Secure Web Gateway 11.2.3 Release Notes
New Features in the 11.2 Release
This release provides the following new features. For resolved issues in this release and the update releases, see further below.
NOTE: Secure Web Gateway 11.2 is provided as a main release.
For information about how to install this release, see the Upgrading to a New Version - Controlled Release. If you are installing the Secure Web Gateway appliance software for the first time, see Installing Secure Web Gateway for the First Time.
New Properties for Web Policy Rules
When configuring rules for your web policy, you can use these new items:
- A new property to expose encrypted archive directory listings.
- A new property to store the rule and rule set names or IDs that were processed at the end of the request and response filtering cycles.
GTI Data Included in Feedback File
Data that is collected by the GTI diagnosis script of the operating system is included in the output feedback file.
Support for Rolling TCPdump collection
Support for rolling TCPdump collection option is now available in the UI. For more details, see Create a packet tracing file. For more details on Performing Packet Tracing in Secure Web Gateway, see Performing Packet Tracing in Secure Web Gateway SWG
More Flexibility for HTTP Proxy Port Configuration
When configuring an HTTP Proxy Port, you can disable the Enable FTP over HTTP option. The option is enabled by default.
SSL Tap Configuration Enhanced
The following enhancements have been added to SSL Tap configuration:
- The destination port number is not overwritten by default when tapped packets are created.
- The destination MAC address can be customized when tapped packets are broadcast.
- SSL tapping now supports HTTP2 on Secure Web Gateway.
Detection of Excel 4 Macros Added
Excel 4 macros are now detected in media type filtering.
IP Spoofing Supported for HTTP(S) in Proxy Configuration
IP spoofing is supported for HTTP(S) when setting up proxies in Explicit Proxy or L2 Transparent mode.
Known Issues and Workaround
For a list of issues that are currently known, see SWG 11.x.x Known Issues and Workaround
Resolved issues in update 11.2.3
This release resolves known issues.
NOTE: Secure Web Gateway 11.2.3 is provided as a main release.
For information about how to upgrade to this release, see Upgrading to a new version – Main Release.
JIRA issue numbers are provided in the reference columns.
Web filtering
| Reference | Description |
|---|---|
| WP-4578 | An issue with eml files, which were getting blocked due to an underscore in the message header, has been resolved. |
| WP-4605 | PDF files that are submitted to an electronic signature platform do not get blocked anymore by a Block Encrypted Types rule, as the user key is correctly detected now. |
| WP-4864 | Web policies are no longer invalidate because of a CTD removal that had happened. |
| WP-4887 | Opening a document of the application/postscript media type no longer results in false as a value for the MediaTypeHasOpener property after this media type was added to the list of media types than can be handled by the File Opener on Secure Web Gateway. |
| WP-4922 | An issue with high memory usage that occurred with the UCE container on Secure Web Gateway due to an endless loop in excel4 macro media type detection has been resolved. |
Network communication
| Reference | Description |
|---|---|
| WP-4835 | Exceptions that had been entered in the Port Redirection table based on IP addresses are working as expected for the Transparent Bridge mode. |
| WP-4931 | Checking lists with revoked certificates does not fail anymore, which had happened due to a browser error. |
Other
| Reference | Description |
|---|---|
| WP-4937 | A failure of the SaaS Connector on Secure Web Gateway does not occur anymore. |
| WP-4465 | Tomcat has been upgraded from version 7.x to version 9.x |
Vulnerabilities Fixed