Unified Threat Management - Support | GTA, Inc.

		                         

                         GB-OS FIREWALL SOFTWARE
                            VERSION 6.0.4
                            RELEASE NOTES

Author:     Global Technology Associates, Inc.
Product:    GB-OS version 6.0.4
Date:       4 June 2012

-------------------------------------------------------------------------
GB-OS version 6.0.4 includes updated versions of the following GTA
products and utilities:

    GB-OS                       6.0.4

Release notes are located on the installation CD and on GTA's Web site.

For more about upgrading related software, see individual product
release notes.

-------------------------------------------------------------------------
CONTENTS
Release Notes sections are categorized first by feature addressed, then
by the type of change.

1.  INSTALL NOTES

2.  SYSTEM

3.  SERVICES

4.  VPN

5.  WEB INTERFACE

6.  REPORTS

7.  RELEASE NOTES HISTORY

-------------------------------------------------------------------------

1.  INSTALL NOTES

    1.1 Entering New Activation Codes
    
        If upgrading from 5.4.x or below, new activation codes must be
        entered. GB-OS version 6.0.4 is available at no charge to customers 
        with a GTA support contract or annual maintenance agreement. 
        Other users should contact their local Authorized GTA Channel Partner 
        or email sales@gta.com for information and pricing of upgrade options.

        
    1.2 Upgrade Notes   
        
        1.2.1 Upgrading to GB-OS 6.0.x
        
              Firewalls must be on GB-OS version 5.2.0 or higher to properly
              upgrade to GB-OS 6.0.x. See the Upgrade Guide for more information.
              
              
        1.2.2 GB-250 Rev B Upgrade to GB-OS 6.0.x
        
              GB-250 Rev B firewalls on version GB-OS 5.2.x should be on runtime
              slice 2 when upgrading to version 6.0.x.

              The firewall's current runtime slice is displayed on the 
              firewall's System>Overview screen. To view the current slice, log 
              into the firewall's web administration interface and navigate to 
              System>Overview. The runtime section will display the firewall's 
              current runtime slice.
              
              Additionaly, some GB-250 Rev B firewalls require a Bios Update 
              before updating to GB-OS 6.0.x. If the Bios version is not v0.99h 
              or higher,the Bios may need to be updated. 
              
              You can check the BIOS by:
          
                 1. Examining the hardware report for the Bios version:
             
                    BIOS: PC Engines ALIX.2 v0.99h tinyBIOS V1.4a (C)1997-2007
             
                 2. Connecting on the console interface and rebooting the 
                    firewall. The first line displayed should be BIOS revision. 
                
                    Example: PC Engines ALIX.2 v0.99h
              
               You can check if the firewall is a GB-250 Rev B by the following:
              
                 1. GB-250 Rev B firewalls have USB ports while GB-250 Rev A do
                    not have USB ports. 
              
                 2. GB-250 Rev B firewall serial numbers are:
                
                    Starting at S/N 65002101 and above 
                    Starting at S/N 65902101 and above

        
        1.2.3 Re-sizing Slices and Runtime Upgrades
              
              In order to support the new features in GB-OS 5.2.x and above, 
              some firewalls may require partition re-sizing during the 
              upgrade process. Upon re-sizing, both runtime slices will have 
              GB-OS 6.0.4, and firewall administrators WILL NOT be able to 
              revert to previous runtimes via the Console or Web interface.
              
              GTA strongly recommends backing up current firewall 
              configurations PRIOR to upgrading.

              Firewalls requiring re-sized partitions will take approximately 
              5-8 minutes to reboot and fully update once the runtime has 
              been applied. DO NOT switch off or reboot the firewall during 
              this process.

        
        1.2.4 Error Messages Upon Initial Reboot
    
              Upon rebooting after successful installation, the GTA
              Firewall UTM Appliance may display errors when accessed
              using the Web interface.  This is expected, these errors are
              generated because the browser's cache is trying to access
              files and locations that no longer apply. Click OK to any
              displayed errors and refresh the browser window to access
              GB-OS 6.0.4. If the error messages persist, clear your
              browser's cache.
              
              
        1.2.5 Firewall Control Center No Longer Supported
        
              With the release of GB-OS 6.0, GTA's Firewall Control Center
              (FWCC) will no longer be supported and will be removed from the
              firewall interface for all products.
              
