Blue Coat ProxyClient Release Notes

Version: 3.4.4.6

Release Date: 8/16/2013

Document Revision: 3.4.4.6.1 on 8/15/2013

Release Notes Contents

This Blue Coat ProxyClient Release Notes document contains the following sections:

Section A: "READ ME FIRST" on page 2 Section B: "Windows" on page 6

Section C: "Mac OS X" on page 21

Section D: "Release Information" on page 28

Section E: "Support" on page 34

Section A: READ ME FIRST Introduction

ProxyClient Version 3.4.x is a release of the Blue Coat

ProxyClient software that adds functionality discussed in "Contents of These Release Notes" on page 3 and resolves defects discussed in Section D: "Release Information" on page 28.

Before starting the SGOS or ProxyClient upgrade process, please review these notes.

Support

For general information about Blue Coat: [email protected].

Direct support questions regarding this release to Blue Coat Support. For more information, visit: http://www.bluecoat.com/support/contactsupport

Blue Coat Knowledge Base

Blue Coat has a Knowledge Base, which contains information about this product that might not be available in the documentation or Release Notes. The Knowledge Base contains information in the following categories:

Solutions FAQs

Alerts—including security alerts Technical field information

Blue Coat recommends you regularly search the Knowledge Base for late-breaking information that might not be available in product documentation or Release Notes.

To view articles in the Knowledge Base:

1. Enter the following URL in your browser’s address or location field:

https://kb.bluecoat.com 2. Do any of the following:

• To get an answer to a specific question, enter the question in the

field, and click

.

• To view a specific set of articles, click a selection in the horizontal navigation bar (

,

, and so on).

All of the sections enable you to browse by product, operating system, type of deployment, or topic.

3. Follow the prompts on your screen to locate the desired information.

Contents of These Release Notes

These ProxyClient Release Notes discuss feature descriptions, fixes, known issues, and compatibility notes. These Release Notes are organized as follows:

"What’s New in These Releases" on page 3

"Windows" on page 6

• "ProxyClient System Requirements" on page 6

• "Support for Other Products" on page 8

• "Recommended Implementation Information" on page 12

• "Upgrade and Downgrade Information" on page 13

"Mac OS X" on page 21

• "ProxyClient System Requirements" on page 21

• "Support for Other Products" on page 21

• "Recommended Implementation Information" on page 22

• "Upgrade and Downgrade Information" on page 22

"Release Information" on page 28

• "ProxyClient Version 3.4.4.6" on page 28

• "ProxyClient Version 3.4.4.4" on page 28

• "ProxyClient Version 3.4.4.2" on page 30

• "ProxyClient Version 3.4.4.1" on page 30

• "ProxyClient Version 3.4.3.2" on page 30

What’s New in These Releases

The ProxyClient 3.4.3.1 release introduced support for running ProxyClient on Mac computers. The following sections describe the differences between ProxyClient on Windows and Mac.

Install and Uninstall the Mac Client

ProxyClientSetup.bsx can be downloaded from the below URL

https://CM-IP:8084/proxyclient/ProxyClientSetup.bsx

Users with root or sudo privileges can install the Mac client with this

ProxyClientSetup.bsx file. Similar to the ProxyClientSetup.msi, the user can use this file with switches [the Client Manager URL is optional]. For example:

chmod +x ProxyClientSetup.bsx

sudo ./ProxyClientSetup.bsx BCSI_UPDATEURL=https://CM-IPADDRESS:8084

Note: Some browsers append

to the file name on downloading and some browsers append additional

on downloading from the CM. Please rename the file to

and add execute permission to the file.

Uninstall the Mac client with the

executable created during installation. For example:

sudo /Applications/Blue\ Coat/Proxyclient/UninstallProxyClient

Stopping services and uninstallation can only be done by users that have root or sudo privileges.

If there is a software update, users with root or sudo privileges can update using

“Check For Updates” in the Web interface or by reinstalling ProxyClient using ProxyClientSetup.bsx on a computer that already has the Mac client installed.

Appearance

The tabs within the ProxyClient Web interface are slightly different on the Mac client:

•

tab: Shows only the Web filtering statistics.

•

tab: Even if acceleration is enabled in the Client Manager, the Network tab is not displayed as acceleration is not supported in this release.

•

tab: Displays the software details, Client Manager, and log information.

The Tray icon changes to a yellow exclamation icon for warnings and a red X icon for errors, but the number of cases that trigger the icons are limited to those related to Web filtering and services, but will not change status for acceleration related items.

When interacting with the tray icon, do not double-click. Clicking once on the icon and chose one of the following menu items:

•

: Displays the Web interface.

•

: Displays the ProxyClient log file.

•

: Displays the Help page.

ProxyClient on the Mac relies on Growl to display pop-up messages for critical events such as “Service unavailable”. If Growl is not installed, no messages are displayed.

Growl can be downloaded here:

.

Web Filtering

HTTPS traffic is filtered only if the default port, 443, is used. For example, if a user visits the following Web site, the request will not be filtered:

https://www.example.com:444

If HTTPS traffic is set to "warn" or "block" the "warn/block" page is displayed in a separate browser window instead of the same window where the user started browsing.

If Growl is installed, HTTPS warn/ block messages are displayed as a Growl

notification instead of a new browser window.

File Locations and Processes

Default software location:

/opt/.bluecoatsystems/proxyclient/

Cache directory location:

/Library/Caches/Blue Coat ProxyClient

Support folder location:

/Library/Application Support/Blue Coat Systems/proxyclient

plist files for ProxyClient configuration:

com.bluecoat.proxyclient.plist

com.bluecoat.proxyclient.config.plist

com.bluecoat.proxyclient.datacollector.plist com.bluecoat.proxyclient.internal.plist

@ /Library/Preferences/

ProxyClient service name:

ProxyClientSvc

Tray icon process name:

ProxyClientUI

Tray icon installation location:

/Applications/Blue Coat/Proxyclient

Data Collector location / name:

/Applications/Blue Coat/Proxyclient/ProxyClientDC

WatchDog process location /name:

/opt/.bluecoatsystems/proxyclient/bin

/

Features Not Available in this Release

The following features are not available on the Mac client:

Uninstalling through Add/Remove programs.

Install ProxyClient in invisible mode.

Accelerating CIFS transfers.

Byte caching and compression through the ADN tunnel.

