Announcing release of Astaro Security Gateway Version 8
What's New? Highlights of Major New Things * Updated WebAdmin - New colors, fonts, and visuals make WebAdmin more easily readable with crisper overall presentation
* IPv6 - Support has been added for the next iteration of IP addressing throughout ASG
* New Kernel and Base System - Provides 64-bit support, massively increased hardware compatibility, and better performance
* Country Blocking - Deny communications to/from any combination of countries and/or regions
* Web Application Security - A new subscription has been added to our protection portfolio which protects your web servers from modern attacks, hackers, viruses and data theft
* Flash-Based Reporting - Reporting data can be displayed via animated charts which add strong visual representations to how the data is presented
* WebAdmin Rights & Roles - Let multiple administrators or auditors share duties by separating access permissions; for example giving someone the ability to work only with the Mail Quarantine
* Configuration Change Tracking - Aid compliance and accountability efforts by identifying what was changed by an administrator on a forensic level
* Printable Configuration - Save the contents of the entire system as an XML file to aid compliance efforts and record keeping
* New Online Help - Improved layout coupled with new feature set updates this reference to be faster and more useful in retrieving information on demand
* VPN Remote Access Reporting - Displays usage graphs for the various types of user connections, along with historical data for examining session information
* WebAdmin Menu Search - Instantly filter the menu to show sections of WebAdmin based on a search query box; great for locating an option or feature quickly
* Web Content Filter Override - Allow configured users and groups to bypass URL filtering block pages by providing credentials and entering a reason, all of which can be tracked using new override reports
The first Up2Date package for the new Astaro Security Gateway Version 8 is ready for distribution. Version 8 has enjoyed significant popularity in the past month, with thousands of new and existing customers experiencing V8's features and stability.
You will find 8.001 available for install via Up2Date on your installation. Mainly a bug fix release, this package will enhance the stability and operation of ASG V8, and addresses an issue with Unix time affecting certificates. Read on for the full details of this Up2Date.
This release fixes some bugs with how Web Application Security handles connections for protection of Outlook Web Access servers, optimizing that communication.
We have also adjusted the very popular Country Blocking to ensure traffic can flow to essential Astaro Internet resources (Eg. RED provisioning servers, global email scanning repositories etc.) so that your blocking choices won't interfere with ASG operations. In addition, some other bugs were addressed and some hardware glitches for our software users and their platforms of choice were solved.
Astaro RED (Remote Ethernet Device) is the easiest and most affordable way to secure your branch offices. You can centrally configure it via an Astaro Security Gateway located at your headquarter which automatically distributes the configuration to the Astaro RED appliance. By forwarding all traffic to the central Astaro Security Gateway, Astaro RED provides complete UTM security even for your smallest remote or home office. In contrast to standard security appliances Astaro RED not only provides stronger security but also slashes the total cost of ownership by 80% as there's no need for technical skill or ongoing maintenance at the remote site.
On addressing the Unix Time issue: ASG uses certificates for different purposes (such as for each user that is created) and CAs (certificate authorities) for signing the certificates mentioned before. When performing the initial setup, some CAs as well as the admin certificate are generated.
When passing a certain point in time the theoretical end-date for our certs and CAs is beyond 19 January 2038 which will cause trouble to the system as the end-date of a cert/CA must not be before the start-date.
Remarks: *System will be rebooted.
*Configuration will be updated.
*HTTP Proxy cache will deleted.
News: -This Up2Date should be applied before end of August 2010
- Added: HTML rewriting in Web Application Firewall.
- Fixed: Country based blocking can no longer block essential ASG functionality.
- Added exceptions for spam scanning servers, ACC, notification smarthost, NTP servers, and SNMP trap sinks.
Fixes: : UNIX Epoch ends in 9999 days, so certificates cannot last longer
 ASG does not use ESMTP for "Skip TLS negotiation hosts"
 WAF disabled in predefined reverse proxy profiles
 No successful boot with Perc H200
 Country Blocking blocks essential services
 GRUB fails to install properly on some HP servers
: Bridge interface gets unresponsive after change of IP addresses
: ASG 625a with versions 8 and 8.001 recognizing NIC order wrong
: Setting system time forward causes WebAdmin to get unresponsive for a while
New features in VMware vSphere 5.5 (2058665)
Wed, Oct 23rd 2013 3:42p John Willemse New features in VMware vSphere 5.5 (2058665)
VMware vSphere® 5.5 Release Notes Updated on: 14 OCT 2013
VMware vSphere 5.5 introduces many new features and enhancements to further extend the core capabilities in the vSphere platform.
This article provides a summary list of new features and capabilities in vSphere 5.5, including vSphere ESXi Hypervisor, VMware vSphere High Availability (vSphere HA), virtual machines, VMware vCenter Server, storage networking, and vSphere Big Data Exten [read] Keywords: notes
Microsoft Exchange 2013 SCL level configuration
Fri, Sep 20th 2013 2:02p John Willemse Exchange 2013 SCL level configuration
This was simple in Exchange 2013, now its a pain. SCL stands for Spam Confidence Level, with 9 being no doubt 100% a spammy email and 0 being 100% a valid email.
We have 4 SCL commands;
SCL delete threshold – we specify when we delete an email.
SCL reject threshold - we specify when we reject an email into the organization.
SCL quarantine threshold – we specify when we quarantine an email for inspection by an admin.
SCL Junk Emai [read] Keywords: admin
Firewall Sophos UTM 9.104017 Up2Date
Mon, Aug 19th 2013 2:22p John Willemse We just did an upgrade to Sophos UTM v.9.104017, Firmware Up2Date package.
Fixed: DNS server remote DoS vulnerability (CVE-2013-4854)
Fixed: Several issues with RED and Wifi stability
Fixed: Several issues with Web Protection reporting
Fixed: Several issues with IPv6 Prefix Delegation
Fixed: Missing entries in the Japanese Localization
Added: Button to reset UTM ID to be able to use Endpoint Protection on cloned machines
Changed: RED/VPN up/down notificati [read] Keywords: agent