Advanced Secure Gateway 126.96.36.199 was released on July 22, 2016. This release includes a number of new features and enhancements to existing features. To download the release image and the
Advanced Secure Gateway 6.6.x Release Notes, log in to BlueTouch Online (BTO) and go to the
You can implement a CAPTCHA challenge-response test for specific proxied client requests. Configuring the feature consists of creating a CAPTCHA validator and form in the CLI, and then including them in policy. You can implement CAPTCHA validation with or without authentication. The following is an overview of what happens during validation:
A client makes a request that, according to policy, is subject to CAPTCHA validation.
The browser presents an HTML form including a CAPTCHA image that the user must solve. A correct response verifies that the request was human-initiated.
If the response is incorrect, the form loads a new CAPTCHA image.
If the response is correct, the browser loads the requested page and the appliance sets a session cookie. The CAPTCHA test is not invoked for future requests from the same client and to the same domain until the cookie expires.
The following have been added to support this feature:
CLI commands, to create and manage CAPTCHA validation forms:
In a WAF deployment, this data is critical in determining the validity of detections. When used in conjunction with the new
http.request.detection.result.application_protection_set= conditions, you can review the header or body contents to qualify detections and rule out false positives. By default, the maximum size of body content is 8 KB.
This can be increased with either the
http.request.body.inspection_size() policy gesture.
http.request.log_details() works for other deployments as well, but you must create a custom access log format that includes the new fields, or use the default WAF log.
All Advanced Secure Gateway 6.6.x documentation is located on BTO at: