Advanced Secure Gateway 188.8.131.52 was released on November 21, 2017. This release includes a number of new features and enhancements to existing feature. To download the release image and the Advanced Secure Gateway 6.7.x Release Notes, go to MySymantec (https://support.symantec.com) and select Downloads > Network Protection (Blue Coat) Downloads.
Advanced Secure Gateway 184.108.40.206 introduces a number of new features and enhancements to existing features. Refer to the Advanced Secure Gateway 6.7.x Release Notes for detailed information on these features.
Content Analysis Features
This release offers support for the Symantec antivirus engine.
Symantec antivirus is available with a subscription-based license. Configure antivirus scanning configuration in the Management Console (Content Analysis > Services > AV Scanning Behavior).
Symantec Advanced Machine Learning By combining deep knowledge of threats and files with state-of-the-art machine learning, Symantec Advanced Machine Learning (AML) is able to understand characteristics of files and create a probability score to determine whether a file is safe. Rather than using signatures to match patterns, machine learning uses proven, well-tested, statistical methods to learn about files. Using this approach, new and previously unknown threats can be stopped. Even when the attack changes--through replication mechanisms, distribution mechanisms or the payload itself--AML works to stop threats effectively.
Symantec Advanced Machine Learning is included with antivirus subscriptions. It is activated when you activate the Symantec Antivirus license.
Symantec Cloud Sandboxing Symantec offers a cloud-based dynamic malware analysis service that provides the ability to detect advanced threats. In addition to detonating and detecting malware on virtual machines, Symantec Cloud Sandboxing uses a suite of analysis technologies, coupled with Symantec global intelligence and analytics data, to accurately detect malicious code.
In addition, Cloud Sandboxing uses a behavioral analysis system that monitors files as they run, comparing the behaviors of the program to the behaviors of the billions of malicious samples has analyzed over the years. As opposed to signatures, Cloud Sandboxing employs behavioral profiles and file reputation data to accurately identify files as benign or malicious. The Symantec Cloud Sandbox service is subscription-based and requires no configuration other than activating the license and enabling the service (Sandboxing > Settings).
Policy for Specifying Cookie Persistence in Authentication You can now control cookie persistence during user authentication. The following CPL action was added:
auto means that the cookie persistency value configured in the realm will be used.
no means that the session cookie will be used in authentication in this transaction.
yes means that the persistent cookie will be used in authentication in this transaction
Specify the Client Certificate Validation CCL via VPM A Set Client Certificate Validation CCL object is available in the Visual Policy Manager (VPM). Use this object to specify the client certificate list (CCL) to use for matching intercepted SSL connections.
This policy object generates the following CPL (the condition was added in version 6.7.2):
To use the policy object, add a rule to the SSL Intercept Layer and select Set Client Certificate Validation CCL from the Action column.
SSL Intercept and DNS Layers Supported in Tenant Policy SSL Intercept and DNS transactions now evaluate tenant determination policy in the landlord policy file. This allows <ssl-intercept> and <dns> layers to be defined and executed in tenant-specific policy. Previously, these layers were supported in the default tenant policy only.
ICAP Server Selection When an appliance network interface is configured to use multiple IP addresses, the outbound connections from proxy to ICAP server now use the servers in a round-robin manner. This selection process helps prevent port saturation under heavy load, especially when the connection is not persistent.
Data Leak Exception Page Users now see a data leak exception page when HTTP/HTTPS POST requests are sent to Symantec DLP and a policy violation occurs.
HTTP Log Shows Reasons for Non-Cacheable Transaction The HTTP log now indicates the reason(s) that a transaction is not cacheable. The information is logged as follows: "Server response made transaction Non-Cacheable:reason(s)=<set of reasons>"
OpenLDAP Upgrade This release supports OpenLDAP version 2.4.44.
The following documentation was updated for this release:
Advanced Secure Gateway online help (Content Analysis and Proxy)