Section B: Windows

ProxyClient System Requirements

The following table summarizes ProxyClient system requirements::

Web Browser Support

The following information applies to ProxyClient compatibility with Web browsers:

"Web Browsers for ProxyClient Software Downloads" on page 7

"Web Browsers and Web Filtering" on page 7

Windows XP Windows Vista Windows 7

Version Windows XP Service Packs 2 and 3, all versions are supported (including Home, Media Center, and Professional)

All Vista versions are supported (including SP1) except Starter Edition.

All Windows 7 versions are supported except Starter Edition.

32/64 bit 32 bit only. The 64 bit version of XP Professional is not supported

32 bit only. The 64 bit version of Vista is not supported.

32 bit and 64 bit versions

Browser See "Web Browser Support" on page 6 Minimum Recom-

mended

Minimum Recom-

mended

Minimum Recom-

mended

CPU 600Mhz

x86 processor

1Ghz x86 processor

1Ghz+ x86 processor

1.8+ Ghz x86 processor

1 Ghz+ x86/

x86_64 processor

1.8+ Ghz x86/

x86_64 processor

RAM 512MB 1GB+ 1GB 2GB+ 1GB 2GB+

Free disk

space 1.5GB 5GB+ 1.5GB 5GB+ 1.5GB 5GB+

Note: Blue Coat highly recommends users apply all the latest hot fixes available from Microsoft Windows Update.

Important: The ProxyClient should be installed on a New Technology File System (NTFS) partition only. Microsoft Windows XP enables users to install the operating system on a File Allocation Table (FAT), FAT32, or NTFS partition. Only NTFS should be used because NTFS security enhancements help prevent malicious users from disabling the ProxyClient service components.

In addition, only NTFS supports the Microsoft Encrypted File System (EFS), which is used to encrypt data in the cache. FAT partitions do not support EFS, meaning

documents in the CIFS cache can be accessed in the clear.

Web Browsers for ProxyClient Software Downloads

You can use any Web browser to download the ProxyClient to the user’s machine.

Web Browsers and Web Filtering

The following Web browsers are completely compatible with ProxyClient Web filtering, including HTTPS filtering:

Microsoft Internet Explorer version 6 and later, including version 9 Mozilla Firefox version 2 and later, including version 3.x

Some Web browsers have the following limitations:

HTTPS traffic is filtered only if the default port, 443, is used. For example, if a user visits the following Web site using the Opera Web browser, the request will not be filtered:

https://www.example.com:444

(B#98568)

The browser displays an error page instead of a block or warn page. (B#97729) If HTTPS traffic is set to "warn" or "block" the "warn/block" page is displayed in a separate browser window instead of the same window where the user started browsing.

SSLv2 Is Not Supported

The SSLv2 protocol cannot be used to communicate between the ProxyClient computer and the Client Manager. Set the client’s Web browser for either SSL 3.0 or TLS 1.0. For more information, see "No SSLv2 Support for Client Manager Communication" on page 7.

General Notes

This section discusses general topics that are not necessarily issues with the ProxyClient.

SG Client Is Not Compatible

ProxyClient is not compatible with SGOS before 6.1.

No SSLv2 Support for Client Manager Communication

The port the ProxyClient uses to communicate with the Client Manager (8084 by default) does not support SSLv2 traffic. If a ProxyClient computer’s default Web browser is set to support only SSLv2 traffic, the computer will not be able to communicate with the Client Manager. (B#108785)

To verify or change the Client Manager communication port, log in to the Client

Manager’s Management Console as an administrator and click

>

>

>

. The value in the

field is the Client Manager communication port.

The following procedures discuss how to verify these settings in Internet Explorer 8 and

Firefox 3.5. To verify the settings in another browser or in another browser version,

consult the documentation provided with the browser.

To verify the protocol setting in Internet Explorer 8:

1. Start Internet Explorer.

2. Click

>

>

. 3. In the Security group, do the following:

• Clear the

check box.

• Select either or both of the

and

check boxes.

4. Follow the prompts on your screen to save your changes.

To verify the protocol setting in Firefox 3.5:

1. Start Firefox.

2. Click

>

>

.

3. In the Protocols section, select either or both check boxes for

and

.

4. Follow the prompts on your screen to save the changes.

Support for Other Products

This section discusses the following topics:

"Blue Coat Director and Reporter" on page 8

"Third-Party VPN Products" on page 9

"Third-Party Desktop and Enterprise Anti-Virus and Firewall Software" on page 9

"Third-Party Firewall Products" on page 11

"Layered Service Providers (LSPs)" on page 11

Blue Coat Director and Reporter

This release is compatible only with SGME 5.x

Limitation: Director can be used to upload a new version of the ProxyClient software using an external URL only; to upload ProxyClient software from the local file system, you must log in to the Client Manager’s Management Console directly.

Blue Coat Reporter:

• Reporter version 8.x: Blue Coat Reporter versions 8.3.6 and later can be used to analyze Web filtering logs uploaded by ProxyClients.

A known issue in Blue Coat Reporter versions earlier than 8.3.6 prevents it from analyzing the Web filtering logs uploaded by ProxyClients. (B#102893, 104187)

• Reporter version 9.x: To analyze ProxyClient log data, you must use Reporter

9.1.2.x or later.

Third-Party VPN Products

The following table shows VPN software that was tested and is known to be compatible with the ProxyClient version 3.3 software. ProxyClient acceleration is provided with all of the VPN products listed in the table.

Third-Party Desktop and Enterprise Anti-Virus and Firewall Software

This section discusses enterprise and client anti-virus and firewall software that was tested and is known to be compatible with the ProxyClient version 3.3 software. ProxyClient acceleration is provided with all of the products listed in this section.

This section discusses the following topics:

"Compatibility with Enterprise Anti-Virus and Firewall Software" on page 10

"Compatibility with Third-Party Anti-Virus and Firewall Software" on page 10

Product Type of

encryption

VPN client version tested

Cisco 3600 IPsec • Windows XP: 4.6.02.0011,4.8.02.0010

• Windows Vista: 5.0 (Beta) Check Point NGX (R65) IPsec Windows XP only

VPN-1 SecureClient NGX (R60) HFA1

Juniper Networks 700 SSL Windows XP, Windows Vista

Network Connect 5.5R1 (build 11711) Juniper Networks SSG-5

• Hardware version: 710(0)

• Firmware version: 5.4.0r3a.0

IPsec Windows XP only

SafeNet SoftRemote 10.3.6 (Build 6), branded by Juniper as Netscreen-Remote version 8

F5 Firepass 1200 SSL • Windows XP: 5.5.2

• Windows XP and Windows Vista: 6.0.2

Note: The Blue Coat Remote Access (ProxyRA) client versions 2.2.4 and 2.3.1 were tested with the ProxyClient and found to be compatible; however, when ProxyRA is used, the ProxyClient does not provide acceleration.

Web filtering is affected as follows:

• Web filtering to unprotected resources are unaffected.

• Web filtering to protected resources might be bypassed by Web filtering because ProxyRA encrypts data to these destinations.

A protected resource is a Web site or network destination that is proxied by the

ProxyRA Connector.

Compatibility with Enterprise Anti-Virus and Firewall Software The following table discusses ProxyClient 3.3 compatibility with enterprise software:

Compatibility with Third-Party Anti-Virus and Firewall Software The following list discusses ProxyClient 3.3 compatibility with desktop software:

AVG:

• AVG Anti-Virus 8 and 8.5 (Windows XP, Windows Vista, Windows 7)

• AVG Internet Security 8 (Windows XP, Windows Vista, Windows 7) BullGuard Internet Security 2009

Computer Associates:

• Anti-Virus 2007, 2008 (Windows XP, Windows Vista, Windows 7)

• Internet Security Suite Anti-Virus 2008 (Windows XP, Windows Vista, Windows 7)

• Internet Security Suite 2008 (Windows XP, Windows Vista, Windows 7) ESET NOD32 Anti-Virus 3.0.650 (Windows XP, Windows Vista, Windows 7) Kaspersky:

• Anti-Virus 2009 (Windows XP, Windows Vista, Windows 7)

• Anti-Virus 7 (Windows XP, Windows Vista, Windows 7)

• Anti-Virus for Windows Workstation 6.0.3.837 (Windows XP, Windows Vista, Windows 7)

• Internet Security 7 (Windows XP, Windows Vista, Windows 7)

• Internet Security Firewall 7 (Windows XP, Windows Vista, Windows 7) McAfee:

• Internet Security Suite 2007 (Windows XP, Windows Vista, Windows 7)

• Internet Security Suite 8 (Windows XP, Windows Vista, Windows 7)

• Virus Scan Enterprise 8.5 (Windows XP, Windows Vista, Windows 7)

• Virus Scan Plus 2007 (Windows XP, Windows Vista, Windows 7)

• Virus Scan Plus 2008 (Windows XP, Windows Vista, Windows 7) Microsoft:

Vendor Product Client version Server version

McAfee Active VirusScan VirusScan Enterprise 8.5 ePolicy Orchestrator 4.0

Sophos Endpoint Security and

Control

7.5.0 with virus definition library 4.30E

3.1.0.2476

Symantec Symantec Antivirus

Corporate Edition

11.0 11.0

Symantec Antivirus Corporate Edition

10.1.5.5000 10.1

Trend Micro OfficeScan 8.0 8.0

• Windows Firewall (Windows XP, Windows Vista, Windows 7)

• Microsoft Defender (Windows XP, Windows Vista, Windows 7) Norton:

• Norton 360, version 2 (Windows XP, Windows Vista, Windows 7)

• Internet Security 2008 (Windows XP, Windows Vista, Windows 7)

• Anti-Virus 2008 (Windows XP, Windows Vista, Windows 7)

Symantec Anti-Virus Corporate Edition 10.2 (Windows XP, Windows Vista, Windows 7)

Trend Micro:

• Anti-Virus plus Anti-Spyware 2007, 2008 (Windows XP, Windows Vista, Windows 7)

• Internet Security Anti-Virus 2007, 2008 (Windows XP, Windows Vista, Windows 7)

• Internet Security Firewall 2007, 2008 (Windows XP, Windows Vista, Windows 7) Zone Alarm:

• Anti-Virus 7.1 (Windows XP, Windows Vista, Windows 7)

• Internet Pro 7.1 (Windows XP, Windows Vista, Windows 7)

Third-Party Firewall Products

The ProxyClient should work with all third-party firewall products without making any exceptions, provided you require clients to connect to the Client Manager using VPN. In some cases, especially if you choose to deploy ProxySGs outside your corporate firewall and you do not require VPN (a deployment that is not recommended), you might need to make the exceptions discussed in "Recommended Implementation Information" on page 12.

Consult the documentation provided with your firewall product for specific information.

Layered Service Providers (LSPs)

Because the ProxyClient relies on Microsoft’s advanced WinSock functions, any third- party software that installs using an LSP might interfere with these WinSock functions. In the event of connectivity issues, perform the tasks discussed in this section to determine whether or not the issues are related to LSP software.

To determine if you’re using LSP and to work around connectivity issues:

1. Use an LSP query or enumeration application to determine if you have third-party LSP applications installed.

By default, the ProxyClient bypasses the following LSP

s:

WARNING! Do not remove any LSP

s with the LSP application because doing so can cause unpredictable performance, including disrupting network communications.

Use the LSP application only to identify running LSP

s.

•

(used by ESET NOD32)

•

(used by the Cingular Bytemobile)

•

(used by Verizon)

•

(used by PureSight Parental Control and Computer Associates Internet Security Suite Plus 2008)

2. If you are running an LSP, you have the following options to work around the issue:

• Use the configuration or management tool provided by the LSP vendor tool to either disable the LSP or exclude the ProxyClient application

(

) from LSP intervention.

• If it’s not possible to disable LSP or exclude the ProxyClient application from LSP intervention, contact Blue Coat Support as discussed in Section E: "Support"

on page 34.

(B#81340)

Recommended Implementation Information

Because ProxySG appliances do not currently provide access control policy for

connections made to ADN concentrators, Blue Coat recommends that access to servers fronted by concentrators be limited to VPN-authenticated clients. If your VPN

concentrators or client firewall software require exceptions to be made for IP addresses or ports so ProxyClients can communicate with the ADN network, use the guidelines discussed in this section.

