SGOS 22.214.171.124 was released on November 21, 2017. This release includes a number of new features and enhancements to existing feature. To download the release image and the SGOS 6.7.x Release Notes, go to MySymantec (https://support.symantec.com) and select Downloads > Network Protection (Blue Coat) Downloads.
SGOS 126.96.36.199 introduces a number of new features and enhancements to existing features. Refer to the SGOS 6.7.x Release Notes for detailed information on these features.
Policy for Specifying Cookie Persistence in Authentication You can now control cookie persistence during user authentication. The following CPL action was added:
auto means that the cookie persistency value configured in the realm will be used.
no means that the session cookie will be used in authentication in this transaction.
yes means that the persistent cookie will be used in authentication in this transaction
Specify the Client Certificate Validation CCL via VPM A Set Client Certificate Validation CCL object is available in the Visual Policy Manager (VPM). Use this object to specify the client certificate list (CCL) to use for matching intercepted SSL connections.
This policy object generates the following CPL (the condition was added in version 6.7.2):
To use the policy object, add a rule to the SSL Intercept Layer and select Set Client Certificate Validation CCL from the Action column.
SSL Intercept and DNS Layers Supported in Tenant Policy SSL Intercept and DNS transactions now evaluate tenant determination policy in the landlord policy file. This allows <ssl-intercept> and <dns> layers to be defined and executed in tenant-specific policy. Previously, these layers were supported in the default tenant policy only.
ICAP Server Selection When an appliance network interface is configured to use multiple IP addresses, the outbound connections from proxy to ICAP server now use the servers in a round-robin manner. This selection process helps prevent port saturation under heavy load, especially when the connection is not persistent.
Data Leak Exception Page Users now see a data leak exception page when HTTP/HTTPS POST requests are sent to Symantec DLP and a policy violation occurs.
HTTP Log Shows Reasons for Non-Cacheable Transaction The HTTP log now indicates the reason(s) that a transaction is not cacheable. The information is logged as follows: "Server response made transaction Non-Cacheable:reason(s)=<set of reasons>"
OpenLDAP Upgrade This release supports OpenLDAP version 2.4.44.
The following documentation was updated for this release: