Unified Threat Management - Support | GTA, Inc.

		                         

                      GB-OS FIREWALL SOFTWARE
                            VERSION 6.0.1
                            RELEASE NOTES

Author:     Global Technology Associates, Inc.
Product:    GB-OS version 6.0.1
Date:       12 September 2011 

-------------------------------------------------------------------------
GB-OS version 6.0.1 includes updated versions of the following GTA
products and utilities:

    GB-OS                       6.0.1

Release notes are located on the installation CD and on GTA's Web site.

For more about upgrading related software, see individual product
release notes.

-------------------------------------------------------------------------
CONTENTS
Release Notes sections are categorized first by feature addressed, then
by the type of change.

1.  INSTALL NOTES

2.  SYSTEM

3.  SERVICES

4.  WEB INTERFACE

5.  RELEASE NOTES HISTORY

-------------------------------------------------------------------------

1.  INSTALL NOTES

    1.1 Entering New Activation Codes
    
        If upgrading from 5.4.x or below, new activation codes must be
        entered. GB-OS version 6.0.1 is available at no charge to customers 
        with a GTA support contract or annual maintenance agreement. 
        Other users should contact their local Authorized GTA Channel Partner 
        or email sales@gta.com for information and pricing of upgrade options.

        
    1.2 Upgrade Notes   
        
        1.2.1 Upgrading to GB-OS 6.0.x
        
              Firewalls must be on GB-OS version 5.2.0 or higher to properly
              upgrade to GB-OS 6.0.x. See the Upgrade Guide for more information.
              
              
        1.2.2 GB-250 Rev B Upgrade to GB-OS 6.0.x
        
              GB-250 Rev B firewalls on version GB-OS 5.2.x should be on runtime
              slice 2 when upgrading to version 6.0.x.

              The firewall's current runtime slice is displayed on the 
              firewall's System>Overview screen. To view the current slice, log 
              into the firewall's web administration interface and navigate to 
              System>Overview. The runtime section will display the firewall's 
              current runtime slice.
              
              Additionaly, some GB-250 Rev B firewalls require a Bios Update 
              before updating to GB-OS 6.0.x. If the Bios version is not v0.99h 
              or higher,the Bios may need to be updated. 
              
              You can check the BIOS by:
          
                 1. Examining the hardware report for the Bios version:
             
                    BIOS: PC Engines ALIX.2 v0.99h tinyBIOS V1.4a (C)1997-2007
             
                 2. Connecting on the console interface and rebooting the 
                    firewall. The first line displayed should be BIOS revision. 
                
                    Example: PC Engines ALIX.2 v0.99h
              
               You can check if the firewall is a GB-250 Rev B by the following:
              
                 1. GB-250 Rev B firewalls have USB ports while GB-250 Rev A do
                    not have USB ports. 
              
                 2. GB-250 Rev B firewall serial numbers are:
                
                    Starting at S/N 65002101 and above 
                    Starting at S/N 65902101 and above

        
        1.2.3 Re-sizing Slices and Runtime Upgrades
              
              In order to support the new features in GB-OS 5.2.x and above, 
              some firewalls may require partition re-sizing during the 
              upgrade process. Upon re-sizing, both runtime slices will have 
              GB-OS 6.0.1, and firewall administrators WILL NOT be able to 
              revert to previous runtimes via the Console or Web interface.
              
              GTA strongly recommends backing up current firewall 
              configurations PRIOR to upgrading.

              Firewalls requiring re-sized partitions will take approximately 
              5-8 minutes to reboot and fully update once the runtime has 
              been applied. DO NOT switch off or reboot the firewall during 
              this process.

        
        1.2.4 Error Messages Upon Initial Reboot
    
              Upon rebooting after successful installation, the GTA
              Firewall UTM Appliance may display errors when accessed
              using the Web interface.  This is expected, these errors are
              generated because the browser's cache is trying to access
              files and locations that no longer apply. Click OK to any
              displayed errors and refresh the browser window to access
              GB-OS 6.0.0. If the error messages persist, clear your
              browser's cache.
              
