Sophos UTM 9.6 update released

What’s new in UTM 9.6?

 

ATP: New Advanced Threat Protection Library

  • Better performance and protection

Certificates: Let’s Encrypt Integration

  • Generate and renew Let’s Encrypt certificates from within UTM
  • Generated certificates can be used in all UTM components

RED: Unified RED Firmware

  • Better 3G/4G Support

Sandstorm: Manual File Submission

  • Allows an admin to upload a file for detonation within Sophos Sandstorm
  • Files that have not been received via email or web download can also be analyzed with Sophos Sandstorm

Sandstorm: Persistent Reports

  • Reporting for Sandstorm Activity over time and with historic information
  • Reporting also covering hash lookup based results from Sophos Sandstorm

SMTP Proxy: Enhancements

  • Submission Port support in SMTP Proxy
  • Configurable Listen Address in SMTP Proxy

WAF: Error Page Customization

  • Custom themes for all error pages that are delivered by WAF
  • Allows to provide corporate identity on all pages

 

Up2Date Information

Behavior Changes

A change in behavior of HTTP Proxy results in the proceed links no longer working for any customers that were using a custom warn template prior to upgrading to 9.6. The workaround is for the administrator to modify the custom template and re-upload to the WebAdmin. (new sample templates and an updated KBA will be available soon)

News

  • Features Release
  • .
  • ATP: New Advanced Threat Protection Library with better performance and protection
  • Certificates: Let’s Encrypt Integration
  • RED: Unified RED Firmware with better 3G/4G Support
  • Sandstorm: Manual File Submission
  • Sandstorm: Persistent Reports
  • SMTP Proxy: Submission Port Support
  • SMTP Proxy: Configurable Listen Address
  • WAF: Error Page Customization

Remarks

  • System will be rebooted
  • Configuration will be upgraded
  • Connected REDs will perform firmware upgrade
  • Connected Wifi APs will perform firmware upgrade

Bugfixes

  • NUTM-10128 [Access & Identity] MDW waits hours for lock on shared cache with AUA
  • NUTM-10130 [Access & Identity] Unable to connect RDP type bookmark with NLA
  • NUTM-7418 [Access & Identity] SAA – Rename Client Auth CA
  • NUTM-9368 [Access & Identity] SSL VPN: optional user auth not working
  • NUTM-9525 [Access & Identity] Disk filling up with argos error messages in endpoint.log
  • NUTM-9843 [Access & Identity] HTML5 VPN portal connections periodically stop working until service is restarted
  • NUTM-10080 [Basesystem] Update to latest Avira SAVAPI version
  • NUTM-10366 [Basesystem] Missing IP address in IPset of user network for STAS
  • NUTM-9783 [Basesystem] IPsec routing issue if gateway interface has additional addresses
  • NUTM-9810 [Basesystem] IPset Object takes 30 seconds to update after SSL VPN connection was established
  • NUTM-9860 [Basesystem] Selfmon trying to start DHCP even when not in use
  • NUTM-10226 [Email] Can’t release POP3 messages due to URL in User Portal
  • NUTM-9681 [Email] cssd coredumps and root partition is filling up
  • NUTM-9716 [Email] S/MIME encryption – automatic certificate extraction causing high load / no webadmin access
  • NUTM-9733 [Email] Change default encryption algorithm to ‘smime’
  • NUTM-9853 [Email] Fix policy traversal (for gpg, smime, unscanable)
  • NUTM-9882 [Email] Umlauts in mail addresses get corrupted if SPX encryption is used
  • NUTM-10181 [Network] Remove DNSdynamic from available dynamic DNS providers
  • NUTM-10307 [Network] ATP exception still working after deletion
  • NUTM-10337 [Network] High CPU load by AFCd when hotspot is enabled
  • NUTM-10414 [Network] Segfault in oculusd
  • NUTM-2791 [Network] Fix detection of sub applications in Application Control
  • NUTM-4767 [Network] SSH for single host skipping AFC check
  • NUTM-9462 [Network] Update to BIND 9.11 ESV
  • NUTM-10197 [RED] All REDs disconnect intermittently
  • NUTM-10227 [RED] Offline provisioning does not work
  • NUTM-10303 [RED] Unified FW: split networks does not work
  • NUTM-10384 [RED] Update hostapd for Unified-FW
  • NUTM-9026 [RED] TP-LINK MA260 dongle on RED doesn’t work anymore after update to v9.5
  • NUTM-9795 [RED] RED50 issue with large packets in Transparent/Split mode
  • NUTM-10060 [Reporting] ATP alerts / events not deleted after three days
  • NUTM-10201 [Reporting] Unable to download S/MIME internal user certificate
  • NUTM-10352 [Sandstorm] Sandstorm Activity Report table and graph do not show same data
  • NUTM-10367 [Sandstorm] Sandstorm Activity Graph does not include email cached results
  • NUTM-2644 [UI Framework] Webadmin prefetching list box not displaying any users, if one user contains a single tick
  • NUTM-10066 [WAF] Existing certificate chain overrides after new certificate chain has been added
  • NUTM-10185 [WAF] Using printenv SSI directive in custom theme causes segfault
  • NUTM-10315 [WAF] Let’s Encrypt can’t be enabled after upgrade from 9.5 (/etc/ssl/certs not accessible)
  • NUTM-10316 [WAF] Let’s Encrypt certificates allow wildcards in domain name list
  • NUTM-10332 [WAF] Let’s Encrypt not working over IPv6
  • NUTM-9809 [WAF] Potential memory allocation failure for “Rewrite HTML” + location with special characters
  • NUTM-10188 [WebAdmin] [OTP] QR code not visible for the first user login
  • NUTM-10214 [WebAdmin] Breach Vulnerability in WebAdmin (CVE-2013-3587)
  • NUTM-6945 [WebAdmin] Popup too small for secret when deleting SHA512 OTP token
  • NUTM-7381 [WebAdmin] Login to UserPortal only works at second try when using RADIUS authentication
  • NUTM-9424 [WebAdmin] Webadmin session interrupted with pop-up “Backend connection failed”
  • NUTM-10200 [Web] Segfault in libc-2.11.3.so
  • NUTM-10284 [Web] HTTP Proxy crash with coredumps
  • NUTM-9676 [Web] HTTP Proxy out-of-memory segfault / HTTP Proxy stops working with “Avira engine not available”
  • NUTM-9854 [Web] Warning page bypass using crafted URLs
  • NUTM-9873 [Web] File blocked due to MIME type detection even if there is an exception
  • NUTM-9956 [Web] HTTP Proxy coredumps in geoip scanner
  • NUTM-10365 [Wireless] RED15w: SSID isn’t broadcasted when “Enterprise Authentication” is in use

 

Download

HTTP Download

FTP Download

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.