I am pleased to announce the availability of the 7.300 Up2date by Astaro. After a successful beta period of over 4 weeks with ~650 feedback postings and community suggestions, this Up2date is now ready for download and installation.
The new Up2date is for all Astaro Security & Web Gateways, along with Software and Virtual installations. (Note: We will use the term "AxG" when referring to the entire family of Astaro Gateway Products) This new release focuses on the three main areas of Mail Security, Authentication, and the UserPortal in addition to several dozen new features across other minor areas. Also included in 7.300 is a completely redesigned database engine and framework, leading to massive performance improvements for message handling, greatly optimized reporting, and more.
What’s new in AxG V7.300?
The new release showcases significantly improved and redesigned Mail Security features, a revamped End-User Portal, and many changes to the authentication system, most prominently the inclusion of a new Active Directory browser directly within WebAdmin for easy drag-and-drop selection of groups and users. The following main areas have significant new features:
The entire feel and functionality of the Astaro UserPortal has been updated with a new style, and introduces new features. First, users will feel immediately at home with a newly polished layout that includes a host of new options for searching through and displaying content in the message quarantine. In addition to being able to mass-manage messages and mark them for release, deletion, white-list and more, the SMTP and POP3 areas have been separated into easily manageable sections. More enhancements have been added to enable users to globally cleanup their messages that have been caught for various reasons, or by age they have been residing in the quarantine. Finally, the UserPortal has been updated to only display RoadWarrior VPN options for which the user is actually permitted to use and configured for.
Enhanced Mail Security
Astaro has strongly enhanced the Mail Security offerings of AxG to realize strong performance gains in the filtering throughput and offer new tools with which to wage war against spam and unwanted mail in the inbox. A new profile mode allows easier configuration of filtering policy for a single domain, while providing even more flexibility and granularity when filtering mail for hundreds of domains. A new MIME filter for SMTP allows administrators to globally inhibit messages that contain Audio, Video, Executables, along with any other MIME type that is specified. We have also made easier the configuration of the Spam-scanning engine, and included new blacklisting options such as being able to delete messages that are highly-considered to be spam immediately. Lastly, newly added checks such as invalid HELO and missing RDNS, will contribute to the potency Astaro’s Mail Security offerings, while support for Domain Keys Identified Mail (DKIM) lets you cryptographically sign outgoing messages.
Active Directory Browser
The users have spoken ,and in direct response to the popularity of the fully interactive, drag-and-drop style browser that Astaro has long had for E-Directory users, we have added this functionality for our Active Directory environments. By offering a full browser-style tool that allows selection of users and groups with the mouse, administrators no longer need to manually type out strings when setting up AD integration, massively reducing the time and expertise needed to take full advantage of user-based reporting, policy assignment, VPN access, and any area of AxG that supports authentication.
Active Directory and E-Directory Test Tools
New tools have been added to the WebAdmin to assist administrators in configuring their AxG product to connect and work with AD and EDir resources. It is now possible to test the connection to the server for errors during setup, along with being able to validate a test-user directly from WebAdmin against the backend server.
Email Encryption now FREE with Mail Security Subscription
The new Mail Security offering now includes the full functionality of Astaro’s Email Encryption Engine at no additional charge. If you currently have a valid subscription to the Email Security or Email Encryption options, your license will be automatically granted full access to the renamed "Mail Security" subscription.
Reporting is key for many, and we’ve added new configuration options for various areas. It is now possible to specify the length that each reporting section will be held in WebAdmin, and administrators can now completely disable reports they do not use, saving resources. As well, the entire reporting system is more responsive and better performing with speed improvements of double the previous implementation. The end-user quarantine report has been tweaked to allow deliver of this list twice per day at configurable times, ensuring it can be delivered at a time which best fits everyone’s needs.
