McAfee Web Gateway

Similar documents
McAfee Data Loss Prevention Prevent

McAfee Network Security Platform

Package Contents. Wireless-G USB Network Adapter with SpeedBooster USB Cable Setup CD-ROM with User Guide (English only) Quick Installation

LINX MATRIX SWITCHERS FIRMWARE UPDATE INSTRUCTIONS FIRMWARE VERSION

Troubleshooting. Verify the Cisco Prime Collaboration Provisioning Installation (for Advanced or Standard Mode), page

Certificate Replacement. 21 AUG 2018 VMware Validated Design 4.3 VMware Validated Design for Management and Workload Consolidation 4.

the machine and check the components AC Power Cord Carrier Sheet/ Plastic Card Carrier Sheet DVD-ROM

Certificate Replacement. 21 AUG 2018 VMware Validated Design 4.3 VMware Validated Design for Software-Defined Data Center 4.3

Certificate Replacement. 26 SEP 2017 VMware Validated Design 4.1 VMware Validated Design for Management and Workload Consolidation 4.

VMware Horizon FLEX Administration Guide

Architecture and Data Flows Reference Guide

VMware Virtual Dedicated Graphics Accelerator (vdga) and DirectPath I/O GPU Device Certification Guide ESXi 6.5 GA Release Workbench 3.5.

McAfee Network Security Platform

Installation Guide for

Enterprise Digital Signage Create a New Sign

Active Fail-Open Kit Quick Start Guide

Rolling Back Remote Provisioning Changes. Dell Command Integration for System Center

Start Here. Quick Setup Guide. the machine and check the components DCP-9015CDW DCP-9020CDW

Architecture and Data Flows Reference Guide

Smart Output Field Installation for M-Series and L-Series Converter

High-performance Monitoring Software. User s Manual

Zenoss Core Installation Guide

All in One Kit. Quick Start Guide CONNECTING WITH OTHER DEVICES SDE-4003/ * 27. English-1

INSTALLING PRIVA GATEWAY FOR PRIVA CONNEXT

the machine and check the components Starter Ink Cartridges Basic User s Guide Product Safety Guide CD-ROM USB Interface Cable

In USA: To download other guides for this product, visit the Brother Solutions Center at solutions.brother.com/manuals and select your model.

Zenoss Resource Manager Installation Guide

the machine and check the components Black Yellow Cyan Magenta Starter Ink Cartridges Telephone Line Cord Adapter (Hong Kong only)

INTEGRATED WORKFLOW ART DIRECTOR

Error Numbers of the Standard Function Block

Control Center Installation Guide

To access your mailbox from inside your organization. For assistance, call:

License Manager Installation and Setup

Start Here. Quick Setup Guide DCP-8110DN DCP-8150DN DCP-8155DN. the machine and check the components

Start Here MFC-7360 / MFC-7470D /

Start Here. Quick Setup Guide DCP-7055 / DCP-7060D DCP-7065DN WARNING WARNING CAUTION CAUTION

Operational Verification. 26 SEP 2017 VMware Validated Design 4.1 VMware Validated Design for Software-Defined Data Center 4.1

Deployment of VMware NSX-T for Workload Domains. 19 MAR 2019 VMware Validated Design VMware NSX-T 2.4

TECHNICAL NOTE MANAGING JUNIPER SRX PCAP DATA. Displaying the PCAP Data Column

Before you can use the machine, read this Quick Setup Guide for the correct setup and installation.

LINX MATRIX SWITCHERS FIRMWARE UPDATE INSTRUCTIONS FIRMWARE VERSION

CS 241 Week 4 Tutorial Solutions

the machine and check the components Drum Unit and Toner Cartridge Assembly (pre-installed) AC Power Cord Installer CD-ROM Quick Setup Guide

the machine and check the components Introductory Ink Cartridges

McAfee Network Security Platform

the machine and check the components Introductory Ink Cartridges CD-ROM 1 Power Cord Telephone Line Cord

Start Here. Quick Setup Guide DCP-T300 DCP-T500W DCP-T700W WARNING CAUTION IMPORTANT NOTE WARNING

the machine and check the components Starter Ink Cartridges Basic User s Guide Product Safety Guide CD-ROM* Power Cord

McAfee Network Security Platform

Before you can use the machine, read this Quick Setup Guide for the correct setup and installation.

