Sei sulla pagina 1di 8

Content Security

eSafe SmartSuite Release Notes


Version: 8.5.25.0 Release Notes Issue Date: June 20, 2010

About this release


These release notes provide a list of the latest additions to eSafe SmartSuite. eSafe SmartSuite is a comprehensive, proactive and future proofed content security solution that goes beyond leading-edge technology. This release of eSafe SmartSuite focuses on the enhanced Data loss /leak prevention (DLP) feature that includes DLP policies, dictionaries, and profiles that extends eSafes content security and CMF (Content Monitoring and Filtering) abilities. It also features improvements to the central management feature, and various changes to the eSafe Security Center (GUI) that makes for a better user experience, including media control, actionable management, improved alerting capabilities, web quarantine reports and more. This version is an evolution of eSafe SmartSuite V8.0 which was released in Q4 of 2009. For detailed information on that release, please refer to the eSafe SmartSuite Release Notes for V8.0.

Availability
eSafe SmartSuite is only available for new installations on the following platforms: eSafe XG110 appliances eSafe HG200 appliances eSafe XG210 appliances eSafe XG300 appliances IBM Blade Center, HS21/HS22 Blade VMware ESXi (*)

eSafe SmartSuite is available for the following implementation/installation modes: Web Security Gateway o o o In-line Bridge/Cluster eSafe Router/Cluster eSafe Proxy

2010 SafeNet, Inc. All rights reserved.

Page 1 of 8

www.safenet-inc.com

eSafe SmartSuite Release Notes o o o eSafe ICAP eSafe Forwarding Proxy eSafe Web SSL

Mail Security Gateway

*Note: eSafe on VMware is available only for the following implementation modes: Web Security Gateway o o eSafe Proxy (includes WCCP support) eSafe Web SSL

Mail Security Gateway

Upgrade Information
Currently, this version does not support automatically upgrading from previous versions of eSafe; it is only possible to perform new installations. At this stage, users who wish to upgrade their eSafe machines must install eSafe SmartSuite, and then apply the same configuration as the previous installation. Further details are available at the end of these release notes.

Installation Instructions
Note: Due to the GUIs new look and feel, the minimum screen resolution should be 1024 x 768. Detailed installation instructions appear in the eSafe SmartSuite Deployment Guide. A separate document is available with instructions for installing on VMware. Take note that the following ports need to be opened when a firewall exists between the eSafe appliance and the Security Center: Port 43970 Security Center (Regular protocol) Port 5432 Security Center (eSafe internal SQL) Port 8888 Security Center (Dashboard updates) Port 37233 Webmin management Port 22 SSH remote control Port 8787 Security Center (Log collector) Note: As of this version, we have eliminated the need for an internal USB on XG appliances. Installation or reimaging the appliance is done via the external USB only. For further details see the following document: http://upd5.esafe.com/pub/autoupdate/ver85/product/XG-HG_Appliance_USB_Installation.pdf

2010 SafeNet, Inc. All rights reserved.

Page 2 of 8

www.safenet-inc.com

eSafe SmartSuite Release Notes

New Features and Enhancements in eSafe SmartSuite V8.5


eSafe SmartSuite V8.5 includes the following new features and enhancements: DLP: New DLP capabilities with enhanced features for enforcement, monitoring, and classification of sensitive files sent via email and web upload. Supports analysis of more than 150 file types, including: o o o MS Office documents, Open Office, and PDF files HTML, email, source code files Archived files

New options allow taking specific actions when detecting data that matches the DLP dictionaries, including: o o o o o Report: Logs all file properties in the event log. Block: Blocks outgoing files/email. Notify sender: Sends a notification to the email sender (for mail events only). Archive: Archives the file/email in a special repository for later investigation. Forward file/email by email: Forwards the file/email to a special DLP inspector email address.

Includes more than 20 predefined out-of-the-box dictionaries that support Unicode. Includes predefined out-of-the-box DLP alerts with predefined Smart Alerts.

