GB-OS FIREWALL SOFTWARE
VERSION 5.2.0
RELEASE NOTES
Author: Global Technology Associates, Inc.
Product: GB-OS version 5.2.0
Date: 17 February 2009
-------------------------------------------------------------------------
GB-OS version 5.2.0 includes updated versions of the following GTA
products and utilities:
GB-OS 5.2.0
Release notes are located on the installation CD and on GTA's Web site.
For more about upgrading related software, see individual product
release notes.
-------------------------------------------------------------------------
CONTENTS
Release Notes sections are categorized first by feature addressed, then
by the type of change.
1. INSTALL NOTES
2. SYSTEM
3. NETWORK
4. ACTIVITY
5. SERVICES
6. THREAT MANAGEMENT
7. OPERATING SYSTEM
8. RELEASE NOTES HISTORY
-------------------------------------------------------------------------
1. INSTALL NOTES
1.1 Entering New Activation Codes
If upgrading from 5.1.x or below, new activation codes must be
entered. GB-OS version 5.2.0 is available at no charge to
customers with a GTA support contract or annual maintenance
agreement. Other users should contact their local Authorized GTA
Channel Partner or email sales@gta.com for information and pricing
of upgrade options.
1.2 Upgrade Notes
1.2.1 Re-sizing Slices and Runtime Upgrades
In order to support the new features in GB-OS 5.2, some
firewalls may require partition re-sizing during the upgrade
process. Upon re-sizing, both runtime slices will have GB-OS 5.2,
and firewall administrators WILL NOT be able to revert to
previous runtimes via the Console or Web interface.
GTA strongly recommends backing up current firewall
configurations PRIOR to upgrading.
Firewalls requiring re-sized partitions will take approximately
5-8 minutes to reboot and fully update once the runtime has
been applied. DO NOT switch off or reboot the firewall during
this process.
1.2.2 Error Messages Upon Initial Reboot
Upon rebooting after successful installation, the GTA
Firewall UTM Appliance may display errors when accessed
using the Web interface. This is expected, these errors are
generated because the browser's cache is trying to access
files and locations that no longer apply. Click OK to any
displayed errors and refresh the browser window to access
GB-OS 5.2.0. If the error messages persist, clear your
browser's cache.
1.3 SSL Certificate Replacement
GB-OS version 5.2.0 will install a new default security/SSL
certificate. Some browsers, including Netscape and Mozilla,
will not recognize the new certificate if the original has
never been replaced. If you are unable to log on to the
firewall after upgrading, delete the browser's cached security
certificate, then close and restart your browser before
reattempting remote access to your firewall.
1.4 Mail Sentinel Anti-Virus
Since the release of GB-OS version 5.1.2, Mail Sentinel Anti-Virus is
no longer available as a separate subscription option. Mail Sentinel
Anti-Virus is included as a standard feature with valid support
contracts.
2. SYSTEM
2.1 New Features
2.1.1 Added support for SIP (Session Initiation Protocol).
GBOS5200002161
2.2 Modifications
2.2.1 Updated IPS engine.
GBOS5200007561, GBOS520010076
2.2.2 Upgraded DHCP server.
GBOS5200009241
2.2.3 Added SIP (Session Initiation Protocol), iSCSI (Internet Small
Computer Systems Interface), iSNS (Internet Storage Name
Service), and RFE (Radio Free Ethernet) to the service object
list.
GBOS5200009421, GBOS5200010226, GBOS5200010221
2.2.4 5.2.x XML schema created and published.
GBOS5200009271
2.2.5 Updated Mailshell library.
GBOS5200010426
2.3 Bug Fixes
2.3.1 Bridged interfaces now remain configured when saving Interface
sections in Console mode.
GBOS5200005074
2.3.2 Flash partitions are automatically resized for larger runtime
slices.
GBOS5200009756
2.3.3 Firewall now properly tests for IP spoofs when generating
ICMP TTL exceeded messages.
GBOS5200009706
2.3.4 Firewall remains operational when using mail proxy with slow
mail servers.
GBOS5200009766
2.3.5 Users are properly expired when client is disconnected.
GBOS5200010466
3. NETWORK
3.1 New Features
3.1.1 Added feature enabling VPN failover on GTA firewalls.
GBOS5200003157
3.1.2 Added support for Link Aggregation.
GBOS5200003637
3.1.3 DNS names and address objects are now supported in remote
VPN gateway.
GBOS5200003564
3.1.4 Added the ability to configure bridge75d VLAN interfaces.
GBOS5200004532
3.1.5 Traffic shaping is now supported for VPN policies.
GBOS5200002295
3.1.6 Added the ability to set specified networks exempt from
lockout.
GBOS5200010156
3.2 Modifications
3.2.1 Updated VPN Wizard to no longer allow configuration of local
networks for dynamic and mobile VPNs.
GBOS5200004042
3.2.2 Added limit for Maximum ICMP Packet Size with a range of
84 to 65,536.
GBOS5200007121
3.3 Bug Fixes
3.3.1 Connections no longer fail when traffic shaping object is
not found.
GBOS5200006071
3.3.2 Inbound traffic is no longer double NATed if interface is
bridged.