For ProxyClient users to be able to get software and configuration updates from the Client Manager and for network traffic to be accelerated, you might need to configure exceptions in client firewall software and configure your firewall to make the exceptions discussed in the following list:

Client Manager:

• Listen port (by default, 8084); set on the Client Manager in

>

ProxyClient

>

>

• Client Manager IP address Concentrators

• Plain tunnel port (by default, 3035); set in

>

>

>

Connection

• Concentrator IP addresses

ADN manager and backup manager (if any)

• Plain manager port (by default, 3034); set on the ADN manager and backup manager, if any, in

>

>

>

• ADN manager and backup manager IP addresses

Upgrade and Downgrade Information

This section discusses the following topics:

"ProxyClient Compatibility With SGOS" on page 13

"Upgrade/Downgrade Considerations" on page 15

"Upgrading the ProxyClient Software" on page 16

"ProxyClient Licensing" on page 20

ProxyClient Compatibility With SGOS

This section discusses the following topics:

"Recommended Upgrade Information" on page 13

"ProxyClient and SGOS Compatibility" on page 13

"Important Information about Web Filtering Support" on page 14

Recommended Upgrade Information

Before you deploy the ProxyClient, make sure the ADN manager, backup manager (if any), concentrators and the Client Manager isin your ADN network are running compatible versions of SGOS. In general, use the following guidelines:

Make sure the ADN manager, ADN backup manager (if any), concentrators, and Client Manager are running the most recent version of SGOS.

If you need to upgrade ProxySG appliances, do so in the following order:

a. ADN Manager and ADN backup manager, if any b. Concentrators

c. Client Manager

ProxyClient software on client computers

ProxyClient and SGOS Compatibility

This version of ProxyClient is compatible with Client Manager version 6.2 and later.

Note: You can configure the ADN network to use the same port for plain manager and plain tunnel and the same port for secure manager and secure tunnel. You set these options as follows:

Configuration

>

>

>

, Manager Ports section

Configuration

>

>

>

, Inbound section

The following table summarizes SGOS compatibility with the ProxyClient (version 3.1.x, 3.2.x, 3.3.x, and 3.4.x):

To use the ProxyClient version 3.2.x or later in your ADN network, Blue Coat strongly recommends your Client Manager and ADN Manager (and backup manager, if any) run SGOS version 5.5.x or later. In addition, Blue Coat recommends all concentrators that provide ADN tunnels for ProxyClients be upgraded to SGOS version 5.5.x or later.

SGOS 5.4.x or later ADN managers, backup managers, and concentrators enable you to use either open, managed ADN or closed ADN with the ProxyClient. Open ADN and closed ADN are backward compatible with SGOS versions 5.1.4 and later (in other words, SGOS versions that support secure ADN).

Important Information about Web Filtering Support

Because of recent changes made to Blue Coat WebFilter categories, not all combinations of Client Manager and ProxyClient are compatible. The following table discusses compatible and incompatible versions.

Issues result when all of the following are true:

A ProxyClient user requests a URL that matches a category that changed. (Ten new categories were added and five existing categories were renamed.)

For example, the Arts/Entertainment category is now split into the Arts/Culture and Entertainment categories.

6.1.x CM 6.1.x ADN Mgr 6.1.x Conc

5.3—5.5 CM 5.3—5.5 ADN Mgr 5.3—5.5 Conc

5.3—5.5 CM 5.3—5.5 ADN Mgr 5.2 Conc

5.3—5.5 CM 5.2 ADN Mgr 5.2 Conc

5.2 CM 5.2 ADN Mgr 5.2 Conc

5.2 CM 5.3—5.5 ADN Mgr 5.2 Conc

5.2 CM 5.3—5.5 ADN Mgr 5.3—5.5 Conc

ProxyClient version 3.1.x

Compatible Compatible Compatible Compatible Not compatible

Not compatible

Not compatible

ProxyClient

version 3.2.x

Compatible Compatible Compatible Compatible Not compatible

Not compatible

Not compatible

ProxyClient

version 3.3.x

Compatible Compatible Compatible Compatible Not compatible

Not compatible

Not compatible

ProxyClient

version 3.4.x

Compatible Not compatible

Not compatible

Not compatible

Not compatible

Not compatible

Not compatible

Note: SGOS 5.5.x and later does not support the SG Client 2.x.

SGOS 5.3.1.x SGOS 5.3.2.x SGOS 6.1 and later ProxyClient 3.1.2.x or

earlier

Possible issues Compatible Possible issues

ProxyClient 3.1.3.x or later, including 3.2.x and 3.4.x

Possible issues Not compatible

Compatible

You configured a policy action for one of the categories that changed.

When a client requests a URL that is categorized as Arts/Culture, for example, but you set a policy action for Arts/Entertainment, the URL is classified as Unknown and the policy action is applied (allow, block, or warn).

The resulting Unknown categorization has a policy action that is different from the policy action for the policy you configured.

To complete the example, suppose you blocked Arts/Entertainment but you allowed Unknown. In that case, the URL request is allowed when you intended for it to be blocked.

For more information, see one of the following Blue Coat Knowledge Base articles:

KB2966 KB1567

Upgrade/Downgrade Considerations

This section discusses the following information related to upgrading and downgrading the ProxyClient software:

"Upgrade Guidelines" on page 15

"Downgrade Consideration" on page 15

Upgrade Guidelines

Blue Coat recommends as a best practice you upgrade the Client Manager to SGOS 6.1 or later and upgrade ProxyClients to 3.4. Doing so guarantees the ProxyClients use all the latest features and improvements.

If you upgrade from one ProxyClient version to another ProxyClient version you should not have issues, regardless of the Client Manager version. However, ProxyClient features are limited to the features supported by the Client Manager.

For example, if your Client Manager runs SGOS 6.1 and you upgrade your ProxyClients to version 3.4, your ProxyClients will not have uninstallation protection, Web filtering improvements, and so on. However, the configuration is encrypted.

For a list of new features in this release, see "Contents of These Release Notes" on page 2.

Downgrade Consideration

ProxyClient can be downgraded from 3.4 to 3.3, however downgrades from ProxyClient 3.2 or later to 3.1 or earlier fail because a password is required to uninstall the ProxyClient software. In other words, the following methods cannot be used to downgrade the ProxyClient from 3.2 to 3.1 or earlier versions:

Note: Although it is possible to downgrade ProxyClient on a Windows Vista computer to a version that is not supported, this causes the ProxyClient service to stop working and therefore the next software update (this time going forward) cannot be loaded.

Workaround: Uninstall ProxyClient and reinstall it once a supported upgrade version is on the machine.

(B#83488)

Running the command line installer,

, to install an earlier version on a machine running version 3.2 or later.

Microsoft System Center Configuration Manager (SCCM)—previously referred to as Systems Management Server (SMS)—or Group Policy Object (GPO)

Automatic downgrades from the Client Manager

The only way to downgrade the ProxyClient software from 3.2 or later to 3.1 or earlier versions is to first uninstall the current version and then install the desired older version.

Upgrading the ProxyClient Software

You have the following options to upgrade the ProxyClient software on the Client Manager and on client computers:

Upload the ProxyClient software to the Client Manager and let clients get the software from the Client Manager as discussed in this section.

Upgrading the Client Manager to the most recent version of SGOS does not replace the ProxyClient software on the Client Manager.

Manually run

on client computers.

The other installer, named

, should be used only to download the ProxyClient software from the Client Manager. For more information about manually installing the software, see Chapter 9, Distributing the ProxyClient Software, in the ProxyClient Administration and Deployment Guide.

Automated updates using SCCM, SMS, or GPO.

For more information about this option, see Chapter 9, Distributing the ProxyClient Software, in the ProxyClient Administration and Deployment Guide.

To upgrade the software, see the following sections in the order shown:

1. "Getting the ProxyClient Software" on page 17 2. "Running the Windows.msi" on page 18

3. "Uploading the ProxyClient .car File to the Client Manager" on page 18

Note: If the ProxyClient software was installed on the client machine with the option to prohibit software updates, you must update the ProxyClient software on client computers using one of the following methods:

• Manually running

on client computers.

• Automatically using SCCM, SMS, or GPO.

Note: Automatic downgrades from the ProxyClient version 3.x to the SG Client version 2.x are not supported. In other words, do not upload the version 2.x SG Client .car file to the Client Manager and allow clients to download it automatically.

Instead, you must uninstall ProxyClient and then install the SG Client; the installation can

be from the Client Manager, from the command line, and so on. (B#105102)

Getting the ProxyClient Software

This section discusses how to get any of the following:

To get the ProxyClient software:

1. Go to the following URL:

http://support.bluecoat.com

2. Click the link to download the ProxyClient 3.4.x software.

3. At the prompts, enter your BlueTouch Online user name and password.

If you do not have a BlueTouch Online login, go to http://www.bluecoat.com/support/

supportservices/btorequest

4. Follow the prompts on your screen to download any of the following:

5. If you chose to download the

file, locate it in any of the following:

• On the local file system of the computer you run the Client Manager’s Management Console.

That is, to upload the ProxyClient software from the local file system or from a network share drive (as opposed to uploading it from a remote URL), you must copy the

to an accessible location.

File Description

.msi file

Install the ProxyClient software on client machines

Upload to the Client Manager.

Client computers receive the updated ProxyClient software at the next update interval, with the exception of any client computers for which updates are prohibited.

File Description

Windows.msi file

Manually install the ProxyClient software on client computers.

ProxyClient.car file

Upload the ProxyClient software to the Client Manager, which enables clients to upgrade to the latest version.

On the Download ProxyClient.car page, you also have the option to copy the link displayed on the page to download the

file to the Client Manager. To use this link, the Client Manager must be able to contact

. The link expires in 24 hours.

If you choose this option, skip the rest of this procedure after copying the link location.

Note: The

and

files can install the 32-bit or 64-bit

version of the ProxyClient software.

• On a web server the Client manager can access.

6. Continue with one of the following sections:

• To install the ProxyClient software manually, see "Running the Windows.msi" on page 18

• To allow clients to get the ProxyClient software from the Client Manager, see

"Uploading the ProxyClient .car File to the Client Manager" on page 18

Running the Windows.msi

The

should be used for manual installations. or installations distributed by SCCM, SMS, GPO, or a similar system. To distribute the ProxyClient software from the Client Manager instead, skip this section and see "Uploading the ProxyClient .car File to the Client Manager" on page 18.

To distribute the ProxyClient software from the Client Manager instead, skip this section and see "Uploading the ProxyClient .car File to the Client Manager" on page 18.

Detailed information about running

can be found in Chapter 6, Distributing the ProxyClient Software, in the ProxyClient Administration and Deployment Guide.

Uploading the ProxyClient .car File to the Client Manager

This section discusses how to upload the ProxyClient

file to the Client Manager, which makes the ProxyClient software available to client computers at the next update interval—with the exception of any client computers for which software updates are prohibited.

To install the ProxyClient software manually from the command line, or using SCCM, SMS, GPO, or a similar system, skip this section and see "Running the Windows.msi" on page 18 instead.

To upload the ProxyClient .car file to the Client Manager:

1. Log in to the Client Manager’s Management Console as an administrator.

2. Click

>

>

>

>

. The Current ProxyClient Software section displays information about the ProxyClient software this Client Manager is currently using.

Do any of the following:

• To upload the ProxyClient

file, see step 3.

• To use the link from the Blue Coat download site, see step 4.

3. This step discusses how to upload to the Client Manager the ProxyClient

file you got from the Blue Coat download site.

To use the link provided on the download page instead, skip this step and see step 4.

To upload the ProxyClient

file:

a. From the

list, click

.

b. Click

.

c. At the confirmation dialog, click

.

d. In the Open dialog, locate the ProxyClient

file and click

. The

file has a name similar to the following:

proxyclient_3[4].3.1.1_12345_ProxyClientSetup.car

Notes:

• The name of the ProxyClient

file changes with every release.

• Depending on the Web browser you used to download the software, square brackets might not be in the file name.

e. Wait a few minutes for the upload to complete.

A confirmation dialog displays the message

. If errors display, try the upload again. If errors continue, try getting the ProxyClient

.car

file again or try using the link displayed on the download page.

Using the link to the ProxyClient software displayed on the download page is discussed in more detail in step 4.

f. At the confirmation dialog, click

.

At the next update interval, the software will be distributed to all ProxyClient users except those for which you disabled automatic software updates.

4. This step discusses how to upload the ProxyClient software to the Client Manager using the link provided on the Blue Coat download site.

To upload the ProxyClient

file instead, skip this step and see step 3.

To use the link provided on the Blue Coat download page to update the ProxyClient software on the Client Manager:

a. From the

list, click

. b. Click

.

c. At the confirmation dialog, click

.

The Install ProxyClient Software dialog displays.

d. In the Installation URL field, paste the URL displayed on the Blue Coat download page.

The URL has a format similar to the following:

https://bto.bluecoat.com/download/direct/

56549919812997134284474771733824

Note: Every download URL link is unique.

e. In the Install ProxyClient Software dialog, click

. f. Wait a few minutes for the upload to complete.

A confirmation displays the message

. If errors display, try the upload again. If errors continue, try using the ProxyClient

file as discussed earlier.

g. At the confirmation dialog, click

.

h. In the Install ProxyClient Software dialog, click

.

At the next update interval, the software will be distributed to all ProxyClient users except those for which you disabled automatic software updates.

ProxyClient Licensing

Your SGOS trial or permanent license enables you to designate a ProxySG appliance as the Client Manager and it enables unlimited ProxyClient connections, provided the SGOS base license is valid. However, you must size your ProxyClient deployment based on Client Manager scalability.

User or client licenses for the ProxyClient software are not required.

For more information on SGOS licensing, refer to the SGOS Administration Guide.

Important:

• ProxyClient Web filtering can be used only with the SGOS Proxy Edition. Web filtering cannot be used with the SGOS Mach5 Edition.

• ProxyClient Web Filtering licensing requires a valid Blue Coat Web Filter (BCWF) database installed on the Client Manager and a user name and password to use to update the BCWF database categories at least once every 30 days. The BCWF license is available with trial and permanent licenses.

Even if the Client Manager is being used as a forward proxy, you must download

the BCWF database on the Client Manager for licensing purposes.

Section C: Mac OS X

ProxyClient System Requirements

The following table summarizes ProxyClient system requirements::

Support for Other Products

This section discusses the following topics:

"Blue Coat Reporter" on page 21

"Third-Party Firewall Products" on page 21

Blue Coat Reporter

• Reporter version 8.x: Blue Coat Reporter versions 8.3.6 and later can be used to analyze Web filtering logs uploaded by ProxyClients.

A known issue in Blue Coat Reporter versions earlier than 8.3.6 prevents it from analyzing the Web filtering logs uploaded by ProxyClients. (B#102893, 104187)

• Reporter version 9.x: To analyze ProxyClient log data, you must use Reporter 9.1.2.x or later.

Third-Party Firewall Products

The ProxyClient should work with all third-party firewall products without making any exceptions, provided you require clients to connect to the Client Manager using VPN. In some cases, especially if you choose to deploy ProxySGs outside your corporate firewall and you do not require VPN (a deployment that is not recommended), you might need to make the exceptions discussed in "Recommended Implementation Information" on page 22.

Consult the documentation provided with your firewall product for specific information.

Mac OS X

Version 10.5 (Leopard) - 32 bit

10.6 (Snow Leopard) 32 / 64 bit

Minimum Recommended

CPU Mac computer with an Intel processor

Mac computer with an Intel processor

RAM 1GB 1GB+

Free disk space

5GB 5GB+

Recommended Implementation Information

For ProxyClient users to be able to get configuration updates from the Client Manager, you might need to configure exceptions in client firewall software and configure your firewall to make the exceptions discussed in the following list:

Client Manager:

• Listen port (by default, 8084); set on the Client Manager in

>

ProxyClient

>

>

• Client Manager IP address

Upgrade and Downgrade Information

This section discusses the following topics:

"ProxyClient Compatibility With SGOS" on page 22

"Upgrading the ProxyClient Software" on page 23

"ProxyClient Licensing" on page 27

ProxyClient Compatibility With SGOS

This section discusses the following topics:

"Recommended Upgrade Information" on page 22

"ProxyClient and SGOS Compatibility" on page 22

"Important Information about Web Filtering Support" on page 22

Recommended Upgrade Information

Before you deploy the ProxyClient, make sure the Client Manager is running compatible versions of SGOS.

ProxyClient and SGOS Compatibility

To host the Mac version of the ProxyClient software and to enable auto updates, the Client Manager version should be 6.2.3.1 or later.

Important Information about Web Filtering Support

Because of recent changes made to Blue Coat WebFilter categories, not all combinations of Client Manager and ProxyClient are compatible. The following table discusses compatible and incompatible versions.

Issues result when all of the following are true:

A ProxyClient user requests a URL that matches a category that changed. (Ten new categories were added and five existing categories were renamed.)

For example, the Arts/Entertainment category is now split into the Arts/Culture and Entertainment categories.

SGOS 5.3.1.x SGOS 5.3.2.x SGOS 6.1 and later ProxyClient 3.4.x Not

compatible

Not compatible

Compatible

You configured a policy action for one of the categories that changed.

When a client requests a URL that is categorized as Arts/Culture, for example, but you set a policy action for Arts/Entertainment, the URL is classified as Unknown and the policy action is applied (allow, block, or warn).

The resulting Unknown categorization has a policy action that is different from the policy action for the policy you configured.

To complete the example, suppose you blocked Arts/Entertainment but you allowed Unknown. In that case, the URL request is allowed when you intended for it to be blocked.

For more information, see one of the following Blue Coat Knowledge Base articles:

KB2966 KB1567

Upgrading the ProxyClient Software

You have the following options to upgrade the ProxyClient software on the Client Manager and on client computers:

Upload the ProxyClient software to the Client Manager and let clients get the software from the Client Manager as discussed in this section.

Note:

• Upgrading the Client Manager to the most recent version of SGOS does not replace the ProxyClient software on the Client Manager.

• AutoUpdate from Client Manager is not supported in 3.4.1.1. To upgrade

ProxyClient software from 3.4.1.1 to 3.4.3.1, first uninstall 3.4.1.1 and then install 3.4.3.1.

When upgrading ProxyClient from the 3.4.2.0 beta release to the 3.4.3.x release on Mac OS X, at the end of the upgrade process a message is displayed saying the upgrade process failed. This is a false message, and the upgrade completes successfully. (B#169619)

Manually run

on client computers.

Automated updates using Apple Remote Desktop.

For more information about this option, see Chapter 6, Distributing the ProxyClient Software, in the ProxyClient Administration and Deployment Guide.

Note: If the ProxyClient software was installed on the client machine with the option to prohibit software updates, you must update the ProxyClient software on client computers using one of the following methods:

Manually running ProxyClientSetup.bsx on client computers Automatically using Apple Remote Desktop

To upgrade the software, see the following sections in the order shown:

1. "Getting the ProxyClient Software" on page 24

2. "Running the MacOS.bsx" on page 25

Getting the ProxyClient Software

This section discusses how to get any of the following:

To get the ProxyClient software:

1. Go to the following URL:

http://support.bluecoat.com

2. Click the link to download the ProxyClient 3.4.x software.

3. At the prompts, enter your BlueTouch Online user name and password.

If you do not have a BlueTouch Online login, go to http://www.bluecoat.com/support/

supportservices/btorequest

4. Follow the prompts on your screen to download any of the following:

5. If you chose to download the

file, locate it in any of the following:

• On the local file system of the computer you run the Client Manager’s Management Console.

That is, to upload the ProxyClient software from the local file system or from a network share drive (as opposed to uploading it from a remote URL), you must copy the

to an accessible location.

• On a web server the Client manager can access.

6. Continue with one of the following sections:

File Description

.bsx file

Install the ProxyClient software on client machines

Upload to the Client Manager.

Client computers receive the updated ProxyClient software at the next update interval, with the exception of any client computers for which updates are prohibited.

File Description

MacOS.bsx file

Manually install the ProxyClient software on client computers.

ProxyClient.car file

Upload the ProxyClient software to the Client Manager, which enables clients to upgrade to the latest version.

On the Download ProxyClient.car page, you also have the option to copy the link displayed on the page to download the

file to the Client Manager. To use this link, the Client Manager must be able to contact

. The link expires in 24 hours.

If you choose this option, skip the rest of this

procedure after copying the link location.

• To install the ProxyClient software manually, see "Running the MacOS.bsx" on page 25

• To allow clients to get the ProxyClient software from the Client Manager, see

"Uploading the ProxyClient .car File to the Client Manager" on page 25

Running the MacOS.bsx

The

file should be used for manual installations.

To distribute the ProxyClient software from the Client Manager instead, skip this section and see "Uploading the ProxyClient .car File to the Client Manager" on page 25.

For example:

chmod +x MacOS.bsx

sudo ./ProxyClientSetup.bsx BCSI_UPDATEURL=https://CM-IPADDRESS:8084

Detailed information about running

can be found in Chapter 6, Distributing the ProxyClient Software, in the ProxyClient Administration and Deployment Guide.

Uploading the ProxyClient .car File to the Client Manager

This section discusses how to upload the ProxyClient

file to the Client Manager, which makes the ProxyClient software available to client computers at the next update interval—with the exception of any client computers for which software updates are prohibited.

To install the ProxyClient software manually from the command line, skip this section and see "Running the MacOS.bsx" on page 25 instead.

To upload the ProxyClient .car file to the Client Manager:

1. Log in to the Client Manager’s Management Console as an administrator.

2. Click

>

>

>

>

. The Current ProxyClient Software section displays information about the ProxyClient software this Client Manager is currently using.

Do any of the following:

• To upload the ProxyClient

file, see step 3.

• To use the link from the Blue Coat download site, see step 4.

3. This step discusses how to upload to the Client Manager the ProxyClient

file you got from the Blue Coat download site.

To use the link provided on the download page instead, skip this step and see step 4.

To upload the ProxyClient

file:

a. From the

list, click

. b. Click

.

c. At the confirmation dialog, click

.

d. In the Open dialog, locate the ProxyClient

file and click

. The

file has a name similar to the following:

proxyclient_3[4].3.1.1_12345_ProxyClientSetup.car

Notes:

• The name of the ProxyClient

file changes with every release.

• Depending on the Web browser you used to download the software, square brackets might not be in the file name.

e. Wait a few minutes for the upload to complete.

A confirmation dialog displays the message

. If errors display, try the upload again. If errors continue, try getting the ProxyClient

.car

file again or try using the link displayed on the download page.

Using the link to the ProxyClient software displayed on the download page is discussed in more detail in step 4.

f. At the confirmation dialog, click

.

At the next update interval, the software will be distributed to all ProxyClient users except those for which you disabled automatic software updates.

4. This step discusses how to upload the ProxyClient software to the Client Manager using the link provided on the Blue Coat download site.

To upload the ProxyClient

file instead, skip this step and see step 3.

To use the link provided on the Blue Coat download page to update the ProxyClient software on the Client Manager:

a. From the

list, click

. b. Click

.

c. At the confirmation dialog, click

.

The Install ProxyClient Software dialog displays.

d. In the Installation URL field, paste the URL displayed on the Blue Coat download page.

The URL has a format similar to the following:

https://bto.bluecoat.com/download/direct/

56549919812997134284474771733824

Note: Every download URL link is unique.

e. In the Install ProxyClient Software dialog, click

. f. Wait a few minutes for the upload to complete.

A confirmation displays the message

. If errors display, try the upload again. If errors continue, try using the ProxyClient

file as discussed earlier.

g. At the confirmation dialog, click

.

h. In the Install ProxyClient Software dialog, click

.

At the next update interval, the software will be distributed to all ProxyClient users except those for which you disabled automatic software updates.

ProxyClient Licensing

Your SGOS trial or permanent license enables you to designate a ProxySG appliance as the Client Manager and it enables unlimited ProxyClient connections, provided the SGOS base license is valid. However, you must size your ProxyClient deployment based on Client Manager scalability.

User or client licenses for the ProxyClient software are not required.

For more information on SGOS licensing, refer to the SGOS Administration Guide.

Important:

• ProxyClient Web filtering can be used only with the SGOS Proxy Edition. Web filtering cannot be used with the SGOS Mach5 Edition.

• ProxyClient Web Filtering licensing requires a valid Blue Coat Web Filter (BCWF) database installed on the Client Manager and a user name and password to use to update the BCWF database categories at least once every 30 days. The BCWF license is available with trial and permanent licenses.

Even if the Client Manager is being used as a forward proxy, you must download

the BCWF database on the Client Manager for licensing purposes.

Section D: Release Information

This section discusses issues fixed in ProxyClient releases since version 3.4.x and has the following release-specific information:

"ProxyClient Version 3.4.4.6"

"ProxyClient Version 3.4.4.4"

"ProxyClient Version 3.4.3.2"

"ProxyClient Version 3.4.3.1"

ProxyClient Version 3.4.4.6

Release Date: 8/16/2013 Build: 114770

Document Revision: 3.4.4.6.1 on 8/16/2013 This section discusses the following topics:

"Fixed in This Release"

Fixed in This Release

General

ProxyClient service crashes when a location change disables Web filtering while WebPulse service points were not reachable. (B#182824)

WebFilter

Resolved issue where ProxyClient crashed when unable to access the hosts file.

(B#189137)

BSOD at random intervals on Windows 7 machine when using PxC 3.4.4.4. (B#189466)

ProxyClient Version 3.4.4.4

Release Date: 5/20/2013 Build: 109656

Document Revision: 3.4.4.4.2 on 6/3/2013 This section discusses the following topics:

"Fixed in This Release"

Fixed in This Release

WebFilter

Server Name Indication used to provide hostname filtering for HTTPS requests not

originating from Internet Explorer or Firefox. (B#181837)

CIFS

CIFS acceleration to Windows Server 2008 R2 does not work. (B#182951)

AL-Mail email client slows down when PxC is installed with acceleration enabled and emails are stored in a CIFS share. (B#185781)

ADN

When an idle tunnel is reused after an SG reboot, the change in the tunnel's client port is not reflected in the WebUI. (B#184045)

General

ProxyClient causing Kaspersky to crash when system starts. (B#184843) Injection

ProxyClient can cause an application it has hooked to hang when the application is attempting to exit. (B#182067)

Proxyclient causes WSCommCntr3.exe and WorksharingMonitor.exe to crash.(B#182999)

Proxyclient causes teklastructures.exe to crash. (B#183000)

ProxyClient causing communication issues for 3rd party application (Marimba).

(B#184883)

HTTPS block pages for Internet Explorer do not work with Digital Guardian installed.

(B#185552)

Resolved the issue with BeyondTrust PowerBroker where it failed to elevate the process when ProxyClient is running. (B#179990)

Location Awareness

Resolved issue where ProxyClient failed to upload Web Filtering logs and

encountered a System Error 32 (Sharing Violation). (B#179844, SRs 2-476523922, 2-493781827)

Startup

Resolved issue where ProxyClient caused machines to hang on startup when

gpscript.exe

executes. (B#177634) Web Filtering

Resolved issue where identity based filtering did not function when Active directory is not reachable in location where web filtering is turned on but reachable in location where web filtering is turned off. (B#176513, SR 2-470908652)

(WINDOWS) Resolved BSOD crashes reported in Novell/Windows Hybrid

Environments. (B#176652)

ProxyClient Version 3.4.3.2

Release Date: 12/21/2012 Build: 86752

Document Revision: 3.4.3.2 on 12/21/2012 This section discusses the following topics:

"Fixed In This Release"

Fixed In This Release

ADN

ProxyClient failed to accelerate applications like "Office communicator". (B#167211) Application "Intellimobile" failed when ProxyClient was running. (B#170241)

CIFS

Stale content was being served from the CIFS Proxy cache. (B#175457)

Downloader

Users cannot download ProxyClient software or configuration updates once KB2585542 is installed. (B#173029, SR 2-443231054)

General

Juniper NSM failed to run when ProxyClient was running. (B#170243)

Injection

Fonts do not display correctly when ProxyClient is installed along with Autodesk AutoCAD. (B#170237, SR2-438566482)

Text fails to display in Autodesk Trueview with ProxyClient Installed. (B#171806, SR 2-461194962)

HP software distribution (radclink.exe) does not work when ProxyClient is running.

(B#172216)

Installer

Microsoft Patch Broke SSL Cypher. (B#175119)

Location_Awareness

ProxyClient fails to upload access logs on FTP server if path to cache folder contains non-ANSI characters. (B#173539)

SSL_Proxy

URL based web-filtering did not work for HTTPS traffic from supported browsers (IE

and FireFox). (B#170481)

WebFilter

In rare cases BSoD occurred while ProxyClient was running with Sophos Endpoint Security. (B#170310)

In rare cases BSoD occurred when RSA Manager was used while ProxyClient was running. (B#170569)

FTP downloads may fail with an error "Invalid HTTP request header" when ProxyClient is installed. (B#171168)

Fixed the issue where in rare cases, Windows crashed due to ProxyClient. (B#174365) URLs in multiple custom categories caused policy to not be enforced as expected.

(B#175166, SR 2-427938652)

Exception pages do not display Chinese characters correctly. (B#176350, SR 2- 464589842)

Resolved issue where identity based filtering did not function when Active directory is not reachable in location where web filtering is turned on but reachable in location where web filtering is turned off. (B#176513, SR 2-470908652)

ProxyClient Version 3.4.3.1

Release Date: 07/11/2012 Build: 76931

Document Revision: 2.1 on 7/11/2012 This section discusses the following topics:

"Fixed In This Release" on page 30

"Known Issues In This Release" on page 31

Fixed In This Release

The following issues were fixed in this release:

Issues Specific to Windows

Fixed the issue where in rare cases, Windows crashed due to ProxyClient. (B#174365)

Issues Specific to Mac OS X

Web-filtering based on "Username" will not work if the filtering rule appends

"DOMAIN" string to the "username". However, specifying only "username" works as expected. (B#165967)

If the Native VPN is loaded before ProxyClient service is started, webfiltering does not work. However, if ProxyClient service is started before logging into native VPN, webfiltering works fine. (B#166115)

Exception pages do not display Chinese characters correctly. (B#176350)

Known Issues In This Release

The following are known issues in this release:

Issues Specific to Windows

The date and time idenfied within the log files do not match the date and time of the system. (B#167923)

URLs in multiple custom categories caused policy to not be enforced as expected.

(B#175116)

A Microsoft patch damaged a SSL Cipher. (B#175119)

Stale content is served when modified MS-Access files are opened from the server.

(B#175457)

Users cannot download ProxyClient software or configuration updates once Windows security update KB2585542 is installed. (B#173029)

HP software distribution (radclink.exe) does not work when ProxyClient is running.

(B#172216)

ProxyClient fails to upload access logs on a FTP server if the path to the cache contains non-ANSI characters. (B#173539)

Text fails to display in Autodesk Trueview with ProxyClient Installed. (B#171806) URL-based web filtering does not work for HTTPS traffic from supported browsers (Internet Explorer and FireFox). (B#170481)

Failed FTP downloads show "Invalid HTTP request header," when ProxyClient is installed. (B#171168)

Juniper NSM fails to run while ProxyClient is running. (B#170243)

In rare cases, a blue error screen appears when RSA Manager is used, while ProxyClient is running. (B#170569)

Application "IntelliMobile" fails when ProxyClient is running. (B#170241) Fonts do not display correctly when ProxyClient is installed along with Autodesk AutoCAD. (B#170237)

ProxyClient fails to accelerate applications like "Office communicator". (B#167211)

Issues Specific to Mac OS X

Access logs will not get uploaded through "FTP Proxy". ProxyClient will honor all other types of proxy settings. (B#170071)

While logging into F5 SSL VPN, the VPN location is not recognized. (B#165647) After installing ProxyClient, a file named “dummy” with zero bytes is created in the root and installation directory. (B#168475)

While filtering HTTPS on Mac OSX, sometimes two windows pop up; the first window displays the IP address and the second window displays the host name.

(B#162582)

In rare situations, the open trace folder from web User Interface opens the directory

instead of the support folder from the finder. (B#168863)