Endpoint Security webrh 3.0 HFA 3 Release Notes 17 January 2012 Classification: [Protected]
2012 Check Point Software Technologies Ltd. All rights reserved. This product and related documentation are protected by copyright and distributed under licensing restricting their use, copying, distribution, and decompilation. No part of this product or related documentation may be reproduced in any form or by any means without prior written authorization of Check Point. While every precaution has been taken in the preparation of this book, Check Point assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice. RESTRICTED RIGHTS LEGEND: Use, duplication, or disclosure by the government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013 and FAR 52.227-19. TRADEMARKS: Refer to the Copyright page (http://www.checkpoint.com/copyright.html) for a list of our trademarks. Refer to the Third Party copyright notices (http://www.checkpoint.com/3rd_party_copyright.html) for a list of relevant copyrights and third-party licenses.
Important Information Latest Software We recommend that you install the most recent software release to stay up-to-date with the latest functional improvements, stability fixes, security enhancements and protection against new and evolving attacks. Latest Documentation The latest version of this document is at: http://supportcontent.checkpoint.com/documentation_download?id=13661 For additional technical information, visit the Check Point Support Center (http://supportcenter.checkpoint.com). Revision History Date Description 17 January 2012 First release of this document Feedback Check Point is engaged in a continuous effort to improve its documentation. Please help us by sending your comments (mailto:cp_techpub_feedback@checkpoint.com?subject=feedback on Endpoint Security webrh 3.0 HFA 3 Release Notes).
Contents Important Information... 3 Introduction... 5 What's New... 5 Related Documentation... 5 Upgrade Information... 5 Upgrading from Versions Earlier than 2.4... 5 System Requirements... 5 Required Permissions... 5 Server Requirements... 6 Endpoint Security webrh Server... 6 SQL Database Server... 6 Virtual Environment... 6 Database Replication... 6 Administrator and Helpdesk Staff Requirements... 6 Known Limitations... 7 Resolved Issues... 7
Introduction Introduction This release is a recommended update for Endpoint Security webrh. It contains new features and resolves issues. Please read this document carefully before installing Endpoint Security webrh 3.0 HFA 3. What's New Untrusted domains are now supported, including all search features. Advanced search feature for creating groups and users from the Active Directory. Support for key recovery for Endpoint Security webrh offline users (HFA 2). Active Directory Universal groups and all other group types and scopes are now supported. Related Documentation Endpoint Security webrh 3.0 HFA 3 Administration Guide Endpoint Security webrh 3.0 HFA 3 Installation Guide Endpoint Security webrh 3.0 HFA 1 Release Notes Upgrade Information This version of the Endpoint Security webrh framework is compatible with modules targeted at versions from 2.4 and later of the framework. For this reason, when upgrading the framework to version 3.0 or later, all modules which have been used with an earlier framework than 2.3 must also be upgraded to the most recent versions. Upgrading from Versions Earlier than 2.4 If you need to upgrade from versions earlier than 2.4, we recommend that you upgrade to 2.4 first and then upgrade to this version. System Requirements Required Permissions The user account used to install the Endpoint Security webrh SQL database must be member of a group with the right to create a database. By default the local system administrator account has this right. The user account used to install Endpoint Security webrh on the web server should have local administrative rights in order to access the database, install files, modify the registry and assign rights locally. A domain account for the ComPlus application must be dedicated to Endpoint Security webrh. Endpoint Security webrh Release Notes 3.0 HFA 3 5
System Requirements Server Requirements Endpoint Security webrh Server Microsoft Windows 2003 Servers SP 2 and up (32-bit, 64-bit and R2) with IIS 6 and the latest IIS security hot fixes installed Microsoft Windows 2008 Server (32-bit, 64-bit and R2) with IIS 7 and the following role services: ASP IIS 6 Metabase Compatibility ISAPI Extensions Note - We recommend that you remove as many server headers as possible from the IIS server configuration. An SSL certificate for IIS. For security reasons, we recommend that you run SSL 3.0 on the IIS server. SQL Database Server The following versions of Microsoft SQL Server: MS SQL 2005 Standard MS SQL 2005 Enterprise MS SQL 2005 Express MS SQL 2008 Server MS SQL 2008 Express We currently do not support Desktop, MSDE, or Developer editions. 20 MB of free disk space on the server Virtual Environment Endpoint Security webrh can be installed in VMware environments. Database Replication If the webrh database is going to be used for replication, please read this information. This information is relevant only if the databases set up for synchronization are going to be merged at each synchronization event. It is not relevant if the databases are going to be set up as master and slave and all changes are being made at master. When setting up database replication for Endpoint Security webrh, the master database must distribute identity ranges to the other databases to avoid collisions of identity values. The reason for this is that Endpoint Security webrh utilizes identity columns as primary keys on some tables in the database. When setting up identity ranges and scheduling database merges make sure that the ranges are large enough so that there is no chance that one database will run out of identity values between two merges with the master database. Administrator and Helpdesk Staff Requirements These are the requirements for Endpoint Security webrh users. Supported Internet browsers: Microsoft Internet Explorer 6 and higher Mozilla Firefox 2.0 or higher Google Chrome Dynamic tokens or fixed passwords for login authentication. Endpoint Security webrh Release Notes 3.0 HFA 3 6
Known Limitations Known Limitations ID Description 516425 For all non-english languages, the webrh Settings window contains English content. Resolved Issues ID Description 842039 The naming convention for webrh user and group names was more restrictive than Microsoft AD. This caused webrh to not accept some AD names. 628043 Failed import token was reported to syslog as a successfully added token. 842009 When webrh and a Security Server were installed on the same machine, users were unable to log in to webrh. Endpoint Security webrh Release Notes 3.0 HFA 3 7