GBOS5200009136
3.3.3 The Interfaces Tool now assigns up/down statuses based upon NIC.
GBOS5200010296
3.3.4 Connections properly idle out.
GBOS5200009246
3.3.5 Old connections no longer remain active with gateway failover.
GBOS5200003906
4. ACTIVITY
4.1 Enhancements
4.1.1 Added email, SNMP and SMS messaging notifications for
VPN status.
GBOS5200008156
4.1.2 Added log messages for FTP sessions.
GBOS5200005221
4.1.3 Added log messages for invalid reset packets.
GBOS5200010031
4.1.4 Localized text for configuration report.
GBOS5200010126
4.2 Modifications
4.2.1 Default threshold for emailing alarms has been increased to
50 in two minutes.
GBOS5200008986
4.3 Bug Fixes
4.3.1 Limits for maximum simultaneous email connections are enforced.
GBOS5200009826
4.3.2 Log option is now properly displayed for bridged protocols.
GBOS5200009866
4.3.3 Policy blocks properly generate one SNMP trap notification
per occurrence.
GBOS5200009741
5. SERVICES
5.1 Modifications
5.1.1 High Availability interfaces now display both physical and
virtual IP addresses on the system overview and network settings
pages.
GBOS5200008821
5.1.2 Updated enterprise specific SNMP MIBs
GBOS5200009711
5.1.3 GTA SSOAuth service object added to service groups.
GBOS5200007856
5.2 Bug Fixes
5.2.1 High Availability is no longer restarted when acquiring IP
addresses with DHCP enabled on a VLAN interface.
GBOS5200008711
5.2.2 Security policies requiring authentication properly work with
embedded groups.
GBOS5200010051
6. THREAT MANAGEMENT
6.1 Enhancements
6.1.1 Improved Mail Sentinel statistics entries.
GBOS5200009166
6.1.2 Time groups can now be configured in one minute intervals.
GBOS5200009646
6.2 Bug Fixes
6.2.1 Surf Sentinel now properly handles multiple policies referencing
the same address object.
GBOS5200009266
6.2.2 Mail Sentinel policy summary no longer displays MAPS object
when the object is not enabled.
GBOS5200008116
6.2.3 Grey listing option no longer requires that Mail Sentinel
Anti-Spam categorization is enabled.
GBOS5200009846
6.2.4 Mail Sentinel and Surf Sentinel now recover automatically upon
updating DNS.
GBOS5200009411
7. OPERATING SYSTEM
7.1 Enhancements
7.1.1 Added the ability to auto-refresh applicable pages in Web
interface.
GBOS5200006871
7.1.2 Status of runtime installation is shown and displayed across
browsers and operating systems.
GBOS5200007971, GBOS5200008621
7.1.3 Added the ability to dynamically add and delete configuration
rows in applicable sections.
GBOS5200007701
7.1.4 Added disk purge advanced option in the user interface.
GBOS5200007021
7.1.5 Product and feature license details are now displayed under
Contracts on the main firewall summary screen.
GBOS5200006866
7.1.6 Improved display of configuration reports.
GBOS5200006791
7.1.7 Basic Setup Wizard now configures the "Primary Domain Name"
from the host name.
GBOS5200009746
7.1.8 The Network Settings screen now displays PPP connection type.
GBOS5200010241
7.1.9 The status of NIC carrier is now displayed in the Advanced
section of the Network Settings screen.
GBOS5200010246
7.2 Modfications
7.2.1 User configured gateway names are now displayed under network
connections.
GBOS5200006711
7.2.2 The system overview page now dynamically updates.
GBOS5200005172
7.2.3 Improved system configuration verification.
GBOS5200005272, GBOS5200005666, GBOS5200007031, GBOS5200007171,
GBOS5200007381, GBOS5200007466, GBOS5200008686, GBOS5200008791,
GBOS5200009216, GBOS5200009296, GBOS5200009916, GBOS5200009956.
GBOS5200010231, GBOS5200003692, GBOS5200010216, GBOS5200008026,
GBOS5200009451
7.2.4 Improved display in Safari Web browser.
GBOS5200005213
7.2.5 Audit Events now display with color-coded priorities.
GBOS5200006026
7.2.6 Dsbl.org has been removed from the available server list.
GBOS5200008241
7.2.7 Lockout duration is now configurable by minutes and seconds.
GBOS5200002559
7.2.8 Updated hints throughout the web interface.
GBOS5200009291, GBOS5200009926
7.2.9 Enabled/Disabled terminology changed to Up/Down in the
Tools>Interfaces section.
GBOS5200009681
7.2.10 Bandwidth data is now properly displayed for GB-Ware Console
Network Statistics.
GBOS5200004507
7.3 Bug Fixes
7.3.1 Tooltips now properly display.
GBOS5200005199
7.3.2 Status of VLAN interfaces is properly displayed.
GBOS5200010236
7.3.3 Copy function no longer resets changes made to an entry.
GBOS5200010206
8. RELEASE NOTES HISTORY
8.1 Previous Release Notes
These notes cover the 5.2.0 release of GB-OS. Release notes for
previous versions can be found at GTA's Web site, http://www.gta.com.
-------------------------------------------------------------------------
Global Technology Associates, Inc.
3505 Lake Lynda Drive, Suite 109
Orlando, Florida 32817
www.gta.com
407.380.0220
|
