Announcing release of Astaro Security Gateway Version 8
What's New? Highlights of Major New Things * Updated WebAdmin - New colors, fonts, and visuals make WebAdmin more easily readable with crisper overall presentation
* IPv6 - Support has been added for the next iteration of IP addressing throughout ASG
* New Kernel and Base System - Provides 64-bit support, massively increased hardware compatibility, and better performance
* Country Blocking - Deny communications to/from any combination of countries and/or regions
* Web Application Security - A new subscription has been added to our protection portfolio which protects your web servers from modern attacks, hackers, viruses and data theft
* Flash-Based Reporting - Reporting data can be displayed via animated charts which add strong visual representations to how the data is presented
* WebAdmin Rights & Roles - Let multiple administrators or auditors share duties by separating access permissions; for example giving someone the ability to work only with the Mail Quarantine
* Configuration Change Tracking - Aid compliance and accountability efforts by identifying what was changed by an administrator on a forensic level
* Printable Configuration - Save the contents of the entire system as an XML file to aid compliance efforts and record keeping
* New Online Help - Improved layout coupled with new feature set updates this reference to be faster and more useful in retrieving information on demand
* VPN Remote Access Reporting - Displays usage graphs for the various types of user connections, along with historical data for examining session information
* WebAdmin Menu Search - Instantly filter the menu to show sections of WebAdmin based on a search query box; great for locating an option or feature quickly
* Web Content Filter Override - Allow configured users and groups to bypass URL filtering block pages by providing credentials and entering a reason, all of which can be tracked using new override reports
The first Up2Date package for the new Astaro Security Gateway Version 8 is ready for distribution. Version 8 has enjoyed significant popularity in the past month, with thousands of new and existing customers experiencing V8's features and stability.
You will find 8.001 available for install via Up2Date on your installation. Mainly a bug fix release, this package will enhance the stability and operation of ASG V8, and addresses an issue with Unix time affecting certificates. Read on for the full details of this Up2Date.
This release fixes some bugs with how Web Application Security handles connections for protection of Outlook Web Access servers, optimizing that communication.
We have also adjusted the very popular Country Blocking to ensure traffic can flow to essential Astaro Internet resources (Eg. RED provisioning servers, global email scanning repositories etc.) so that your blocking choices won't interfere with ASG operations. In addition, some other bugs were addressed and some hardware glitches for our software users and their platforms of choice were solved.
Astaro RED (Remote Ethernet Device) is the easiest and most affordable way to secure your branch offices. You can centrally configure it via an Astaro Security Gateway located at your headquarter which automatically distributes the configuration to the Astaro RED appliance. By forwarding all traffic to the central Astaro Security Gateway, Astaro RED provides complete UTM security even for your smallest remote or home office. In contrast to standard security appliances Astaro RED not only provides stronger security but also slashes the total cost of ownership by 80% as there's no need for technical skill or ongoing maintenance at the remote site.
On addressing the Unix Time issue: ASG uses certificates for different purposes (such as for each user that is created) and CAs (certificate authorities) for signing the certificates mentioned before. When performing the initial setup, some CAs as well as the admin certificate are generated.
When passing a certain point in time the theoretical end-date for our certs and CAs is beyond 19 January 2038 which will cause trouble to the system as the end-date of a cert/CA must not be before the start-date.
Remarks: *System will be rebooted.
*Configuration will be updated.
*HTTP Proxy cache will deleted.
News: -This Up2Date should be applied before end of August 2010
- Added: HTML rewriting in Web Application Firewall.
- Fixed: Country based blocking can no longer block essential ASG functionality.
- Added exceptions for spam scanning servers, ACC, notification smarthost, NTP servers, and SNMP trap sinks.
Fixes: [14688]: UNIX Epoch ends in 9999 days, so certificates cannot last longer
[14364] ASG does not use ESMTP for "Skip TLS negotiation hosts"
[14400] WAF disabled in predefined reverse proxy profiles
[14427] No successful boot with Perc H200
[14469] Country Blocking blocks essential services
[14519] GRUB fails to install properly on some HP servers
[14637]: Bridge interface gets unresponsive after change of IP addresses
[14735]: ASG 625a with versions 8 and 8.001 recognizing NIC order wrong
[14759]: Setting system time forward causes WebAdmin to get unresponsive for a while
ESXi 5.1.0 Build Number:1065491
Wed, May 8th 2013 3:42p John Willemse VMware 5.1 U1 Build 1065491
We just did an update on the OTAP cluster servers. 25 apr. 2013.
VMware ESXi 5.1 Update 1 Release Notes
http://www.vmware.com/support/vsphere5/doc/vsphere-esxi-51u1-release-notes.html
The Badkey Team [read] Keywords: notes
blogSphere
vmware
251
Running WSUS 3.0 SP2 Version: 3.2.7600.256
Wed, Mar 27th 2013 4:49p John Willemse We just installed the update and a fresh domain installation.
More @ Windows Server Update Services Home and Windows Server Update Services 3.0 SP2
Windows Server Update Services 3.0 Service Pack 2 (WSUS 3.0 SP2) delivers new features, including Windows Server 2008 support, integration with Server Manager in Windows Server 2008 R2, API enhancements, and software updates.