Certificate Replacement

Start Here. Remove all tape and lift display. Locate components

Zenoss Service Impact Installation and Upgrade Guide for Resource Manager 5.x and 6.x

VMware Horizon JMP Server Installation and Setup Guide. Modified on 06 SEP 2018 VMware Horizon 7 7.6

Lab 1 - Counter. Create a project. Add files to the project. Compile design files. Run simulation. Debug results

McAfee Network Security Platform

File Manager Quick Reference Guide. June Prepared for the Mayo Clinic Enterprise Kahua Deployment

Agilent G3314AA BioConfirm Software

Agilent Mass Hunter Software

McAfee Network Security Platform

User Manual. V1.0.1 Nov. 20, 2016

Zenoss Resource Manager Installation Guide

McAfee Network Security Platform

Installer reference guide

NOTES. Figure 1 illustrates typical hardware component connections required when using the JCM ICB Asset Ticket Generator software application.

Start Here. Quick Setup Guide MFC the machine and check the components. Note

McAfee Network Security Platform

vcloud Director Tenant Portal Guide vcloud Director 9.0

the machine and check the components Basic User s Guide Quick Setup Guide Telephone Line Cord

Simrad ES80. Software Release Note Introduction

Welch Allyn CardioPerfect Workstation Installation Guide

Migrating vrealize Automation to 7.3 or March 2018 vrealize Automation 7.3

Upgrading from vrealize Automation 7.1, 7.2 to 7.3 or 7.1, 7.2, 7.3 to March 2018 vrealize Automation 7.3

c360 Add-On Solutions

MPE/iX HP 3000 Series 99X. Software Startup Manual

Information regarding

McAfee Network Security Platform

Installer reference guide

Distance vector protocol

Polycom RealPresence Media Editor Quick Start

Installation Guide AT-VTP-800

CS 340, Fall 2016 Sep 29th Exam 1 Note: in all questions, the special symbol ɛ (epsilon) is used to indicate the empty string.

Upgrading from vrealize Automation 6.2 to 7.1

Upgrading from vrealize Automation to 7.3 or May 2018 vrealize Automation 7.3

vcloud Director Service Provider Admin Portal Guide vcloud Director 9.1

Start Here. Quick Setup Guide DCP-J4110DW WARNING CAUTION IMPORTANT NOTE WARNING

FASTEST METHOD TO FIND ALTERNATIVE RE-ROUTE

Agilent MassHunter Workstation Data Acquisition for 6400 Series Triple Quadrupole LC/MS Familiarization Guide

YOU ARE: AND THIS IS:

The Network Layer: Routing in the Internet. The Network Layer: Routing & Addressing Outline

Upgrading from vrealize Automation 7.1 or Later to June 2018 vrealize Automation 7.4

EasyMP Multi PC Projection Operation Guide

Start Here. Quick Setup Guide HL-5470DW(T) HL-6180DW(T) WARNING CAUTION WARNING. Note

COMPUTER EDUCATION TECHNIQUES, INC. (WEBLOGIC_SVR_ADM ) SA:

Zenoss Resource Manager Installation Guide

vcloud Director Tenant Portal Guide vcloud Director 9.1

Registering as a HPE Reseller. Quick Reference Guide for new Partners in Asia Pacific

style type="text/css".wpb_animate_when_almost_visible { opacity: 1; }/style

the machine and check the components AC Power Cord Quick Setup Guide User s Guide Accessory Order Form

Epson iprojection Operation Guide (Windows/Mac)

Transcription:

Relese Notes Revision C MAfee We Gtewy 7.6.2.11 Contents Aout this relese Enhnement Resolved issues Instlltion instrutions Known issues Additionl informtion Find produt doumenttion Aout this relese This doument ontins informtion out the urrent relese. We strongly reommend tht you red the entire doument. MAfee We Gtewy (We Gtewy) 7.6.2.11 is provided s min relese. It is mintenne version tht inludes n enhnement nd resolves issues present in previous versions. If you hve implemented onding onfigurtion, whih ws ville s n unsupported feture efore the relese of We Gtewy 7.5.2, remove ny settings of this onfigurtion efore upgrding to this new version. Otherwise you risk reting n unstle stte on the ppline. After the upgrde, you n gin implement network interfe onding s desried in the System onfigurtion hpter of the MAfee We Gtewy Produt Guide. 1

Enhnement This relese of the produt inludes the following enhnement. Alerts for privte key nd ertifite hndling Alerts hve een implemented tht pper fter instlling or upgrding We Gtewy if ny defult privte keys re in use on the ppline, s these must e repled with privte keys of your own to ensure we seurity. Alerts will pper with regrd to the following funtions on We Gtewy. Centrl Mngement luster Hrdwre Seurity Module SSL lient ontext settings Settings for loud single sign-on If n lert ppers, reple the privte key for the funtion tht the lert refers to. For instrutions on how to omplete the replement in eh se, see Additionl informtion t the end of this doument. Resolved issues The following issues were resolved in this relese of the produt. Bugzill referene numers re in prentheses. Network ommunition In onfigurtion tht hd n IPS sensor instlled etween two We Gtewy pplines, prtiulr IP pkets ould not e sent from one ppline to the other, s the IPS sensor dropped the pkets euse their TTL vlue ws zero. (1182727) When We Gtewy ws running s proxy in diret L2 trnsprent mode, proessing FTP trffi did not work properly for pssive onnetions. (1187573) We filtering Downloding file on We Gtewy ould not e ompleted, s performing nti-mlwre snning for the file with nti-mlwre heuristis enled led to timeout, whih ws due to indequte ommunition etween the ore nd nti-mlwre proesses. (1165648) When We Gtewy forwrded URL to Advned Thret Defense (ATD) for dditionl snning of we ojet, the URL ontined Polish hrter tht ws not enoded ording to the ASCII formt, whih used n ATD error. (1191542) Misellneous We Gtewy ws ffeted y the CVE-2016-9042 vulnerility, whih hd n impt on the NTP pkge used for time setting. After fix ws implemented, We Gtewy is not ffeted nymore. (1187620) Memory usge inresed on We Gtewy until the ore proess filed, whih ws due to memory lek tht ws triggered y the log nonymiztion feture. (1189264) 2

Instlltion instrutions The requirements for instlling this new produt version depend on the version tht you re urrently running. 7.3.x to 7.6.x You n upgrde to the new version immeditely. See Perform n upgrde. 7.0.x to 7.2.x Complete the following steps to upgrde: 1 Crete onfigurtion kup. Use the options provided under Trouleshooting Bkup/Restore on the user interfe to rete the kup. 2 Upgrde to the new version. See Perform n upgrde. The upgrde proess inludes mjor upgrde of the operting system. It tkes severl steps nd more time thn usul. If the upgrde proess fils or is interrupted, you n re-imge the ppline using n imge of the new version nd instll the onfigurtion kup. Alterntively, you n proeed s follows when upgrding from 7.2.x or n erlier 7.x version: 1 Crete onfigurtion kup. 2 Re-imge the ppline using n imge of the new version nd instll the onfigurtion kup. 6.8.x or 6.9.x You must re-imge the ppline using n imge of the new version. Downlod n imge of the new version from the downlod pge of the MAfee Content & Cloud Seurity Portl t https://ontentseurity.mfee.om/softwre_mwg7_downlod. For more informtion out re-imging, see the MAfee We GtewyInstlltion Guide. Perform n upgrde You n upgrde to the new version on the user interfe or from system onsole. Upgrde on the user interfe You n work with the options of the user interfe to perform the upgrde. 1 Selet Configurtion Applines. 2 On the pplines tree, selet the ppline you wnt to perform the upgrde on. The ppline toolr ppers on the upper right of the t. 3 Clik Updte Appline Softwre. The upgrde to the new version is performed. The upgrde proess lso logs you off from the user interfe. 4 Proeed in one of the following wys to omplete the instlltion. When upgrding from 7.3.x or ny lter version: 1 Wit until messge informs you tht the upgrde hs ompleted nd logon utton ppers. 2 Log on to the user interfe gin. 3

3 Selet Configurtion Applines, then selet your ppline. 4 On the ppline toolr, lik Reoot. When the restrt hs ompleted, logon utton ppers. You n now log on to the user interfe gin nd strt working with the new version. When upgrding from 7.2.x or ny erlier 7.x version: The ppline restrts utomtilly fter eh of the two upgrde phses tht re performed. When the seond restrt hs ompleted, logon utton ppers. You n now log on to the user interfe gin nd strt working with the new version. Upgrde from system onsole You n upgrde from lol system onsole or remotely using SSH. 1 Log on to the ppline you wnt to perform the upgrde on. 2 Run the following ommnds: yum upgrde yum yumonf\* yum upgrde The upgrde to the new version is performed. 4