              
        1.2.6 IPSec Object Upgrade 
        
              When upgrading to GB-OS 5.4.2 and above, all firewalls using 
              SHA-2, with keys larger than 128, will need to be upgraded. 
              If unable to upgrade, firewalls must be switched to a compatible 
              algorithm
               
               
    1.3 SSL Certificate Replacement

        GB-OS version 6.0.4 will install a new default security/SSL
        certificate. Some browsers, including Netscape and Mozilla,
        will not recognize the new certificate if the original has
        never been replaced. If you are unable to log on to the
        firewall after upgrading, delete the browser's cached security
        certificate, then close and restart your browser before
        reattempting remote access to your firewall.


2.  SYSTEM                            
                
    2.1 Bug Fixes
        
        2.1.1   TFTP server is properly exported in XML configuration.
                GBOS6040021611
                
        2.1.2   Configuration settings are properly maintained when importing 
                XML configuration files.
                GBOS6040022016
                
        2.1.3   Firewalls properly function with PPP and Link Aggregation.
                GBOS6040022156
                
        2.1.4   Saving the configuration via the Console or Web Interface 
                properly auto-logs out the console to maintain proper 
                configuration sync between the two interfaces. 
                GBOS6040021646
                
        2.1.5   Time group policies properly process end of time segment. 
                GBOS6040022551

        2.1.6   Security policies properly drop deny options after being 
                changed to accept.
                GBOS6040022611
                
        2.1.7   Old default route is removed if new default route is 
                nonexistent. 
                GBOS6040022541
                
        2.1.8   IPS properly functions with networking between bridged and 
                non-bridged interfaces.
                GBOS6040022686
                
        2.1.9   Packets are now correctly routed for bridged connections.
                GBOS6040022691

        2.1.10  IPv4 and IPv6 ident policies are properly generated. 
                GBOS6040022676

        2.1.11  SLAAC and DHCPv6 are properly displayed with VLAN interfaces.
                GBOS6040022876
                
        2.1.12  Local L2TP packets are properly handled with traffic shaping
                and bridging.
                GBOS6040022951
                
        2.1.13  PPTP tunnels using hide source or double NAT properly function.
                GBOS6040022441

        
3.  SERVICES 
        
    3.1 Modifications
    
        3.1.1   Traffic shaping limit maximum set to 5GB.
                GBOS6040021871
                
        3.1.2   Improved certificate validation. 
                GBOS6040022571
                
        3.1.3   Improved NTFS support for USB devices.
                GBOS6040022336
                
        3.1.4   Upgraded Anti-Spam processing.
                GBOS6040022711, GBOS6040022851
                
        3.1.5   Reporting intermediate files on RAM disk is maintained. 
                GBOS6040023061
    
    3.2 Bug Fixes
    
        3.2.1   DCHP relay properly restarts when saving the network settings 
                section.
                GBOS6040021866
                
        3.2.2   Certificates are properly validated when making SSL connections 
                that require validation. 
                GBOS6040022181
                
        3.2.3   Files are properly uploaded using the SSL Browser via Safari.
                GBOS6040021456, GBOS6040021516
                
        3.2.4   Basic Setup Wizard properly sets the domain for the DCHP server 
                when enabled. 
                GBOS6040022176
        
        3.2.5   VPN site to site tunnels properly allow multiple local networks 
                to connect to the same remote network.
                GBOS6040022651
                
        3.2.6   Disabling DHCP in IPv4 & IPv6 mode is properly honored. 
                GBOS6040023166
                
        3.2.7   Cloud backup properly functions with Box.net.
                GBOS6040023026
                
        3.2.8   Automatic policy is properly created for TCP connections to
                DNS proxy
                GBOS6040023006
                
        3.2.9   Improved log messages for PPTP and L2TP.
                GBOS6040022931
                
        3.2.10  High Availability properly sends master advertisement for 
                systems with a large number of aliases.
                GBOS6040021271

        3.2.11  Surf Sentinel properly recognizes and marks the rating server 
                as down, if it is unreachable.
                GBOS6040023001
                
        3.2.12  Console interface properly displays SSL and None as remote 
                administration encryption options.
                GBOS6040021376
                
        3.2.13  SNMP traps are properly not initialized if SNMP notifications 
                are disabled.
                GBOS6040023246

        3.2.14  LDAP anonymous authentication method properly functions. 
                GBOS6040023231
                
        3.2.15  SSL Client properly restarts when changes to the users section h
                ave been saved.
                GBOS6040022576
                
        3.2.16  Dynamic DNS properly functions.
                GBOS6040023296                
                
        3.2.17  High Availability, when installed on two separate GB-Ware VMWare
                systems, will properly honor system priority for master and 
                slave. If High Availability priority is the same, the first 
                firewall in master state will remain master.
                
        3.2.18  DHCPv4 and DHCPv6 properly function simultaneously on the same 
                interface.
                GBOS6040023291

        3.2.19  Dynamic DNS is properly restarted after address changes.
                GBOS6040023286
        
4. VPN

   4.1 Bug Fixes
   
        4.1.1   IPSec Set Up Wizard properly uses a pre-shared secret for 
                firewall to firewall VPNs.
                GBOS6040021476

5.  WEB INTERFACE 

    5.1 Modifications
    
        5.1.1   Improved system configuration verification. 
                GBOS6040022106, GBOS6040022346, GBOS6040022831, GBOS6040022836,
                GBOS6040021396
                
        5.1.2   Improved Basic Setup Wizard design layout.
                GBOS6040022256

        5.1.3   Improved configuration hints in Basic Setup Wizard.
                GBOS6040022111

        5.1.4   Improved system summary report. 
                GBOS6040022116
                
        5.1.5   Country list is now sorted by name on the Contact Information 
                page and in the Basic Setup Wizard.
                GBOS6040021226, GBOS6040023151
                
        5.1.6   Removed invalid Delete icon from the IPS policies section. 
                GBOS6040022281
                
        5.1.7   Improved processing speed for the Basic Setup Wizard.
                GBOS6040023141
                
        5.1.8   Basic Setup Wizard preserves network information, if present, 
                for the first three interfaces.
                GBOS6040023181
        
    5.2 Bug Fixes
    
        5.2.1   Basic Setup Wizard no longer displays un-configured PPP 
                interfaces. 
                GBOS6040022196

        5.2.2   Address objects are properly defaulted when running the Basic 
                Setup Wizard.
                GBOS6040022191
                
        5.2.3   UTC is no longer displayed as "null" in the web interface. 
                GBOS6040021821
                
        5.2.4   Cloud backup is properly disabled when a valid support contract 
                is not found.
                GBOS6040021446

        5.2.5   Mail Sentinel summary only displays quarantine if enabled.
                GBOS6040021511
                
        5.2.6   Files are properly uploaded using the SSL Browser. 
                GBOS6040022696
                
        5.2.7   The host list is properly updated and sorted on the system 
                overview page. 
                GBOS6040022701
                
        5.2.8   VLAN and HA options are properly disabled if NIC is set to PPP.
                GBOS6040022801
        
        5.2.9   Network settings summary properly displays SLAAC option for 
                IPv6 when appropriate. 
                GBOS6040022821
                
        5.2.10  PPP interface configuration options are properly displayed.
                GBOS6040023171
                
        5.2.11  Basic Setup Wizard properly sets the automatic policy for the 
                DHCP Server, when enabled.
                GBOS6040023206

        5.2.12  Basic Setup Wizard properly enables Router Advertisement if both
                DHCP Server and IPv6 are enabled.
                GBOS6049923156

        5.2.13  Basic Setup Wizard properly generates certificates after 
                NTP service has started.
                GBOS6040023146
                
        5.2.14  Configuration backup properly hides or displays the password 
                row as configured.
                GBOS6040023251
                
        5.2.15  PPPoE and PPTP addresses are properly displayed in the 
                web interface.
                GBOS6040023131
                
        5.2.16  GB-250 Rev B firewalls properly display the comport option.
                GBOS6040023191
                
6. REPORTS 

    6.1 Modifications 
    
        6.1.1   Improved system reports.
                GBOS6040021901
                
7.  RELEASE NOTES HISTORY

    7.1   Previous Release Notes
          These notes cover the 6.0.4 release of GB-OS. Release notes for 
          previous versions can be found at GTA's website, http://www.gta.com.

-------------------------------------------------------------------------
Global Technology Associates, Inc.
3505 Lake Lynda Drive, Suite 109
Orlando, Florida 32817
www.gta.com
407.380.0220		



Copyright © 2014 Global Technology Associates, Inc. All rights reserved.

'GB-OS' and 'GB-Ware' are registered trademarks of Global Technology Associates, Incorporated.
'Global Technology Associates' and 'GTA' are service marks of Global Technology Associates, Incorporated.