              
        1.2.5 Firewall Control Center No Longer Supported
        
              With the release of GB-OS 6.0, GTA's Firewall Control Center
              (FWCC) will no longer be supported and will be removed from the
              firewall interface for all products.
              
              
        1.2.6 IPSec Object Upgrade 
        
              When upgrading to GB-OS 5.4.2 and above, all firewalls using 
              SHA-2, with keys larger than 128, will need to be upgraded. 
              If unable to upgrade, firewalls must be switched to a compatible 
              algorithm
               
               
    1.3 SSL Certificate Replacement

        GB-OS version 6.0.1 will install a new default security/SSL
        certificate. Some browsers, including Netscape and Mozilla,
        will not recognize the new certificate if the original has
        never been replaced. If you are unable to log on to the
        firewall after upgrading, delete the browser's cached security
        certificate, then close and restart your browser before
        reattempting remote access to your firewall.


2.  SYSTEM                  
        
    2.1 Bug Fixes
    
        2.1.1   DHCP information is properly retained upon upgrading from 
                GB-OS 5.4.x to GB-OS 6.0.x.
                GBOS6010019941
                
        2.1.2   Firewall remains operational when using PPTP.
                GBOS6010020126
                
        2.1.3   Round robin between range end points properly functions.
                GBOS6010020271
                
        2.1.4   Policies are properly passed to reporting as configured.
                GBOS6010020166
                
        2.1.5   Firewall no longer has unexpected reboot due to Ident.
                GBOS6010019946
                
        2.1.6   Remote Administration zone is properly imported with XML import.
                GBOS6010020191
                
        2.1.7   Firewall properly displays correct connections count. 
                GBOS6010020336
                
        2.1.8   LAGG devices are not mapped to eth.
                GBOS6010020651
                
        2.1.9   Log messages are properly sent for invalid packets.
                GBOS6010020411
                
        2.1.10  GB-Ware properly runs on older hardware which doesn't have 
                proper DMA support.
                GBOS6010020051
                
        2.1.11  Packets are correctly processed when time to live is exceeded.
                GBOS6010020771
                
        2.1.12  Default route is properly saved when set through the console 
                interface.
                GBOS6010020786
        
3.  NETWORK   
                
    3.1 Bug Fixes
    
        3.1.1   Site to site VPN properly functions when dynamic IP address is 
                set for the local gateway.
                GBOS6010019986
                
        3.1.2   IPv6 default route no longer removed after reboot with gateway 
                failover enabled for IPv4 gateways.
                GBOS6010020246
                
        3.1.3   Traffic through inbound tunnels using hide source is properly 
                handled when accessed via NAT VPN.
                GBOS6010020206
        
4.  SERVICES 

     4.1 New Features
    
        4.1.1   Added LDAP support for IPv6 server addresses.
                GBOS6010019356
                
        4.1.2   Added new grey list addresses for AOL.
                GBOS6010019846
                
        4.1.3   Added support for TCP DNS proxy requests.
                GBOS6010019906
                
        4.1.4   Added cloud support for configuration backup and restore with 
                Dropbox and Box.net.
                GBOS6010015281, GBOS6010020586
                
        4.1.5   Added ability to backup and restore configurations to the 
                console via USB.
                GBOS6010018656, GBOS6010018711             

    4.2 Modifications
    
        4.2.1   Improved router advertisement support. 
                GBOS6010019881
        
    4.3 Bug Fixes
    
        4.3.1   IPv6 notifications are properly sent only when applicable. 
                GBOS6010020111
               
        4.3.2   Traditional proxy properly allows SSL connections.
                GBOS6010020046
                
        4.3.3   Mail Sentinel properly displays IP addresses in email headers.
                GBOS6010020026
                
        4.3.4   MAPS properly uses correct IP addresses.
                GBOS6010019966
                
        4.3.5   Email notifications for alarms properly display IP addresses 
                and correct port numbers.
                GBOS6010020086, GBOS6010020081
                
        4.3.6   IPSec Client properly accepts special characters for password 
                authentication with X-AUTH.
                GBOS6010020006
                
        4.3.7   DNS is used to correctly look up server IP addresses for 
                Surf Sentinel.
                GBOS6010020141

