Announcing release of Astaro Security Gateway Version 8
What's New? Highlights of Major New Things * Updated WebAdmin - New colors, fonts, and visuals make WebAdmin more easily readable with crisper overall presentation
* IPv6 - Support has been added for the next iteration of IP addressing throughout ASG
* New Kernel and Base System - Provides 64-bit support, massively increased hardware compatibility, and better performance
* Country Blocking - Deny communications to/from any combination of countries and/or regions
* Web Application Security - A new subscription has been added to our protection portfolio which protects your web servers from modern attacks, hackers, viruses and data theft
* Flash-Based Reporting - Reporting data can be displayed via animated charts which add strong visual representations to how the data is presented
* WebAdmin Rights & Roles - Let multiple administrators or auditors share duties by separating access permissions; for example giving someone the ability to work only with the Mail Quarantine
* Configuration Change Tracking - Aid compliance and accountability efforts by identifying what was changed by an administrator on a forensic level
* Printable Configuration - Save the contents of the entire system as an XML file to aid compliance efforts and record keeping
* New Online Help - Improved layout coupled with new feature set updates this reference to be faster and more useful in retrieving information on demand
* VPN Remote Access Reporting - Displays usage graphs for the various types of user connections, along with historical data for examining session information
* WebAdmin Menu Search - Instantly filter the menu to show sections of WebAdmin based on a search query box; great for locating an option or feature quickly
* Web Content Filter Override - Allow configured users and groups to bypass URL filtering block pages by providing credentials and entering a reason, all of which can be tracked using new override reports
The first Up2Date package for the new Astaro Security Gateway Version 8 is ready for distribution. Version 8 has enjoyed significant popularity in the past month, with thousands of new and existing customers experiencing V8's features and stability.
You will find 8.001 available for install via Up2Date on your installation. Mainly a bug fix release, this package will enhance the stability and operation of ASG V8, and addresses an issue with Unix time affecting certificates. Read on for the full details of this Up2Date.
This release fixes some bugs with how Web Application Security handles connections for protection of Outlook Web Access servers, optimizing that communication.
We have also adjusted the very popular Country Blocking to ensure traffic can flow to essential Astaro Internet resources (Eg. RED provisioning servers, global email scanning repositories etc.) so that your blocking choices won't interfere with ASG operations. In addition, some other bugs were addressed and some hardware glitches for our software users and their platforms of choice were solved.
Astaro RED (Remote Ethernet Device) is the easiest and most affordable way to secure your branch offices. You can centrally configure it via an Astaro Security Gateway located at your headquarter which automatically distributes the configuration to the Astaro RED appliance. By forwarding all traffic to the central Astaro Security Gateway, Astaro RED provides complete UTM security even for your smallest remote or home office. In contrast to standard security appliances Astaro RED not only provides stronger security but also slashes the total cost of ownership by 80% as there's no need for technical skill or ongoing maintenance at the remote site.
On addressing the Unix Time issue: ASG uses certificates for different purposes (such as for each user that is created) and CAs (certificate authorities) for signing the certificates mentioned before. When performing the initial setup, some CAs as well as the admin certificate are generated.
When passing a certain point in time the theoretical end-date for our certs and CAs is beyond 19 January 2038 which will cause trouble to the system as the end-date of a cert/CA must not be before the start-date.
Remarks: *System will be rebooted.
*Configuration will be updated.
*HTTP Proxy cache will deleted.
News: -This Up2Date should be applied before end of August 2010
- Added: HTML rewriting in Web Application Firewall.
- Fixed: Country based blocking can no longer block essential ASG functionality.
- Added exceptions for spam scanning servers, ACC, notification smarthost, NTP servers, and SNMP trap sinks.
Fixes: : UNIX Epoch ends in 9999 days, so certificates cannot last longer
 ASG does not use ESMTP for "Skip TLS negotiation hosts"
 WAF disabled in predefined reverse proxy profiles
 No successful boot with Perc H200
 Country Blocking blocks essential services
 GRUB fails to install properly on some HP servers
: Bridge interface gets unresponsive after change of IP addresses
: ASG 625a with versions 8 and 8.001 recognizing NIC order wrong
: Setting system time forward causes WebAdmin to get unresponsive for a while
Badkey runs with SPF (Sender Policy Framework) record
Wed, Oct 22nd 2014 1:05p John Willemse I know old information but just a reminder we are running this already as of Saturday 1st, July 2006.
SPF (Sender Policy Framework) is an e-mail protocol that fights return-path address forgery and makes it easier for ISPs to identify spoofed addresses. For this reason, e-mail newsletter publishers who have published an SPF record stand a better chance of their e-mail being delivered. Is it a cure-all for spam? By no means, but it is an important step in the attack on spam. E-mail publishers [read] Keywords: blogSphere
Wat zijn de voordelen van IPVanish ?
Fri, Oct 17th 2014 2:05p John Willemse Eén van de bekendste (en oudste) openbare VPN-diensten is IPVanish (https://www.ipvanish.com).
IPVanish laat meerdere gebruikers tegelijkertijd via hetzelfde IP-adres met internet verbinden.
Hierdoor is het ook voor overheidsdiensten niet meer te achterhalen wie wat gedaan heeft op internet. De kosten voor deze dienst bedragen 10 dollar per maand of 78 dollar per jaar (ongeveer 60 euro).
Betalen voor deze dienst is naast vele andere mogelijkheden ook met iDEAL mogelijk. En momenteel gr [read] Keywords: blogSphere
Sjoerd *12-10-1993 +10-04-2000
Sat, Oct 11th 2014 4:05p John Willemse 12-10-1993- 10-04-2000
De dag waarop ik elk jaar
aan je geboorte denk.
Je maakte mij mama
Wat een mooi geschenk.
Nu je er niet meer bent,
Jou verjaardag doet nu weer extra pijn
Toch ben ik dankbaar dat jij er was
en dat jij ons kindje mocht zijn
Mamma [read] Keywords: blogSphere
For Sjoerd our son. *12-10-1993 +10-04-2000
Fri, Oct 10th 2014 3:25p John Willemse *12-10-1993 +10-04-2000
In these days are answers hard to find, can't just leave these emotions behind. I wonder how it feels to be you, I wonder how it feels to know the truth.
If I could protect you from the start, I would put you deep in my heart. 'cause that's a place where you connot die, and all your tears will be dried.
Why must it be you while you're so small? While the world is so cruel and tall? You don't even have the chance to live [read] Keywords: blogSphere
Badkey migration to Google Apps
Wed, Oct 1st 2014 4:25p John Willemse During 16 February 2014 Badkey started Domino 9, now Badkey is running IBM Notes and Domino 9 64 bit.
We have to move to the next stage "Go to Google Apps".
I still have 2 mailboxes that I have to move to Google.
Yep 2 NSF files ,
What migration can I use ? Please e-mail me for a solution at: firstname.lastname@example.org
The Badkey Team
http://nl.linkedin.com/in/willemsej [read] Keywords: domino