Der Sicherheitsspezialist, Sophos, hat seine Unified Threat Management (UTM) in Version 9.6 veröffentlicht. Das Update 9.6 führt über 50 Bugfixes durch und bringt 8 neue Features. Zu den wesentlichen Änderungen gehören:
- Integration von Lets Encrypt
- Anpassung der WAF an eigene Corporate Identity
- erweiterte Reports vom Sophos Sandstorm
- RED Firmware Verbesserung für 3G / 4G
- Verbesserungen im SMTP Proxy
- neue erweiterte Thread Protection Library mit besserer Performance
Nach dem Update funktionieren die alten Warn HTML Templates im HTTP Proxy nicht mehr und müssen neu heruntergeladen werden: http://www.astaro.com/lists/Web_Templates.zip
Sophos UTM 9.6 Release Notes
Features Release
- ATP: New Advanced Threat Protection Library with better performance and protection
- Certificates: Let’s Encrypt Integration
- RED: Unified RED Firmware with better 3G/4G Support
- Sandstorm: Manual File Submission
- Sandstorm: Persistent Reports
- SMTP Proxy: Submission Port Support
- SMTP Proxy: Configurable Listen Address
- WAF: Error Page Customization
Remarks
- System will be rebooted
- Configuration will be upgraded
- Connected REDs will perform firmware upgrade
- Connected Wifi APs will perform firmware upgrade
Bugfixes
- NUTM-10128 [Access & Identity] MDW waits hours for lock on shared cache with AUA
- NUTM-10130 [Access & Identity] Unable to connect RDP type bookmark with NLA
- NUTM-7418 [Access & Identity] SAA – Rename Client Auth CA
- NUTM-9368 [Access & Identity] SSL VPN: optional user auth not working
- NUTM-9525 [Access & Identity] Disk filling up with argos error messages in endpoint.log
- NUTM-9843 [Access & Identity] HTML5 VPN portal connections periodically stop working until service is restarted
- NUTM-10080 [Basesystem] Update to latest Avira SAVAPI version
- NUTM-10366 [Basesystem] Missing IP address in IPset of user network for STAS
- NUTM-9783 [Basesystem] IPsec routing issue if gateway interface has additional addresses
- NUTM-9810 [Basesystem] IPset Object takes 30 seconds to update after SSL VPN connection was established
- NUTM-9860 [Basesystem] Selfmon trying to start DHCP even when not in use
- NUTM-10226 [Email] Can’t release POP3 messages due to URL in User Portal
- NUTM-9681 [Email] cssd coredumps and root partition is filling up
- NUTM-9716 [Email] S/MIME encryption – automatic certificate extraction causing high load / no webadmin access
- NUTM-9733 [Email] Change default encryption algorithm to ’smime‘
- NUTM-9853 [Email] Fix policy traversal (for gpg, smime, unscanable)
- NUTM-9882 [Email] Umlauts in mail addresses get corrupted if SPX encryption is used
- NUTM-10181 [Network] Remove DNSdynamic from available dynamic DNS providers
- NUTM-10307 [Network] ATP exception still working after deletion
- NUTM-10337 [Network] High CPU load by AFCd when hotspot is enabled
- NUTM-10414 [Network] Segfault in oculusd
- NUTM-2791 [Network] Fix detection of sub applications in Application Control
- NUTM-4767 [Network] SSH for single host skipping AFC check
- NUTM-9462 [Network] Update to BIND 9.11 ESV
- NUTM-10197 [RED] All REDs disconnect intermittently
- NUTM-10227 [RED] Offline provisioning does not work
- NUTM-10303 [RED] Unified FW: split networks does not work
- NUTM-10384 [RED] Update hostapd for Unified-FW
- NUTM-9026 [RED] TP-LINK MA260 dongle on RED doesn’t work anymore after update to v9.5
- NUTM-9795 [RED] RED50 issue with large packets in Transparent/Split mode
- NUTM-10060 [Reporting] ATP alerts / events not deleted after three days
- NUTM-10201 [Reporting] Unable to download S/MIME internal user certificate
- NUTM-10352 [Sandstorm] Sandstorm Activity Report table and graph do not show same data
- NUTM-10367 [Sandstorm] Sandstorm Activity Graph does not include email cached results
- NUTM-2644 [UI Framework] Webadmin prefetching list box not displaying any users, if one user contains a single tick
- NUTM-10066 [WAF] Existing certificate chain overrides after new certificate chain has been added
- NUTM-10185 [WAF] Using printenv SSI directive in custom theme causes segfault
- NUTM-10315 [WAF] Let’s Encrypt can’t be enabled after upgrade from 9.5 (/etc/ssl/certs not accessible)
- NUTM-10316 [WAF] Let’s Encrypt certificates allow wildcards in domain name list
- NUTM-10332 [WAF] Let’s Encrypt not working over IPv6
- NUTM-9809 [WAF] Potential memory allocation failure for „Rewrite HTML“ + location with special characters
- NUTM-10188 [WebAdmin] [OTP] QR code not visible for the first user login
- NUTM-10214 [WebAdmin] Breach Vulnerability in WebAdmin (CVE-2013-3587)
- NUTM-6945 [WebAdmin] Popup too small for secret when deleting SHA512 OTP token
- NUTM-7381 [WebAdmin] Login to UserPortal only works at second try when using RADIUS authentication
- NUTM-9424 [WebAdmin] Webadmin session interrupted with pop-up „Backend connection failed“
- NUTM-10200 [Web] Segfault in libc-2.11.3.so
- NUTM-10284 [Web] HTTP Proxy crash with coredumps
- NUTM-9676 [Web] HTTP Proxy out-of-memory segfault / HTTP Proxy stops working with „Avira engine not available“
- NUTM-9854 [Web] Warning page bypass using crafted URLs
- NUTM-9873 [Web] File blocked due to MIME type detection even if there is an exception
- NUTM-9956 [Web] HTTP Proxy coredumps in geoip scanner
- NUTM-10365 [Wireless] RED15w: SSID isn’t broadcasted when „Enterprise Authentication“ is in use
Quelle: https://news.sophos.com/en-us/2018/11/26/sophos-utm-9-6-is-now-available/
Interessiert in verschiedenste IT Themen, schreibe ich in diesem Blog über Software, Hardware, Smart Home, Games und vieles mehr. Ich berichte z.B. über die Installation und Konfiguration von Software als auch von Problemen mit dieser. News sind ebenso spannend, sodass ich auch über Updates, Releases und Neuigkeiten aus der IT berichte. Letztendlich nutze ich Taste-of-IT als eigene Dokumentation und Anlaufstelle bei wiederkehrenden Themen. Ich hoffe ich kann dich ebenso informieren und bei Problemen eine schnelle Lösung anbieten. Wer meinen Aufwand unterstützen möchte, kann gerne eine Tasse oder Pod Kaffe per PayPal spenden – vielen Dank.