3 Proeed in one of the following wys to omplete the instlltion: When upgrding from 7.3.x or ny lter version: Wit until messge informs you tht the upgrde hs ompleted, then run the following ommnd: reoot When the restrt hs ompleted, logon prompt ppers. You n now log on to the user interfe nd strt working with the new version. When upgrding from 7.2.x or ny erlier 7.x version: The ppline restrts utomtilly fter eh of the two upgrde phses tht re performed. If you re using lol system onsole: When the seond restrt hs ompleted, logon prompt ppers. You n now log on to the user interfe nd strt working with the new version. If you re using SSH: When the ppline restrts fter the first upgrde phse, you re disonneted nd the seond upgrde phse egins. After this phse hs ompleted, inluding the utomti restrt, you n log on to the user interfe nd strt working with the new version. The following ommnd lets you view messges out the upgrde progress: til -F /opt/mwg/log/updte/mlos2.upgrde.log When you see tht the upgrde hs ompleted, press Ctrl+C to stop the proess. You n now log on to the user interfe nd strt working with the new version. Known issues For known issues in this produt relese, see this Knowledge Center rtile: KB85705. Additionl informtion Alerts hve een implemented tht pper fter instlling or upgrding We Gtewy if ny defult privte keys re in use on the ppline, s these must e repled to ensure we seurity. If n lert ppers, reple the privte key for the funtion tht the lert refers to. To reple privte key you generte or import privte key of your own, whih n inlude generting or importing new ertifite, depending on the funtion tht the privte key is used for. For informtion out how to reple privte key in eh se, see the following susetions. For the privte key used in Centrl Mngement luster, see Import ertifite nd privte key for luster CA. For the privte keys used on Hrdwre Seurity Module, see Generte or import ertifites nd privte keys for server nd lient identifition. 5

For the privte key tht is speified s prt of the SSL lient ontext settings, whih n e the SSL Client Context with CA or the SSL Client Context without CA settings, see Generte or import ertifite nd privte key for the SSL lient ontext. For the privte key tht is speified s prt of the settings for loud single sign-on, see Generte nd import privte key for loud single sign-on. Import ertifite nd privte key for luster CA Import ertifite nd privte key for CA (Certifite Authority) to ensure seure ommunition in Centrl Mngement luster of We Gtewy pplines. 1 On the user interfe of We Gtewy, selet Configurtion Applines. 2 At the top of the onfigurtion pne, lik Cluster CA. 3 In the Cluster CA window tht opens, lik Chnge CA. 4 In the Import Certifite Authority for Cluster window omplete the following. Browse for ertifite, then rowse for privte key. The ertifite must e CA, not ertifite for ommunition etween lient nd server. It n e self-signed or issued y the CA of your orgniztion. Enter pssword for the privte key. Clik Import. A ertifite nd privte key for use in luster ommunition re imported to the We Gtewy ppline. 5 Clik Sve Chnges. Generte or import ertifites nd privte keys for server nd lient identifition To generte or import ertifites nd privte keys for server nd lient identifition, work with the options for Hrdwre Seurity Module system settings. 1 On the user interfe of We Gtewy, selet Configurtion Applines. 2 On the pplines tree, selet the ppline tht you wnt to generte or import ertifites nd privte keys on, then selet the Hrdwre Seurity Module system settings. 3 Generte or import ertifite nd privte key for server identifition. Under HSM Server mke sure tht Allow remote onnetions is enled nd lik Server Identifition. The options for Server Identifition pper. Clik Generte or Import next to Server Certifite, ording to how you wnt to otin the new ertifite nd privte key. In the Generte Server Certifite window, provide ll neessry informtion for ertifite, then lik OK. Alterntively, rowse to ertifite nd privte key in the Import Server Certifite window, then enter pssword there nd lik Import. A ertifite nd privte key for server identifition re generted or imported. 6