Central Management: Improved Central Management experience allows getting an instant overview of whats happening on the gateway by monitoring traffic, getting alerts, investigating events, and taking immediate action. The central management features include: o o o o o o Single sign-on Centralized machine tree with easy navigation between machines Support of data aggregation and statistics for groups/clusters Central log server Real-time indicators about machine status Advanced role-based administration.

2010 SafeNet, Inc. All rights reserved.

Page 3 of 8

www.safenet-inc.com

eSafe SmartSuite Release Notes Note: Since this version uses the new central management and log server, when installing an eSafe machine, the Central Management option must be enabled. When installing eSafe in a multiple eSafe machine environment (more than one machine), one machine must be installed with the Central Management module, and all others without. Only one central management machine is allowed per organization. In large environments (above four eSafe machines), it is recommended to install the central management/log server as a standalone machine that does not intercept or scan traffic. Direct Connection: By default, the eSafe Security Center connects to the central machine which allows monitoring and managing all machines in the organization. In case of an emergency or if you need to manage a specific machine NOT via the eSafe Security Center management server, you can connect to the machine directly (with limited capabilities), using the following eSafe management command: "C:\Program Files\eSafe\eSafeMNG\8.5\esafemng.exe" /log /p2p Productivity Improvements This version includes various Productivity Improvements, including: o Controlling and blocking streaming traffic per URL category with profile and streaming properties (RTSP, RTP, MMS, Flash, etc.). New warn/gray URL filter categories per policy and overriding rules (Coaching). Support for non-inspected SSL sites per URL category. (Only eSafe Web SSL)

o o

Monitoring and Reporting Enhanced Smart Alerts with granular DLP alerts. Allowing fast Smart Alert rule creation when viewing Track & Care events.

Dashboard Enhancements Enhanced Dashboard graphic charts with drill-down capabilities by double-clicking on the chart or legend to see actual events for a specific query. Support for 4Eye log viewing. When viewing information in the Dashboard and Track & Care screens, users will see anonymous details. In order to see real data, a secondary administration password is defined (4Eye), allowing viewing of actual information.

User Management Proxy authentication to support multiple AD Domains. Added a new feature that allows end users to view quarantined email via Web-based reports, and manage/release quarantined email. This Web-based quarantine report supports NTLM Authentication and multiple domains.

Globalization Support This version includes Unicode support to allow globalization of the Security Center UI and data.

Performance Enhancements This version includes a new results scanning cache.

2010 SafeNet, Inc. All rights reserved.

Page 4 of 8

www.safenet-inc.com

eSafe SmartSuite Release Notes Improved web performance using real-time HTTP gzip compression allows content real-time extraction and data analysis of content reaching eSafe in compressed format. Improved URL Filter performance using internal cache and restructuring. Restructured the AppliFilter engine to improve efficiency and performance.

Known Limitations
GUI: In the event that an eSafe appliance is reconfigured or the operation mode is changed, the appliance must be deleted from the list of machines in the eSafe Security Center and added manually. The number of days (currently 10 days) that the database records are saved can only be changed manually via the esaferep.ini file on the eSafe Appliance, and requires restarting the eSafe service. When viewing the Security Center screen at the recommended resolution of 1024 x 768, the Updates tab under Policy Settings disappears from view on laptops. (Tip: After selecting the eSafe machine you want to manage, hide the machine tree in order to see all the tabs.)

DLP: When eSafe is configured to check outgoing traffic for spam, by design, this traffic will not be checked for DLP rules. Encoded file names inside archive files may be replaced with question marks in the DLP logs. MS Office 2007/2010 files appear in the DLP report as archive files since these file are actually archive formats.

Deployment: This version does not allow upgrades from previous versions; it only supports new installations. When installing eSafe Web Bridge mode with mail support, make sure that the inner and outer NIC have real IP addresses, or else SMTP will not function. When working with eSafe in ICAP mode, file compression (gzip) must be turned off at the proxy side.

