Unified Threat Management - Support | GTA, Inc.

		                         

                        GB-OS FIREWALL SOFTWARE
                            VERSION 5.4.0
                            RELEASE NOTES

Author:     Global Technology Associates, Inc.
Product:    GB-OS version 5.4.0
Date:       25 October 2010

-------------------------------------------------------------------------
GB-OS version 5.4.0 includes updated versions of the following GTA
products and utilities:

    GB-OS                       5.4.0

Release notes are located on the installation CD and on GTA's Web site.

For more about upgrading related software, see individual product
release notes.

-------------------------------------------------------------------------
CONTENTS
Release Notes sections are categorized first by feature addressed, then
by the type of change.

1.  INSTALL NOTES

2.  SYSTEM

3.  NETWORK

4.  SERVICES

5.  THREAT MANAGEMENT

6.  WEB INTERFACE

7.  RELEASE NOTES HISTORY

-------------------------------------------------------------------------

1.  INSTALL NOTES

    1.1 Entering New Activation Codes
    
        If upgrading from 5.3.x or below, new activation codes must be
        entered. GB-OS version 5.4.0 is available at no charge to
        customers with a GTA support contract or annual maintenance
        agreement. Other users should contact their local Authorized GTA 
        Channel Partner or email sales@gta.com for information and pricing 
        of upgrade options.

        
    1.2 Upgrade Notes   
        
        1.2.1 Upgrading to GB-OS 5.4
        
              Firewalls must be on GB-OS version 5.2.0 or higher to properly
              upgrade to GB-OS 5.4. See the Upgrade Guide for more information.
              
              
        1.2.2 GB-250 Rev B Upgrade to GB-OS 5.4 
        
              GB-250 Rev B firewalls should be on runtime slice 2 when upgrading
              to version 5.4.

              The firewall's current runtime slice is displayed on the 
              firewall's System>Overview screen. To view the current slice, log 
              into the firewall's web administration interface and navigate to 
              System>Overview. The runtime section will display the firewall's 
              current runtime slice.
              
              Additionaly, some GB-250 Rev B firewalls require a Bios Update 
              before updating to GB-OS 5.4.0. If the Bios version is not v0.99h 
              or higher,the Bios may need to be updated. 
              
              You can check the BIOS by:
          
                 1. Examining the hardware report for the Bios version:
             
                    BIOS: PC Engines ALIX.2 v0.99h tinyBIOS V1.4a (C)1997-2007
             
                 2. Connecting on the console interface and rebooting the 
                    firewall. The first line displayed should be BIOS revision. 
                
                    Example: PC Engines ALIX.2 v0.99h
              
               You can check if the firewall is a GB-250 Rev B by the following:
              
                 1. GB-250 Rev B firewalls have USB ports while GB-250 Rev A do
                    not have USB ports. 
              
                 2. GB-250 Rev B firewall serial numbers are:
                
                    Starting at S/N 65002101 and above 
                    Starting at S/N 65902101 and above

        
        1.2.3 Re-sizing Slices and Runtime Upgrades
              
              In order to support the new features in GB-OS 5.2.x and above, 
              some firewalls may require partition re-sizing during the 
              upgrade process. Upon re-sizing, both runtime slices will have 
              GB-OS 5.4.0, and firewall administrators WILL NOT be able to 
              revert to previous runtimes via the Console or Web interface.
              
              GTA strongly recommends backing up current firewall 
              configurations PRIOR to upgrading.

              Firewalls requiring re-sized partitions will take approximately 
              5-8 minutes to reboot and fully update once the runtime has 
              been applied. DO NOT switch off or reboot the firewall during 
              this process.

        
        1.2.4 Error Messages Upon Initial Reboot
    
              Upon rebooting after successful installation, the GTA
              Firewall UTM Appliance may display errors when accessed
              using the Web interface.  This is expected, these errors are
              generated because the browser's cache is trying to access
              files and locations that no longer apply. Click OK to any
              displayed errors and refresh the browser window to access
              GB-OS 5.4.0. If the error messages persist, clear your
              browser's cache.
              
            
    1.3 SSL Certificate Replacement

        GB-OS version 5.4.0 will install a new default security/SSL
        certificate. Some browsers, including Netscape and Mozilla,
        will not recognize the new certificate if the original has
        never been replaced. If you are unable to log on to the
        firewall after upgrading, delete the browser's cached security
        certificate, then close and restart your browser before
        reattempting remote access to your firewall.


