Up2Date 9.300005 package description:
Remarks:
System will be rebooted
Configuration will be upgraded
Connected RED devices will perform firmware upgrade
Connected Wifi APs will perform firmware upgrade
News:
9.300 GA Release
.
Main Features:
Web Filter: Time Quotas
Web Filter: Policy Tagging
Web Filter: Selective HTTPS Filtering
SMTP/POP3 Proxy: Live AV Lookups in Sophos Antivirus
SMTP Proxy: SPX Self-Registration
SMTP Proxy: Support Attachments on Reply Portal
Network: Support for Multiple Bridges
Wifi: Various Hotspot Imporovements
Hardware: Support for new SG1xx series
.
Other Features:
Web Filter/SMTP Proxy: True File Type Detection
Application Control: IPv6 Support
ATP: Scan DNS Traffic going through UTM
Network: DHCPv6 Relay
Network: DHCP for VLAN Interfaces
Network: Allow VLAN and non-VLAN Interfaces on same Hardware
WAF: IP-based Access Control
WAF: Wildcard Extension
WAF: Username Prefix and Suffix
Support: Sophos Customer Support Secure Access to UTM
Bugfixes:
Fix [22468]: HTML5 iptables rule doesn’t match for IPSec-routed hosts
Fix [27257]: RED50 frequently reconnecting because configuring an Additional Address as UTM-Hostname is not supported
Fix [27588]: Unable to fetch POP3 accounts on iOS devices via POP3 Proxy
Fix [27750]: IPv6: Add support for DynDNS (Dyn & FreeDNS)
Fix [27905]: [BETA] log the mac addresses human readable with leading zeros in the packetfilter log
Fix [28056]: it’s not possible to view or download large log files in the webadmin because root partition is too small
Fix [28164]: OSPF and default route priority issues
Fix [28400]: Syslog not started after ipsbundle pattern installation
Fix [28842]: HA takeover if master reboots takes too much time
Fix [28966]: exceptions for Common Threat Filters do not work individually
Fix [29095]: [BETA] improve reporting filter naming for ATP
Fix [29412]: Wireless Security Manager Role can’t accept new AP’s
Fix [29963]: profile mode ‚monitor‘ does not work for Cookie signing
Fix [30008]: Problem with Remote IPsec access in case of ID type is ASN1 Distinguished Name and using static RAS IP
Fix [30254]: Import of non UTF-8 certificate breaks Webadmin access
Fix [30504]: Sometimes the sender_confd_profile is undefined in the profile object
Fix [30800]: [BETA] Some double byte characters aren’t filtered by DLP custom rule and AntiSpam Expressions filter.
Fix [30825]: IPv6: Add support for DHCPv6 ‚rapid commit‘
Fix [30851]: emailpki_generate_user fails if pkcs12 file contains a cert twice
Fix [31083]: Remote SSL VPN view is empty in printable configuration
Fix [31105]: DynDNS: Add support for interface strategy for FreeDNS
Fix [31116]: Performance and scalability improvements of HTTP proxy
Fix [31164]: [BETA] Routing domain wildcards aren’t working for SMTP profiles.
Fix [31337]: Too long hostname will break layout in dashboard
Fix [31340]: rsyncd not started after switching to master mode (slave node hangs in syncing state)
Fix [31373]: Form hardening exception match but doesn’t work
Fix [31387]: ad-sid-sync.pl is executed even if AD sync is disabled
Fix [31581]: Up2date pattern rpm’s fails to install if hostname contains ‚/‘ character.
Fix [31814]: nextgen-agent restarting permanently
Fix [31859]: Make http proxy handle uncompressed DNS responses
Fix [31992]: network range in network group shouldnt be allowed in allowed networks as per 21588
Fix [32012]: Postgres startup problem because pg_xlog files are missing
Fix [32034]: Full transparent AD SSO redirect URL request gets dropped by packetfilter
Fix [32079]: UMTS modem device hanging
Fix [32097]: High load after pattern installation [9.2]
Fix [32190]: Policy tester always returns „allowed“ if warn page is proceeded once
Fix [32237]: Release of IPsec Pool IPs not working
Fix [32286]: Sorting of APs in Webadmin
Fix [32391]: UTM interface doesn’t come up again after the speed changed from 4G to 3G
Fix [32433]: Not possible to delete VPN tunnel managed by SUM after use „cleanup object“
Fix [32537]: Guest login fails in transparent browser auth mode if „terms of use“ confirmation is required
Fix [32571]: [V9] Blocked HTTPS-Sites in Filter Action Mode ‚Blacklist‘ doesn’t match if Exception is matching on Categories
Fix [32588]: Can’t restore backup beacause of an undefined value
Fix [32602]: Web control policy not applying to endpoints
Fix [32604]: Special characters like umlauts didn’t work in passwords with reverse authentication for the WAF
Fix [32607]: Not possible to use virtual mac on lag interfaces
Fix [32683]: Can’t send a VPN Profile to the SMC if the Organization Name includes a umlaut
Fix [32690]: It’s not possible to use Subfolders for Remote Log File Archives over SMB on CIFS share
Fix [32696]: Hotspot: only one login possible per username for backend authentication hotspot
Fix [32703]: Multicast traffic problems after upgrading to SG430 and 9.204
Fix [32711]: Mail preview should display kyrilic or chinese chars too.
Fix [32713]: Console keyboard doesn’t work
Fix [32726]: Dashboard does not show Antivirus active protocols for HTTP/S
Fix [32794]: vpn-reporter.pl segfault in get_amazonvpc
Fix [32805]: NETDEV WATCHDOG: eth0 (tg3): transmit queue 0 timed out
Fix [32832]: Remote Syslog Server IPv6 support
Fix [32837]: vpn-reporter.pl segfaults, error 4 in libc-2.11.3.so
Fix [32851]: Device auth reports wrong client information
Fix [32852]: Any SSL traffic through HTTP proxy gets classified as „Sophos Portal“ if a „Sophos Portal“ AppCtrl rule exists
Fix [32870]: ad-sid-sync.pl fails to lookup trusted domains groups
Fix [32940]: SG550: Licensing does not work if module is relocated after installation
Fix [32950]: Configuring a whitelist in webfilter filter action appears in blacklist on UTM
Fix [32957]: winbindd died in kernel_vsyscall
Fix [32969]: Coredumps from reverseproxy after update to v9.206
Fix [32972]: IPS exception does not work for SID 18575
Fix [32980]: Remove RC4 from TLS ciphers in Exim
Fix [33019]: After upgrading to iOS 8 UTM does not recognize iOS anymore (Device-specific Authentication)
Fix [33095]: RED50 frequently reconnecting because configuring an Additional Address as UTM-Hostname is not supported [9.3]
Fix [33111]: Group matching incorrect if user belongs to static and backend groups
Fix [33277]: [9.2] Add support for passthrough NTLM connection
Fix [33307]: Not possible to change TLS certificate
Fix [33323]: Using @ in hostname results in corrupt /etc/syslog-ng.conf
Fix [33382]: Config changes in IPsec remote access sometime causing a drop of established connections
Fix [33429]: AP100: Unable to authenticate with an SSID using a PSK with a dollar character
Fix [33515]: SMTP Vulnerability in SSL v3.0
Fix [33613]: OS X HTTPS traffic identified as iOS