Management: Change Configuration events may appear several times in the log for the same event. This is due to the fact that the changes are done on all the remote machines and are therefore also logged as events in the central machine. Central management machines only support English language user names, passwords, and machine names. When the Syslog method is selected for Smart Alerts, the alert event is written in the central machine message file and not at the remote eSafe machine. Make sure to define SNMP and Syslog servers at the Central Management machine as well. When defining a Smart Alert on a machine that is part of a group/cluster, the smart alert definitions are saved locally and are not deployed to other machines in the group/cluster.

2010 SafeNet, Inc. All rights reserved.

Page 5 of 8

www.safenet-inc.com

eSafe SmartSuite Release Notes When defining LDAP parameters in the LDAP Settings screen, only the DN is supported (domain/user format is not supported).

eSafe Quarantine: Releasing email from the quarantine report sent by email doesn't work in Windows Live Mail (on Windows 7). To solve this, use the new web-based quarantine report. The Web Quarantine only supports log-in names that use English characters. The Web Quarantine Report can only be created in English and does not support additional languages at this stage. When using the Web Quarantine Report, the LDAP server must be defined. By default the Web Quarantine Report works with HTTPS protocol and therefore a permanent certificate must be issued. For instructions on changing the default protocol from HTTPS to HTTP, see the relevant technical note in the Knowledge Base.

eSafe Web SSL: In eSafe Web SSL, the website IP address (source IP address) is the same as the URL host and appears as 127.0.0.1, due to the fact that eSafe Web SSL uses the internal parent proxy and doesnt know the real IP address.

URL Filter: When an HTTPS site is found to belong to a restricted category, an appropriate HTML warning does not appear, only a standard browser message notifying that Internet Explorer cannot display the webpage appears. The URL Filter redirect warning page (block or gray list mode) cannot be displayed in HTTPS (SSL traffic protocol), due to technical limitations that prevent changing page content (unless using the eSafe Web SSL product).

eSafe Cluster Initially defining a cluster requires logging on to eSafe Security Center via the central machine, defining a new cluster, dragging the eSafe machine (which appears under the ALL branch in the machine tree) to the cluster, and then define the other cluster members. eSafe Appliance Manager: When defining the hostname in the eSafe Appliance Manager (Settings > Host Name & DNS), define a hostname shorter than 15 characters. The LCD display on the HG200 appliance can no longer be used to reconfigure the appliance; it only supports viewing the status and changing IP addresses.

2010 SafeNet, Inc. All rights reserved.

Page 6 of 8

www.safenet-inc.com

eSafe SmartSuite Release Notes

Appendix: Upgrade Instructions


Follow the instructions below to upgrade from an earlier version of eSafe: 1. On the current eSafe machine, create a zip files with the following files: esafecfg.ini applifilter2.ini esafenipca.ini esdspsrv.dat

2. Install eSafe v8.5 on the machine. 3. Connect to the new machine via the v8.5 GUI. 4. Import the files from the zip file you created in step 1. 5. Restart the eSafe services.

2010 SafeNet, Inc. All rights reserved.

Page 7 of 8

www.safenet-inc.com

eSafe SmartSuite Release Notes

About SafeNet In 2007, SafeNet was acquired by Vector Capital, a $2 billion private equity firm specializing in the technology sector. Vector Capital acquired Aladdin in March of 2009, and placed it under common management with SafeNet. Together, these global leading companies are the third largest information security company in the world, which brings to market integrated solutions required to solve customers increasing security challenges. SafeNets encryption technology solutions protect communications, intellectual property and digital identities for enterprises and government organizations. SafeNets software protection, licensing and authentication solutions protect companies information, assets and employees from piracy and fraud. Together, SafeNet and Aladdin have a combined history of more than 50 years of security expertise in more than 100 countries around the globe. For more information, visit http://www.safenet-inc.com.

Contact Information For more information, please contact SafeNet Technical Support at: 800-545-6608 (USA) 410-931-7520 (International) support@safenet-inc.com

Revision 16, 6/20/2010

2010 SafeNet, Inc. All rights reserved.

Page 8 of 8

www.safenet-inc.com

Potrebbero piacerti anche