        4.3.8   DHCP renewal no longer causes static VPN to drop.
                GBOS6010018846
                
        4.3.9   Firewalls properly create IPSec objects using SHA-2 with key 
                sizes greater than 128.
                GBOS6010019951
                
        4.3.10  DNS server properly creates auto policy for allowing access 
                only by protected and PSN zones.
                GBOS6010020521
                
        4.3.11  SNMP walk properly returns objects.
                GBOS6010020601
                
        4.3.12  DNS proxy properly limits auto polices to only allow protected 
                networks. 
                GBOS6010020021
                
        4.3.13  Surf Sentinel traditional proxy automatic policies properly 
                allow connections only from protected interfaces.
                GBOS6010020446
                
        4.3.14  High Availability systems properly fetch routing monitoring 
                information.
                GBOS6010020681
                
        4.3.15  Em driver properly functions with LAGG interfaces.
                GBOS6010020341, GBOS6010020351                
        
5. REPORTS 

    5.1 Modifications
    
        5.1.1   Reports subject and comment sections are only displayed when 
                applicable.
                GBOS6010019671
                
        5.1.2   GB-Ware enterprise and unrestricted systems now have Top 25 
                reports.
                GBOS6010020736
                
    5.2 Bug Fixes
     
        5.2.1   Reports properly display IP addresses according to designated 
                internet protocol setting. 
                GBOS6010020741

6.  WEB INTERFACE 
      
    6.1 New Features
    
        6.1.1   Added ability to backup to, and restore from,  a USB device.
                GBOS6010020306
                
        6.1.2   Added option to disable remote license checking.
                GBOS6010020326
                
        6.1.3   Added synchronize button to web interface to copy live 
                configurations to test mode.
                GBOS6010020311

    6.2 Modifications
    
        6.2.1   Improved system configuration verification.
                GBOS6010019971, GBOS6010020146, GBOS6010020186, GBOS6010020031, 
                GBOS6010020221
                
        6.2.3   Backups can now be restored from Ccompressed file types zip, 
                7zip and bzip2.
                GBOS6010020316
                
        6.2.4   Prefix advertisement is disabled if using DHCP or SLAAC.
                GBOS6010019871
                
        6.2.5   Firewall properly prompts the user to reboot upon changing the 
                internet protocol.
                GBOS6010020041
                
        6.2.6   Updated naming in web interface, changing instances of ICMPv6 
                to Neighbor Advert and Neighbor Solicit.
                GBOS6010020266
                
        6.2.7   Delete button properly removed from RIP configuration screen.
                GBOS6010020436
                
        6.2.8   Updated web interface localization. 
                GBOS6010019976, GBOS6010019771
        
    6.3 Bug Fixes
    
        6.3.1   System information page properly displays correct overview 
                information according to the IP protocol configuration setting.
                GBOS6010020226
                
        6.3.2   Active connections filter properly displays multiple types.
                GBOS6010019986
                
        6.3.3   Inbound tunnels user defined IP are properly saved.
                GBOS6010020471
                
        6.3.4   User IP is properly displayed for PPTP in the monitoring 
                section.
                GBOS6010020531
                
        6.3.5   LAGG network statistics are properly displayed in the 
                monitoring section.
                GBOS6010020646
                
        6.3.6   Set Up Wizard summary properly displays only the default routes
                applicable to the defined internet protocol setting.
                GBOS6010020791

                
7.  RELEASE NOTES HISTORY

    7.1   Previous Release Notes
          These notes cover the 6.0.1 release of GB-OS. Release notes for 
          previous versions can be found at GTA's website, http://www.gta.com.

-------------------------------------------------------------------------
Global Technology Associates, Inc.
3505 Lake Lynda Drive, Suite 109
Orlando, Florida 32817
www.gta.com
407.380.0220		



Copyright © 2014 Global Technology Associates, Inc. All rights reserved.

'GB-OS' and 'GB-Ware' are registered trademarks of Global Technology Associates, Incorporated.
'Global Technology Associates' and 'GTA' are service marks of Global Technology Associates, Incorporated.