SurfControl Web Filter
5.5 SP2 Readme (5.5.2.131)
July 2007
· Welcome · Features ·
Features |
You are about to
install SurfControl Web Filter 5.5 SP2, which contains the new features and
fixes listed below. This service pack also contains all the features and fixes
that were included in Web Filter 5.5 SP1. It is important to note that
SurfControl Web Filter 5.5 SP1 is no longer available as a separate download
from the SurfControl Website.
Warning: SurfControl strongly advises against applying
any previously released Web Filter hotfixes after you
have installed this Service Pack.
Information
for Web Filter 5.5 SP1 customers
If you have
already installed Web Filter 5.5 SP1, please read the following information:
·
You
can still install 5.5 SP2 even though the service packs have been conjoined.
·
If
you have already applied Hotfix 3 to repair SRC
reports affected by the ‘Delete Users’ feature, it does not need to be
re-applied after installing 5.5 SP2.
Release date:
July 2007
Features and
fixes included with 5.5 SP2 are detailed below.
Remote
Administration supported on Windows Vista
The Remote Administration Client is now fully supported on Windows
Vista. This gives you the ability to remotely administer your Web Filter
server(s) from any networked computer installed with Microsoft’s latest client
operating system.
EUM
configuration
Making changes to your Enterprise User Monitoring (EUM) setup on the
network has been streamlined, so that you can now specify additional domain
controllers and ignored users, without the need to restart the domain
controller.
EUM Login Agent improvement
The EUM Login Agent has been improved to retrieve client IP
Addresses directly, instead of via a DNS/WINS server. This ensures that
monitored client data can be relied on with authority, because Web Filter does
not need to trust an independent source of information.
Improved
categorization
5.5 SP2 offers wildcarded categorizations,
which allows the categorization of URL pages at the domain level when the URL
page is not present in the Internet Threat Database. Customer benefits from
this new categorization method are, an Internet Threat Database of a smaller
size and increased coverage.
Delete Users Hotfix 3
The ability to delete monitored users has been added as a task to Web Filter Manager. If you have SurfControl Report Central version 2.5 or later installed on your Web Filter server, any existing Web reports will be automatically corrected to ignore data which belongs to deleted users. If you have exclusively installed this version of SurfControl Report Central on other servers, you must copy the registry file to each server and run it locally. The registry file and instructions can be found in the folder; C:\Program Files\SurfControl\Web Filter\SRC, after you have applied 5.5 SP2 to your Web Filter Server.
Note: If you have already applied Hotfix 3 as a stand-alone hotfix , or after installing Web Filter 5.5 SP1, it does not need to be re-applied after installing 5.5 SP2.
VMware
support
5.5 SP2 will enable you to use Web Filter for Windows 5.5 on VMware Server and VMware ESX
server, which gives you the advantage of being able to incorporate Web Filter
into your virtualized environments.
NIC Teaming
Web Filter for Windows 5.5 SP2 supports NIC teaming, which is the process of grouping together two or more physical network cards into one virtual network card. This helps to improve fault tolerance, and balance the load of network traffic on the Web Filter server.
Improved
driver performance
To improve the performance of Web Filter for Windows, you can use the
new ‘Ignored Ports’ tab to specify ports that you want the driver to ignore.
This will result in network traffic using those ports, not being passed to the
Web Filter service.
Filter Skype
Web Filter for Windows 5.5 already provides the ability to filter a
range of IM and P2P applications by signature. 5.5 SP2 enables you to
additionally monitor and filter the ‘Skype’ telephony
P2P application, either by port or signature.
Filter
Google Web Accelerator
The Web
accelerator application ‘Google Web Accelerator’ (GWA) has been added to the
existing range of protocols which can be filtered by port and signature. This
enables you to monitor and filter any attempts by the GWA client to speed up
page load times, and perform data caching on Google's servers.
Protocol
Signature Filtering
The ability to scan certain Instant Messenger, P2P and Web accelerator
protocols has been added as a new feature in Web Filter for ISA 5.5 SP2. The
new ‘Protocol Signatures’ tab allows you to enable signature scanning to detect
a range of port-agile applications, which would otherwise be able to tunnel
through your firewall, and establish connections with devices outside your
corporate network.
Note: Web
Filter for ISA 5.5 SP2 does not include signature scanning capabilities for the
Skype protocol.
Mobile Filter Client supported on Windows
Be secure in the
knowledge that you can now monitor and filter internet usage for your Windows
Vista mobile users. The latest Mobile Filter client setup can be installed on
Mobile Filter clients that use the Microsoft Windows Vista operating system.
For installation instructions, refer to the Mobile
Filter Starter Guide.
Microsoft Terminal Server support
Web Filter for
Citrix can be installed on Microsoft Terminal Server Edition (TSE). This gives
you the advantage of being able to use the functionality of Web Filter for
Citrix in your Terminal Services environment.
|
Issue Number |
Description |
|
7854 |
‘Only monitor
traffic to or from these subnets’ monitors
unspecified subnets. |
|
11987 |
Hex and
octal addresses are not blocked when Domain or Hostname rules are set up. |
|
12098 |
The
‘Create SurfControl Web Filter Database Wizard’ accepts invalid characters for
the database name. |
|
13727 |
The VCA
categorization downloads unnecessary images from the site. |
|
20175 |
Using the
search property to apply mobile users to a rule changes the Who object user
name. |
|
20715 |
AD Object
Browser unable to enumerate users in trusted domains. |
|
21941 |
ISA
allows the first internet request that SWF has been configured to block. |
|
21942 |
Enumeration
of Active Directory objects can miss some results. |
|
23645 |
Exiting a
Remote Desktop connection hangs as it tries to stop the EUM Login Agent
(sceumloginagent.exe). |
|
23924 |
The Web
Filter Service has to be stopped to be able to compact the database. |
|
24762 |
Importing
rules fails for database names which contain hyphens or underscores, or that
are longer than 30 characters. |
|
25198 |
PcAnywhere host service stops after attempting to connect to a Mobile Filter
client machine. |
|
25393 |
Deny pages
which are less than 256 characters are not displayed. |
|
25453 |
Unable to
change Mobile Filter database connection details if using standard Web
Filter. |
|
25457 |
Blocking
does not work for URLs containing a second HTTP link within the URL. |
|
25459 |
Rules
with empty Active Directory groups are enumerated more than once. |
|
25652 |
Licence
count information not shown in the Web Filter Manager. |
|
25685 |
Rule
email notification times are only correct if your time zone is GMT. |
|
25712 |
Image
search blocking can cause an excessive amount of email notifications. |
|
25732 |
Sites are
not blocked when using the IP address and page level. |
|
25980 |
Inconsistent
blocking when a rule is based on category name. |
|
26216 |
Upgrade
from version 5.0 to version 5.5 overpopulates the manual categories table. |
|
26356 |
Google
language tools page does not load when ‘Block until categorized’ is enabled. |
|
26454 |
Unable to
open Monitor Settings due to NULL values in the Protocols table. |
|
26591 |
User
details appear in Unmonitored Users list in the Privacy edition of Web
Filter. |
|
26800 |
Setting a
category, followed by making changes to rules before committing changes, does
not save the rule change. |
|
26968 |
Allowance
rules can be bypassed from local intranet page in Web Filter for ISA v5.5. |
|
27131 |
NULL
values created when monitoring all protocols in Web Filter for ISA v5.5. |
|
27137 |
The Web
Filter Service ‘Startup’ value is modified from
Automatic to Manual after running a repair. |
|
27146 |
Proxy
Access Control Events fill up application logs. |
|
27332 |
|
|
27377 |
Any
values (URLs) added to the Whitelist registry key
will be deleted after applying 5.5 SP1. |
|
27413 |
Rare
service crash due to thread count. |
|
27488 |
Database
upgrade to version 5.5 using ‘dbmodify’ causes
errors in non-English SQL. |
|
27654 |
Secure
Connections do not always get ignored by Content Scanning. |
|
27664 |
The
categorization method is not always defined for non-http connections. |
|
27675 |
Memory
Leak in Web Filter for Windows v5.5. |
|
27746 |
Categorizing
all uncategorized sites causes Web Filter to stop blocking until rules are
committed. |
|
28141 |
Unable to
delete user names which contain an apostrophe from ‘Unmonitored Users’. |
|
28412 |
Service
fails to start correctly and logs error 'Cannot find session with the trie'. |
|
28435 |
Malformed
Google Image cache URL causes service to crash. |
|
Issue Number |
Description |
|
27881 |
The Mobile Filter.msi file will
not install the client on Windows Vista when launched manually, but it can be
used to deploy the client via GPO on this operating system. To manually
install the Mobile Filter client on computers running Windows Vista, use the
setup.exe. |
|
28362 |
As part of this
Service Pack release, certain Web Filter applications have been moved from
the ‘Tools’ folder to the Web Filter installation folder. If you have
previously configured command line scheduled events which run these
applications (sccommit.exe, treatquarantined.exe), you will need to change
the full path to the application’s new location. To change the path, perform
the following steps: 1. Open the Scheduler, either from the Start
> Programs > SurfControl Web Filter menu, or from the Maintenance tab
in the Web Filter Manager. 2. Highlight the Command Line event in the
list, and click Configure. 3. In the Command Line window, click Configure. 4. Click Browse
and navigate to the following path: C:\Program Files\SurfControl\Web Filter. 5. Select the required application
(sccommit.exe or treatquarantined.exe) and click Save. |
Release date:
March 2007
Version:
5.5.1.32
Features and
fixes included with 5.5 SP1 are detailed below.
Delete Users
The ability to delete monitored users has been added as a task to Web Filter Manager. This feature enables you to delete users and information that you do not wish to see in the Users tab. This helps to remove irrelevant information, which can clutter up the monitored data area, and prevent unwanted user data from taking up license counts.
EUM Logon Agent for NetWare
The EUM Login Agent can now be deployed in a NetWare environment. This provides another means of obtaining NetWare user names, without the need to install NetWareEUM on your Directory Server(s). See the Installation Guide for further instruction on how to install and configure this feature.
EUM supported on 64 bit Windows Servers
Now you can install Enterprise User Monitoring (EUM) on 64 bit Windows 2000 and 2003 Servers. The EUM installation wizard automatically determines the architecture of your Domain Controller(s) for a seamless install or upgrade.
AVA Upgrade
The Anti-Virus Agent will be upgraded to use the latest version of the McAfee engine (5100). Support will end for the current McAfee 5000 engine by the end of March 2007.
AVA White List
It is now possible to add URLs to a white list. This allows you to prevent certain URLs from being scanned by the Anti Virus engine. This information is stored in the Windows Registry and requires the URLs to be entered manually. To add URLs to the white list:
1. Stop the Web Filter service.
2. Stop the Microsoft ISA firewall service.
3. Start Regedit.
4. Navigate to [HKEY_LOCAL_MACHINE\SOFTWARE\JSB\SurfControl Scout\Content\AVA]
5. Right-click the ‘WhiteList Sites’ key, and click Modify.
6. Enter the required URLs into the Value data field.
7. Click OK.
8. Start the Microsoft ISA firewall service.
9. Start the Web Filter service.
Entries in the white list inherit sub-domains automatically. For example, if the connections you want to ignore are for ‘windowsupdate.com’ (regardless of sub-domain), then the entry should be added as ‘windowsupdate.com’. To prevent connections to ‘www.windowsupdate.com’ from being scanned, then the entry should be added as ‘www.windowsupdate.com’, however this will only ignore connections to ‘www.windowsupdate.com’ and not ‘downloads.windowsupdate.com’.
|
Issue Number |
Description |
|
26472 |
EUM is not supported on 64 bit architecture. |
|
26474 |
Three forward slashes in the URL can allow blocking bypass. |
|
26475 |
Unable to connect remotely to Rules Administrator and Client Administrator when using SQL 2005 Express. |
|
26477 |
The Categorization Method is not defined for non-http traffic. |
|
26480 |
Update the About box in the notification area to show Service Pack version number. |
|
26481 |
Unable to delete users. |
|
26483 |
Privacy edition password details are not remembered after upgrade. |
|
26484 |
Blocking issue for URLs containing second HTTP link within the URL. |
|
26485 |
Notification e-mail not sent for Override rule. |
|
26486 |
Error sending reconstructed header to client. |
|
26488 |
Intermittent blocking for disallowed Web and allowed Image content. |
|
26489 |
License Count Information is not displayed. |
|
26490 |
‘Block until categorized’ stops on refresh page. |
|
26491 |
The ISA Firewall service stops. |
|
26492 |
Web Filter service starts but does not perform any monitoring. |
|
26493 |
Site access is not blocked when using the IP address and page level. |
|
26494 |
Image search blocking can cause an excessive number of email notifications. |
|
26495 |
Rule e-mail notification times are only correct if your time zone is GMT. |
|
26498 |
Version 5.5 is unable to change Mobile Filter database connection details if using standard web filter. |
|
26858 |
Subscription expiration prevents Manual Categorization from working. |
For more information, please refer to the SurfControl Knowledge Base. Contact SurfControl
Technical Support via telephone or e-mail for further assistance.