2.  SYSTEM      
            
    2.1 New Features
    
        2.1.1   Added support for dual-core and multiple processor systems.
                GBOS5400014036
                
    2.2 Bug Fixes
        
        2.2.1   Peak Average Bandwidth Utilization is properly calculated.
                GBOS5400018011
                
        2.2.2   Connections remain operational with traffic shaping weight 
                set to 1.
                GBOS5400018081
                
        2.2.3   Connections are not flushed when DHCP rebinding fails and the 
                IP address does not change in init state.
                GBOS5400018096
    
3.  NETWORK 
                
    3.1 New Features
    
        3.1.1   Added configuration for specifying the default domain sent to
                the IPSec Mobile Client when using XAuth.
                GBOS5400016841
                
        3.1.2   Added PPTP and L2TP server support.
                GBOS5400015041, GBOS5400014171
                
        3.1.3   Added L2TP service object.
                GBOS5400017526
                
        3.1.4   All products have increased gateway policies to a maximum 
                of twenty (20).
                GBOS5400013171
                
        3.1.5   Added IPv6 type option for bridged protocols.
                GBOS5400017951
                
    3.2 Modifications
    
        3.2.1   Added option to not ping gateway for gateway failover policies.
                GBOS5400015101
                
        3.2.2   Improved VPN log messages.
                GBOS5400015456
                
    3.3 Bug Fixes
    
        3.3.1   Firewall properly assigns default routes with an alias in 
                non-High Availability configurations.
                GBOS5400016671
                
        3.3.2   PPPoE Interfaces properly reconnect after being physically down.
                GBOS5400017216
                
        3.3.3   Active connections are properly flushed when changing the 
                default gateway, only when changed via gateway failover.
                GBOS5400012681
                
        3.3.4   RIP interfaces are properly limited to the maximum allowed.
                GBOS5400018186
                
4.  SERVICES
    
    4.1 New Features
    
        4.1.1   Added dynamically generated IPSec Client configuritions for the
                Apple iPhone 3, iPhone 4.1 and iPad.
                GBOS5400015511
                
    4.2 Modifications
    
        4.2.1   SSL Browser Disclaimer modified to display as Notification.
                GBOS5400014071
                
        4.2.2   Improved log messages for SSL Client.
                GBOS5400016696
                
    4.3 Bug Fixes
    
        4.3.1   GBAuth users properly take a VPN license only after a VPN is 
                established.
                GBOS5400016411
        
5.  THREAT MANAGEMENT

    5.1 New Features
    
        5.1.1   Added option to filter or not filter HTTPS with Surf Sentinel.
                GBOS5400017361

6.  WEB INTERFACE 
    
    6.1 New Features
                
        6.1.1   Added reporting feature for administrative users with 
                historical and executive reports.
                GBOS5400010596 
                
        6.1.2   Added reporting statistics graph for Mail Sentinel.
                GBOS5400012796
                
        6.1.3   Added the ability to email automatic backups of configurations
                after Live mode saves containing modifications.
                GBOS5400003867
                
        6.1.4   Added ability to email historical statistics.
                GBOS5400011461
                
        6.1.5   Added the ability to download configuration and 
                activity reports.
                GBOS5400016536
                
        6.1.6   Added the ability to customize colors on historical graphs.
                GBOS5400016461
                
        6.1.7   Added new security policy preferences including connection 
                limiting and report options.
                GBOS5400018021
                
        6.1.8   Added port and protocol to the monitoring active connections 
                section.
                GBOS5400018171
      
    6.2 Modifications

        6.2.1   Size requirements have been added for sections which allow 
                logo uploads.  
                GBOS5400016721
                
        6.2.2   Historical statistics now display bandwidth use per interface.
                GBOS5400010591
                
        6.2.3   Improved system configuration verification.
                GBOS5400013911, GBOS5400015931, GBOS5400003424, GBOS5400011446
                
        6.2.4   When DHCP server is not enabled, the DHCP Leases screen now 
                displays "DHCP server not enabled".
                GBOS5400016881
                
        6.2.5   Active connections now have the ability to filter connections
                based upon connection type.
                GBOS5400012886
                
        6.2.6   Authentication type is now displayed for users. 
                GBOS5400017636
                
        6.2.7   Moved default route configuration from Interface>Settings to
                Routing>Static Routes.
                GBOS5400017826
                
        6.2.8   System Overview now displays IPSec, L2TP, and PPTP license use.
                GBOS5400017581
                
        6.2.9   Improved sorting of traffic shaping configuration section.
                GBOS5400018106
                
        6.2.10  Improved VLAN interface naming.
                GBOS5400018086
                
7.  RELEASE NOTES HISTORY

    7.1   Previous Release Notes
          These notes cover the 5.4.0 release of GB-OS. Release notes for 
          previous versions can be found at GTA's website, http://www.gta.com.

-------------------------------------------------------------------------
Global Technology Associates, Inc.
3505 Lake Lynda Drive, Suite 109
Orlando, Florida 32817
www.gta.com
407.380.0220 		



Copyright © 2014 Global Technology Associates, Inc. All rights reserved.

'GB-OS' and 'GB-Ware' are registered trademarks of Global Technology Associates, Incorporated.
'Global Technology Associates' and 'GTA' are service marks of Global Technology Associates, Incorporated.