- Existing SMTP/POP3 configuration will be extended
- System will reboot after Up2Date
- Logging DB and EMail Quarantine will be converted
- System will be rebooted after Up2Date
- *Important* Log Database Conversion will be continued after reboot with low run priority (resulting operation *may* run for many hours/days for environments with large amounts of existing log data)
- Improved Email Filter
- Reworked Email encryption engine
- New UserPortal
- New Backend Database Architecture
- Improved Active Directory integration and management
- Configurable Reporting
- Status Information for HA/Cluster Nodes
- Reboot or Halt HA/Cluster Nodes
- New Directory User Prefetch option
- Backend User Group Support
- Improved performance for logging and reporting backend
- Improved backend group support for authentication
- Improved IM/P2P detection rate and memory usage
- Improved IPsec and L2TP subsystem and interoperability
- Added XAUTH support for IPSec Remote Access
- Added options for testing authentication servers
- Added optional smarthost for notifications
- Added options for configuring Reporting
- Added options to reboot/shutdown HA/Cluster nodes
- Fixed clam vulnerabilities CVE 2008-0314, 2008-1833, 2008-1835, 2008-1836, 2008-1837, 2008-1387, 2008-2713
Fix : L2TP doesn’t work with IP addresses assigned via DHCP
Fix : Changing eDir SSL settings breaks eDir Browser for current session
Fix : Enduser Portal shows 127.0.0.1 as login source IP
Fix : Astaro notification emails tagged as spam
Fix : Middleware may mix up static DHCP mappings
Fix : If cffd fails during spam digest creation no resume for digest is triggered
Fix : System freezes on Vmware ESX Server V3
Fix : POP3 Proxy does not start with customized messages
Fix : Daily Spam Report fails for some Recipients (case-sensitive issue)
Fix : Blank password allowed for encrypted backups
Fix : FTP file downloads stop at 2GB
Fix : Unable to create exceptions for domains with single character
Fix : ASC config file doesn’t set IKE config mode correctly
Fix : Using service ‘Any’ as traffic service breaks DNAT and SNAT rules
Fix : High memory usage for IM/P2P detection
Fix : Readable eDirectory passwords in debugging mode
Fix : Slave stuck in ‘UP2DATE’ state in HA/Cluster environment
Fix : Kernel reports ‘Detected Tx Unit Hang’ on e1000 hardware
Fix : HTTP Proxy may expire cached objects even if expire time isn’t reached
Fix : Packetfilter log shows drops of local packets
Fix : VLAN sometimes fails on bonding device
Fix : Deactivating SIP support does not work correctly
A detailed description of the new features, changes, system requirements as well as installation and upgrade information is included within the AxG 7.300 Release Notes.
The Astaro Up2Date technology makes it easy to upgrade your installed Astaro Security Gateway to the latest version.
There are two ways to apply an Up2Date package to the system (All Up2Dates are GNUPG-signed!):
- Log on to WebAdmin, navigate to Management >> Up2Date >> Overview and use Update to latest version now to install the Firmware Up2Date. Click on then Watch Up2Date Progress in new window and an extra browser window will show the progress of the Up2Date installation and the System administrator will receive a notification email once the Up2Date process has finished successfully.
- Download the Up2Date package from our HTTP or FTP Server and install it under Management >> Up2Date >> Advanced:
(MD5sum: 37627a6b8105bbc93c5a1ccffbbaa9a9 Size: 223,788,817 bytes)
HTTP: Astaro US – Astaro US2 – Astaro Germany – Astaro Germany2 – Austria Mirror – Japanese Mirror
FTP: Astaro US – Astaro US2 – Astaro Germany – Astaro Germany2 – Austria Mirror – Japanese Mirror
The Astaro Security Gateway Administration Guide, a hardware compatibility list and a Known Issues List for the GA release are available on our knowledge base .
If you want to provide feedback or want to discuss any of the AxG V7 features you should post it on our User Bulletin Board. Please take care to add always(!) the version you refer to (e.g. "[7.300] Quarantine Report "). If you have feedback to our documentation (Online Help) please send it to firstname.lastname@example.org. There is also a demo server that showcases all the new shiny things: http://demo.astaro.com
Your Astaro R&D team