GB-OS FIREWALL SOFTWARE
VERSION 5.2.1
RELEASE NOTES
Author: Global Technology Associates, Inc.
Product: GB-OS version 5.2.1
Date: 14 July 2009
-------------------------------------------------------------------------
GB-OS version 5.2.1 includes updated versions of the following GTA
products and utilities:
GB-OS 5.2.1
Release notes are located on the installation CD and on GTA's Web site.
For more about upgrading related software, see individual product
release notes.
-------------------------------------------------------------------------
CONTENTS
Release Notes sections are categorized first by feature addressed, then
by the type of change.
1. INSTALL NOTES
2. SYSTEM
3. NETWORK
4. ACTIVITY
5. SERVICES
6. THREAT MANAGEMENT
7. OPERATING SYSTEM
8. RELEASE NOTES HISTORY
-------------------------------------------------------------------------
1. INSTALL NOTES
1.1 Entering New Activation Codes
If upgrading from 5.1.x or below, new activation codes must be
entered. GB-OS version 5.2.1 is available at no charge to
customers with a GTA support contract or annual maintenance
agreement. Other users should contact their local Authorized GTA
Channel Partner or email sales@gta.com for information and pricing
of upgrade options.
1.2 Upgrade Notes
1.2.1 Re-sizing Slices and Runtime Upgrades
In order to support the new features in GB-OS 5.2 and above,
some firewalls may require partition re-sizing during the
upgrade process. Upon re-sizing, both runtime slices will have
GB-OS 5.2.1, and firewall administrators WILL NOT be able to
revert to previous runtimes via the Console or Web interface.
GTA strongly recommends backing up current firewall
configurations PRIOR to upgrading.
Firewalls requiring re-sized partitions will take approximately
5-8 minutes to reboot and fully update once the runtime has
been applied. DO NOT switch off or reboot the firewall during
this process.
1.2.2 Error Messages Upon Initial Reboot
Upon rebooting after successful installation, the GTA
Firewall UTM Appliance may display errors when accessed
using the Web interface. This is expected, these errors are
generated because the browser's cache is trying to access
files and locations that no longer apply. Click OK to any
displayed errors and refresh the browser window to access
GB-OS 5.2.0. If the error messages persist, clear your
browser's cache.
1.3 SSL Certificate Replacement
GB-OS version 5.2.1 will install a new default security/SSL
certificate. Some browsers, including Netscape and Mozilla,
will not recognize the new certificate if the original has
never been replaced. If you are unable to log on to the
firewall after upgrading, delete the browser's cached security
certificate, then close and restart your browser before
reattempting remote access to your firewall.
1.4 Mail Sentinel Anti-Virus
Since the release of GB-OS version 5.1.2, Mail Sentinel Anti-Virus is
no longer available as a separate subscription option. Mail Sentinel
Anti-Virus is included as a standard feature with valid support
contracts.
2. SYSTEM
2.1 Modifications
2.1.1 Updated XML configuration schema.
GBOS5210010891
2.1.2 Updated routing services.
GBOS5210011831
2.1.3 Packet throughput increased.
GBOS5210012531
2.2 Bug Fixes
2.2.1 Firewall properly displays new activation codes when available.
GBOS5210010741
2.2.2 Address object limits are properly enforced for 10 User GB-Ware.
GBOS5210010691
2.2.3 When changing firewall interfaces, filters referencing the
interface will be maintained without rebooting.
GBOS5210002659
2.2.4 When IPS is disabled and SYN cookies and IPS are enabled on
tunnels, hosts can now properly establish connections.
GBOS5210012091
2.2.5 Exchange server tunnels with SYN cookies enabled no longer
result in slow or dropped connections.
GBOS5210010711
3. NETWORK
3.1 Modifications
3.1.1 Turned off debug logging for SIP traffic.
GBOS5210010726
3.2 Bug Fixes
3.2.1 Mapping based upon service no longer fails for non TCP and
UDP protocols.
GBOS5210010731
3.2.2 Bytes sent and received are now correctly recorded for large,
single connection transfers.
GBOS5210010631
3.2.3 IPS Wizard settings are properly maintained when changes are
made to the IPS proxy.
GBOS5210008391
3.2.4 Static routes properly take priority over gateways.
GBOS5210008566
3.2.5 Saving of address objects and DNS no longer results in memory
leak for the DNS proxy.
GBOS5210011701
3.2.6 On-Enable option has been removed from the PPP connection type.
GBOS5210010991
3.2.7 Policy based routes are properly refreshed when changing sort
order of gateway policies.
GBOS5210010771
3.2.8 Using spaces in interface names no longer causes DNS proxy to
overload CPU.
GBOS5210012216
3.2.9 VPN Keep Alives properly bind to an High Availability interface
only when the service is enabled.
GBOS5210011551
3.2.10 Multiple Windows hosts can properly ping the same external host
simultaneously.
GBOS5210011596
3.2.11 When resetting packets, connections are properly closed based
on TCP wait time.
GBOS5210012511
4. ACTIVITY
4.1 Modifications
4.1.1 Audit events are now generated for purge activities.
GBOS5210010806
4.1.2 Improved format of originating email address for notifications,
as configured using the Basic Setup Wizard.
GBOS5210010936
4.1.3 Firewall no longer logs preservation of activation codes when
resetting test mode configuration.
GBOS5210011006
4.1.4 Updated system log messages.
GBOS5210004369
4.1.5 Improved configuration reports for RIP.
GBOS5210012466
4.1.6 Improved audit event log messages.
GBOS5210011106
4.2 Bug Fixes
4.2.1 Email addresses are properly validated before generating alarm
notifications.
GBOS5210010751
4.2.2 Firewall properly limits failure logging to every 15 minutes.
GBOS5210010516
4.2.3 Firewall properly reports and displays connection statistics.
GBOS5210010931, GBOS5210011131
4.2.4 System CPU no longer spikes when firewall reaches maximum number
of email connections.
GBOS5210010901
4.2.5 Bandwidth is properly displayed under Network Statistics.
GBOS5210010761
4.2.6 Editing entries and then using the Back button no longer result
in post data errors.
GBOS5210012341
5. SERVICES
5.1 Modifications
5.1.1 Support added for importing/exporting the GTA SSOAuth binding
interface in XML configuration.
GBOS5210011051
5.2 Bug Fixes
5.2.1 XML configuration data, sent from the Firewall Control Center,
is properly validated.
GBOS5210011626
5.2.2 OSPF properly functions when set for a single IP network.
GBOS5210012471
6. THREAT MANAGEMENT
6.1 Bug Fixes
6.1.1 Latency checks are only preformed if Surf Sentinel is licensed.
GBOS5210011556
6.1.2 Built-in Single Sign-On, LDAP, and RADIUS user groups are now
correctly matched when used in Surf Sentinel policies.
GBOS5210011771
7. OPERATING SYSTEM
7.1 Modfications
7.1.1 Improved system configuration verification.
GBOS5210010521, GBOS5210010801, GBOS5210010536, GBOS5210010941,
GBOS5210010911, GBOS5210011826
7.1.2 PPP configuration retry count is now dynamically displayed or
hidden, depending on PPP connection type.
GBOS5210010896
7.1.3 Items are now sorted to display enabled items above duplicate
disabled items.
GBOS5210010611
7.1.4 Improved system hints.
GBOS5210003575, GBOS521001206
7.1.5 Names are now allowed to begin with any utf8 character.
GBOS5210010916
7.1.6 Improved consistency of system error messaging.
GBOS5210010906
7.1.7 Improved Japanese localization.
GBOS5210012411
7.1.8 Overview memory usage is no longer truncated.
GBOS5210011571
7.2 Bug Fixes
7.2.1 Unsaved objects are properly displayed as available when
creating embedded objects.
GBOS5210010266
7.2.2 Firewall now properly searches for enabled objects before
referencing disabled duplicate objects.
GBOS5210010566, GBOS5210010571
7.2.3 Built-in objects no longer appear editable when copying.
GBOS5210010551
7.2.4 System Overview page properly loads all sections.
GBOS5210010851
7.2.5 Disabling of interfaces is properly enforced.
GBOS5210010786
7.2.6 Built-in groups are properly sorted in the group list.
GBOS5210011901
7.2.7 Ident policies are properly enabled and disabled when saving
policy preferences.
GBOS521001211
8. RELEASE NOTES HISTORY
8.1 Previous Release Notes
These notes cover the 5.2.1 release of GB-OS. Release notes for
previous versions can be found at GTA's Web site, http://www.gta.com.
-------------------------------------------------------------------------
Global Technology Associates, Inc.
3505 Lake Lynda Drive, Suite 109
Orlando, Florida 32817
www.gta.com
407.380.0220
|