Microsoft Windows Server Update Services 3.0 SP1 (WSUS 3.0 SP1) enables information technology administrators to d [read] Keywords: administration
agent
blogSphere
bug
integration
microsoft
network
security
server
vista
wiki
167
CentOS alert CESA-2013:0630
Wed, Mar 20th 2013 5:28p John Willemse We just upgraded OTAP to Centos 6.4 Kernel 2.6.32-358.2.1.el6.x86_64
CentOS alert CESA-2013:0630 (kernel)
Date: Wed, 13 Mar 2013 11:49 URL:
http://lwn.net/Articles/542697/
CentOS Errata and Security Advisory 2013:0630 Important
URL: Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0630.html
CentOS 6 Releases
URL: http://www.centos.org
The Badkey Team [read] Keywords: blogSphere
centos
redhat
security
414
Usage statistics of Linux for websites. CentOS or Ubuntu ?
Wed, Mar 6th 2013 5:22p John Willemse Why? We use CentOS it is where we have the roots on starting the Linux OS.
We have started using Linux Sep 2004
Unix is used by 65% and Linux is used by 33% of all the websites.
CentOS is used on 30% and only 20% used by Ubuntu for Linux for websites.
What is CentOS's relationship with Red Hat®, Inc. or RHEL?
There is none, nada, zip, zero.
CentOS-x is NOT a Red Hat®, Inc. or Fedora™ Core affiliated product or project.
The CentOS Project is not affiliated with or supported by [read] Keywords: blogSphere
centos
desktop
enterprise
linux
oracle
red hat
redhat
security
server
wiki
ubuntu
275
Sophos UTM v.9.005016 Release Notes
Wed, Mar 6th 2013 2:42p John Willemse We just did an upgrade to Sophos UTM v.9.005016 GA, Firmware Up2Date package 9.005016
UTM 9.005-16 Release Notes
Sophos UTM v.9.005016 GA News
Support for RED50 appliances
Stability fixes for Web Filter
Stability fixes for Wireless APs
Bug fixes for Application Control
Updated timezone definitions
Remarks
System will be rebooted
Configuration will be upgraded
Connected Wifi APs will perform firmware upgrade
Connected RED devices will perform firmware upgrade
Bugfixes
21785 Transpa [read] Keywords: notes
application
blogSphere
bug
database
network
wifi
wireless
302
Astaro Security Gateway Web Application Firewall
Thu, Feb 21st 2013 3:25p John Willemse We just updated the config on Web Application Firewall.
Setting up a Public Web Server with Web Application Firewall. Astaro Security Gateway.
by Rob Pickering Revised on 2012 June 18.
I run an Astaro Security Gateway (ASG) from Sophos (now called Sophos Unified Threat Management (UTM)) for the bulk of my firewall needs at home. Sophos (and Astaro before them) did a nice thing in allowing Home Users to run the product for up to 50 internal IP addresses for free. You can download the hom [read] Keywords: application
blogSphere
interface
network
profile
security
server
sql
vmware
309
Update Rollup 6 for Exchange Server 2010 SP2. (12-02-2013)
Thu, Feb 14th 2013 5:06p John Willemse Today 02/12/2013 Microsoft released Rollup 6 for Exchange Server 2010 SP2
Source: The Exchange Team. 12 Feb 2013 2:49 PM
Update Rollup 6 for Exchange Server 2010 SP2:
This update contains a number of customer reported and internally found issues.
In particular we would like to specifically call out the following fixes which are included in this release:
Note: Some of the following KB articles may not be available at the time of publishing this post.
2489941 The "legacyExchangeDN" valu [read] Keywords: application
archive
blogSphere
email
exchange
exchange
microsoft
server
280
Microsoft Exchange 2010 SP2 RU5. (11-12-2012)
Thu, Feb 14th 2013 5:06p John Willemse Microsoft Exchange 2010 SP2 RU5 drops with 20 fixes, eye on Exchange 2013.
Details are here http://support.microsoft.com/?kbid=2785908
Bron: http://support.microsoft.com/?kbid=2785908
Microsoft Security Bulletin MS12-080 - Critical
Microsoft Security Bulletin MS12-080 - Critical: Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution (2784126)
Security bulletins: MS12-0808 Bulletin published: Tuesday, December 11, 2012.
KB articles: KB2785908
Het bestand kan [read] Keywords: blogSphere
exchange
exchange
microsoft
outlook
security
server
250
Microsoft Exchange 2010 SP2 Rollup 2. (20-04-2012)
Thu, Feb 14th 2013 4:22p John Willemse Also we will have a look at Exchange Server 2010
Microsoft Exchange Server 2010 SP2.
Source: Microsoft Exchange team blog
The Exchange Team. 16 Apr 2012 9:55 AM
Earlier today the Exchange CXP team released Update Rollup 2 for Exchange Server 2010 SP2 to the Download Center.
This update contains a number of customer-reported and internally found issues since the release of SP2 RU1. See KB2661854: Description of Update Rollup 2 for Exchange Server 2010 Service Pack 2 for more details.
[read] Keywords: notes
archive
blogSphere
exchange
exchange
microsoft
outlook
server