4 Generte or import ertifite nd privte key for lient identifition. Under HSM Client mke sure tht Use remote HSM server is enled nd lik Client Identifition. The options for Client Identifition pper. Clik Generte or Import next to Client Certifite, ording to how you wnt to otin the new ertifite nd privte key. In the Generte Client Certifite window, provide ll neessry informtion for ertifite, then lik OK. Alterntively, rowse to ertifite nd privte key in the Import Client Certifite window, then enter pssword there nd lik Import. A ertifite nd privte key for lient identifition re generted or imported. 5 Clik Sve Chnges. Generte or import ertifite nd privte key for the SSL lient ontext To generte or import ertifite nd privte key for the SSL lient ontext, work with the SSL Client Context with CA or the SSL Client Context without CA settings. 1 On the user interfe of We Gtewy, selet Poliy Settings. 2 On the settings tree, selet ny of the settings tht exist under SSL Client Context with CA or SSL Client Context without CA or dd new settings under one of them. 3 If you re deling with settings under SSL Client Context with CA, omplete the following susteps, otherwise ontinue with step 4. In the onfigurtion pne, lik Generte or Import next to Certifite Authority, ording to how you wnt to otin the new ertifite nd privte key. In the Generte Certifite Authority window, provide ll neessry informtion for ertifite, then lik OK. Import. Alterntively, rowse to ertifite nd privte key in the Import Certifite Authority window, then enter pssword there nd lik Import. A ertifite nd privte key for the SSL Client Context with CA settings re generted or imported. 4 If you re deling with settings under SSL Client Context without CA, omplete the following susteps, otherwise proeed immeditely to step 5. In the onfigurtion pne, lik the Add ion ove the Selet server ertifite y host or IP list. In the Add Host to Certifite Mpping window, lik Generte or Import next to Server ertifite, ording to how you wnt to otin the new ertifite nd privte key. In the Generte Server Certifite window, provide ll neessry informtion for ertifite, then lik OK. Alterntively, rowse to ertifite nd privte key in the Import Certifite Authority window, then enter pssword there nd lik Import. A ertifite nd privte key for the SSL Client Context without CA settings re generted or imported. 5 Clik Sve Chnges. 7

Generte nd import privte key for loud single sign-on Generte privte key for loud single sign-on on We Gtewy ppline using system onsole, then work with the Single Sign On settings to import it s the signture key for n SSO token. 1 Log on to We Gtewy ppline from lol system onsole or remotely using SSH. 2 Run the following ommnd to generte privte key: openssl genrs -out signturekey.pem 2048 3 Store the privte key on lotion within your file system. 4 On the user interfe of the We Gtewy ppline tht you wnt to import the privte key to, selet Poliy Settings. 5 On the settings tree, selet ny of the settings tht exist under Single Sign On or dd new settings. 6 Under Privte Key to Sign SSO Token in the onfigurtion pne, lik Import Key. 7 In the Import Key window tht opens omplete the following. Browse to the lotion within your file system where you stored the privte key tht you generted. Enter pssword for the privte key. Clik Import. A privte key for use s signture key in n SSO token is imported to the We Gtewy ppline. 8 Clik Sve Chnges. Find produt doumenttion On the ServiePortl, you n find informtion out relesed produt, inluding produt doumenttion, tehnil rtiles, nd more. 1 Go to the ServiePortl t https://support.mfee.om nd lik the Knowledge Center t. 2 In the Knowledge Bse pne under Content Soure, lik Produt Doumenttion. 3 Selet produt nd version, then lik Serh to disply list of douments. Produt doumenttion Every MAfee produt hs omprehensive set of doumenttion. For We Gtewy, this inludes the following: MAfee We Gtewy Produt Guide Desries the fetures nd pilities of We Gtewy, providing n overview of the produt, s well s detiled instrutions on how to onfigure nd mintin it MAfee We Gtewy Instlltion Guide Desries how to set up We Gtewy, s well s severl devies tht n e run with the produt 8

MAfee We Gtewy Referene Guide - Rule Sets Chnge Log Provides list of hnges to existing rule sets nd dditions of new rule sets for poliy onfigurtion on We Gtewy MAfee We Gtewy Tehnil Note - SSO Ctlog Provides list of the loud pplitions nd servies tht re supported y We Gtewy with preonfigured onnetors or onnetor templtes Copyright 2017 MAfee, LLC MAfee nd the MAfee logo re trdemrks or registered trdemrks of MAfee, LLC or its susidiries in the US nd other ountries. Other mrks nd rnds my e limed s the property of others. 0C00

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback