• No results found

Update 1 Release Notes

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Update 1 Release Notes"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

About this

document This document describes the features of Global Command Center Release 3.2 Update 1 and its installation procedure.

Contents...

About this update... 2

New features ... 3

Known issues ... 5

Downloading and installing this update ... 6

Version 3.2

Global Command Center

(2)

About this update

About this

update

This Software Update was developed primarily to support the new features of TSP firewall version 6.4.1. Prior to this update, an apply from Global Command Center to a TSP 6.4.1 firewall would have been unsuccessful. After installing this update, an end user will be able to configure some of these new TSP 6.4.1 features from the Global Command Center GUI. For features for which Global Command Center does not provide configuration management support, an end user will configure them via the firewall GUI. Global Command Center will, however, preserve the firewall’s setting for these features on an apply. See “New features” on page 3 for details.

There are a few instances of configuration parameters in TSP 6.4.1 that Global Command Center neither configures nor preserves. See “Known issues” on page 5 for details.

This Software Update enhances Release 3.2 to provide the following benefits: Client Suite GUI Enhancements

The Name Server Statistics report can now be viewed from the Global Command Center.

The Classic Firewall’s Audit Archive FTP Password is now being managed by Global Command Center.

The VPN Certificate constraints allow the @ symbol to be used, allowing E-mail addresses to be used as a constraint.

Rules in a rule group are now ordered correctly if a user performs a “Move to Top” or “Move to Bottom” on rules in the group.

Management Server

The mask length is now computed correctly when converting a range endpoint to a subnet endpoint.

Retrieval of an authentication rule specifying a “Deny Authenticator” from a TSP firewall is now handled correctly.

(3)

New features

New features

Global Command Center Release 3.2 Update 1 provides configuration and

management of the following TSP 6.4.1 enhancements. VPN Enhancements

Configuration and management of the following 6.4.1 VPN enhancements are supported:

– Multiple Diffie-Hellman groups – Multiple cryptographic algorithms – Multiple authentication algorithms

Improved VPN IPSec SA reports can be viewed from Global Command Center. The reports now include:

– Number of bytes that came into and out of the firewall using the SA – Number of packets that came into and out of the firewall using the SA – Number of rekeys that the SA has used

– Number of active flows corresponding to the SA

An improved VPN Statistics report can be viewed from Global Command Center. The report now includes:

– Number of rekeys

– Number of currently active flows – Number of currently active engine rules – Number of currently active negotiations

– Reporting of packets causing triggers as triggered packets.

– Dropped packets are further categorized under "Invalid IP options," "Resource Problem," "No Route," "Drop Rule," "Internal Error," "Reassembly," "Hardware Accelerator," and "No Rule."

Merged/Preserved TSP 6.4.1 Features

Global Command Center Release 3.2 Update 1 will now preserve the configuration parameters for the new TSP 6.4.1 features. These features can be configured only via the TSP 6.4.1 firewall GUI. This update will, however, preserve the configuration of these features after an apply is done from Global Command Center to the firewall.

(4)

New features

Simple Network Management Protocol (SNMP) Enhancements

In the TSP 6.4.1 GUI, support was added to configure SNMP via the GUI. Global Command Center Release 3.2 Update 1 will not support configura-tion of SNMP via its Client Suite GUI; however, it will not overwrite the local SNMP configuration of the firewall on an apply.

Scheduled Configuration Backup and Software Updates

Global Command Center will preserve the firewall’s setting for schedule configuration backup and schedule software updates on an apply.

FTP Proxy Enhancements

In TSP 6.4.1, support was added to ban upload and download of some files. Global Command Center 3.2 Update 1 will preserve the local firewall’s setting for this feature on an apply.

Auto-Update of Global Command Center Packages on the Firewall

This update extends the upgrade procedure of the Global Command Center firewall packages to make it seamless for the end user. The Auto Update feature ensures that Global Command Center packages on the firewall are in sync with the upgraded Global Command Center Server version. If an incompatibility is detected and it is found that the Management Server is on a higher version than that of the firewall package, the firewall package is automatically upgraded.

(5)

Known issues

Known issues

Unsupported TSP 6.4.1 Features

The following TSP 6.4.1 configurations are neither supported (saved) nor preserved when applying from the Global Command Center 3.2 Update1 Client Suite GUI:

VPN Tunnels: Do Not Initiate

VPN Tunnels: Enable Anti-Replay

VPN Tunnels: Send Certificate Chain

(6)

Downloading and installing this update

Downloading

and installing

this update

This Software Update should be installed only on Global Command Center Release 3.2. The update is located at

http://www.securecomputing.com/goto/updates Management Server

Download the Software Update to an FTP server within your organization that the Global Command Center 3.2 Management Server can access.

Use the following commands to FTP the Software Update to your Management Server.

Description Command

Log in to your Management Server. <login name> Enter your password. <password> Change to the Security Officer user. su sso

Log in using your sso login name. <login name> Enter your sso password. <password> Enable root user if not already enabled

(where <password> is plain text of at least seven alphanumeric characters).

/usr/sbin/cg_usermod -s /bin/sh -p <password> root

Change to root user. su root

Enter your root password. <password>

Go to root directory. cd /

Make a new directory named temp. mkdir temp

Go to the new directory. cd temp

FTP to your FTP server. ftp <server> Log in to your FTP server. <login name> Enter your password. <password>

Request binary mode. bin

Get the Software Update. get psu001320s

Exit FTP. bye

(7)

Downloading and installing this update

This will boot the Management Server to munix and install the needed files. Client Suite

Remove the previous version of the Global Command Center Client Suite as follows:

1 Open Add/Remove Programs in the Control Panel.

2 Select CyberGuard - Global Command Center Client, and click Remove. 3 Go to the C:\Program\CyberGuard Corporation directory, and remove

the Global Command Center folder.

(8)

SECURE COMPUTING CORPORATION Technical Support Information

References

Download now ( PDF - 8 Page - 243.33 KB )

Related documents

Basic Router Configuration

To configure the RIP routing protocol on the router, follow these steps, beginning in global configuration mode: SUMMARY STEPS 1. end DETAILED STEPS

Under Pressure Strategies for Sodium Reduction in the School Environment

The IOM’s School Meals: Building Blocks for Healthy Children report recommends that by 2020, schools should strive to reduce sodium to 1,240 mg per day in breakfast and lunch

Maritime Empty Container Repositioning with Inventory-based Control

In this section, we develop a search algorithm based on COMPASS to optimize the parameters of the two-level threshold policy in liner shipping system with multiple

CBS Service Configuration Mode Commands

Command Modes Exec &gt; Global Configuration &gt; Context Configuration &gt; Cell Broadcasting Service Configuration configure &gt; context context_name cbs-service

Cisco Router Configuration Tutorial

Step 2: Enter the configure terminal command to enter global configuration mode.

BGP Address-Family (VRF) Configuration Mode Commands

Command Modes Exec &gt; Global Configuration &gt; Context Configuration &gt; BGP Configuration &gt; BGP Address-Family Configuration.. configure &gt; context context_name &gt;

Applicazioni Telematiche

Enter in global configuration mode with the command &#34; configure terminal “. Enter in the specific mode interface with: (for example)

Using Cisco IOS Software

Enter interface configuration mode by specifying the serial interface that you want to configure using the interface serial global configuration command..