not flex or desktop). Control-L shuts down the UI of Integrity Agent (not flex or desktop). IExtranet.exe is unable to identify the connection profile used on newer version of the Contivity client. Local login not sending up LDAP username in the correct format. Integrity Client attempts to contact Program Advisor servers too frequently when a connection is not available. SR_SERVICE crash occurs sporadically when using the SecureClient with Integrity Flex. Japanese shows garbled text in license section and extra characters on the title bar. APItest not blocking heartbeats as expected. Integrity Client not installing correctly when Google Desktop is present on the endpoint. Local attackers can escalation permissions to SYSTEM level (response to (http://www.idefense.com/application/poi/display?type=vulnerabilities) Policy export does not work with Japanese Client. Nortel clients are always returned status success by checkstatus call. When Using Remote Desktop, Client does not display program alerts. Problems with vsmon cause IAMDB.RDB corruption. In specific cases, Integrity Client failed to upgrade from 5.0.556.146. Abandoned transaction error during policy processing. LDAP proxy login requires full DN. Reference client works but attributes are not appearing properly in the Configuration section. 2007 Check Point Software Technologies Ltd. All rights reserved. Page 5

Novell LDAP User Id incorrectly parsed, resulting in incorrect policy deployment. Garbled characters in the Japanese readme as a result of a build issue. 2007 Check Point Software Technologies Ltd. All rights reserved. Page 6

Integrity 6.0 HFA2 (October HFA) Notes Integrity Client Issues Fixed: Long Custom messages are poorly handled by the client. Client is not authenticating properly with Novell LDAP parameters. FTP fails in specific instances with Flex/Agent unless any/any on any port is allowed. The link text in the French client overlaps with the Custom message. Program Alerts have incomplete text. Integrity Flex cannot handle large custom text messages that are supported by Integrity server. Integrity Client not processing PAC files for proxy servers correctly. Multiple policies active when switching connection modes when disconnected policies are assigned for VPN and LAN. When upgrading from 3.5 to 6.x Client, program settings that were set to an "ASK" status were set to "BLOCK" status. Integrity Flex 6.0.162 could not recognize Symantec DAT version for newest AV client. If a Gateway is assigned a policy package, the always triggered policy never becomes active. Raw.msi installer unable to perform silent install standalone or with GPO. Integrity Client.msi build will not install using Radia on machines when user is logged in with User rights. BSOD occurs occasionally with Integrity Agent 6.0.612 Japanese Integrity Client shows garbled text in license section and extra characters on title bar. BSOD with the program Content Manager. AV compliance rule set to observe in a disconnected policy still produces an enforcement pop-up. Policy export does not work with Japanese Client. Novell sso dll is sending the port number in the cuid even if port is the Default Port [389]. Program Advisor not providing security recommendations on programs. 2007 Check Point Software Technologies Ltd. All rights reserved. Page 7

2007 Check Point Software Technologies Ltd. All rights reserved. Page 8

Integrity 6.5 HFA1 Notes The following reported issues were fixed in the Integrity 6.5 HFA1. Integrity Client Issues Fixed: Installation of default Flex package fails with "Integrity Client Installer failed to properly install the application. (Error: 0)" Matching algorithm for proxy exception list incorrect and Integrity client gets incorrect policy when connecting thru Proxy Server Avtest.exe should be built with every client build and made available for QA testing Long filenames crash VSMON K2E_HFA02: The library name under Start->programs is "Check point" instaed of "Check Point + "Porduct name" Integrity Client fails to detect Trend OfficeScan 6.5 as running in enforcement scenarios. Integrity Client fails to sync with proper fault codes when sync fails for Active Directory based LDAP catalog. Vsmon crash seen in rare cases after initial reboot after automatic upgrade from HFA01. WebSense redirection pages fails when Integrity is loaded. Vsmon crash in rare cases while programs were accessing the network. Integrity Flex installation on a Win98SE machine running Trend Micro Internet Security 2004 fails. Client needs to send AV provider information in synchronize call. IClient fails to detect Office Scan 7.0 as Running when it's running. Secure Client crashes while performing an auto update using gateway connection to the server. DISPATCH_LEVEL problems cause vsmon crash. Grouped Rule of two or more Prohibit Rules shows incompliance alert, even when the client is compliant with this grouped rule. New client packages needs to include SecureClient. In rare cases VSMON crashes after restarting Integrity Flex. DNS server name not being resolved making connectivity to the Integrity Server impossible. CA etrust AV compliance cannot be detected. 2007 Check Point Software Technologies Ltd. All rights reserved. Page 9

The client running CA AV InoculateIT is out of compliance regardless of AV dat settings in the policy. The library "Zone Labs" (under Start -> Programs) is not removed post upgrade of ZAPro (5.5) to Integrity Flex Client. Vsmon crash of Integrity Flex after repeated policy imports. Incorrect compliance information reported by the client in the absence of a policy. Multiple Integrity Server connections result in multiple policies being active, causing a TrueVector crash. Wireless card crashes after several rapid connections and disconnections. If user shuts down Integrity Client while connected to Wireless Device using EAP, svchost crashes. BAD POOL CALLER created by long command lines, such as those run automatically by cygwin bash users. Sophos 5.0 not detected properly by enforcement rules. Client crash due to ACCESS_VIOLATION_vsutil!GetIpAdapterInfo. svchost crashed after Client becomes restricted. Svchost crashed when Integrity Client applies restricted rules. Wizard and Tutorial need to be removed from Integrity Desktop. HTTP Proxy setting prevents Heartbeat from working. Vsmon shutdown after deploying extremely large policy to the Client. Replay alerts won't display incompliance alert and Review Compliance alerts won't show up either. Apache proxycache grows without limits unless Apache is configured properly. Database error when filling Admin "Real Name" field full of ASCII characters Integrity Client Installer failed to properly install the application. (Error 126) Catalogs should hide their groups and sub-groups by default to improve initial loading times 2007 Check Point Software Technologies Ltd. All rights reserved. Page 10

Improper IP validation on event notifications page. PA exceptions seen in Server log. Package name field should not allow text input of more than 50 characters. Need jdbc driver download help text for linux installer. Unnecessary admin timeouts on /DEFAULT_SCHEMA/MS_ALERTS when using JDatastore DB. IP catalog does not show the policy assigned to the catalog; it shows the policy assigned to the parent. Help for Server Upgrade Pages links to wrong file. Advanced firewall rules IP destination names lost without explicit save. Enforcement Rule custom text area allows unlimited text entry. Custom Message text in policy studio is not limited to proper character count. Need to clarify jdbc install info in manual and help screens. Change text at top of 'edit client package' screen. Javascript error in program reports on programs containing quotation marks. Client package language selection info not present in Server install summary info panel. Cluster nodes do not recover properly from channel communication error Installer does not check for existence of K install/config files prior to doing an upgrade. Sorting some NT Domain catalogs into one group results in no users imported. Cannot import Organization that contains no groups. Cannot import if any policy package assigned to top level Entity. Login URL for join cluster install should not contain the default login and password. Domain Options panel should not be presented if admin chooses to migrate data from 5.x server. Database type should not be an option when migrating from 5.x server. Unexpected JDataStore Main Database growth. Client packager policy drop-down list truncates policy names to less than 56 characters (80 is maximum name length). Out of Memory error during concurrent client package deployments. 2007 Check Point Software Technologies Ltd. All rights reserved. Page 11

Empty policies cannot be imported. Able to synchronize overlapping catalogs. Max DB connections reached during 100,000 user performance tests in specific cases. Policy assigned to IP group that is part of another group takes effect only after restarting the client in specific configurations. Unified packager unable to install SecureClient.msi package. Gateway state machine does not recover from restriction properly. IP groups with the same host can be created successfully. The Host field in New Group accepts data in the wrong format. Errors are generated, when spaces are used in Custom Group names. AV Reference Client DAT Timestamp incorrectly displayed. Package cache flushing does not work in integrity, apache. Exceptions seen in communication with the Gateway on a Clustered server. Policy Assignment page becomes inaccessible after a few uses; Entity Manager does not return to appropriate page at times. Email and Password field lengths should be limited to 50 characters when creating/modifying administrators. User passwords are written in clear text when user specifies LDAP credentials vai Proxy Login. Radius Proxy Login not working correctly; no Default Policy activated, and username/password only prompted once. "Unterminated string constant" error seen when viewing the Program Details report in certain instances. UpgraderForm throwing serialization exceptions. Doing an Entity search in a Integrity cluster results in java.io.notserializableexception error in some cases. Entity Manager truncates 80-character policy name. Unterminated String Constant error when viewing Client Events report in some cases. Catalog Event notification absent on synchronization status (success/fail/sync time changed...). Integrity Server version on 'About' page differs from version in tech support / system properties page. 2007 Check Point Software Technologies Ltd. All rights reserved. Page 12

Logging needs to move from system into integrity.log. Preceding spaces in Address Range in IP catalog are not truncated after saving. Creating IP catalog using Subnet Mask causes an error "An error occurred while checking ip group {0}." Integrity Server on Linux failed to create SIC with InterSpect. Assigned Policy column is empty when viewing custom groups. Processing slowdown with 50,000 client connections when sending log data to SmartCenter. Terminate program settings not always working correctly with Reference Sources. After disabling wireless card client continues sync attempts to IAS IServer loses gateway sessions if gateway reboots (IServer/InterSpect goes down and then up again). Integrity server is not processing RADIUS packets from Safe@Office properly. InterSpect not establishing connection properly after shutdown. Constant logged in and logged out messages on Integrity Agent and wireless connection enabled/disabled. Info of AV Provider is not displayed after server upgrade. 2007 Check Point Software Technologies Ltd. All rights reserved. Page 13

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback