Gateway Release: 22.02¶
22.02-02 - April 22, 2022¶
- Fix: Addresses an issue related to AWS SDK due to the Valtix Gateway adding the following two response headers: Strict-transport-security, X-content-type-options. The fix is for the Valtix Gateway to not add these two response headers and rely on the application for issuing the response headers and their directives.
- Fix: Fixes a stability issue in an Egress Gateway related to the Snort engine for TCP stream data
- Fix: Fixes and issue where an IDS/IPS (DPI) Event would show a scrambled URI value
- Fix: Provides patch to vulnerability defined by CVE-2022-0778
- Fix: Enhances throughput performance for Azure Egress/EW Gateway operating in Forward Proxy mode
- Fix: Fixes a stability issue in an Egress Gateway related to OpenSSL
- Fix: Fixes an Egress Gateway stability issue resulting in datapath self-heal
- Fix: Fixes an issue with incorrect processing of large and chunked client requests
22.02-01 - March 3, 2022¶
- Enhancement: Added Forward and Reverse Proxy support for client certificate forwarding (mutual TLS)
- Enhancement: Enhanced the Reverse Proxy Service Object to allow use of SNI when a decryption profile is not specified
- Enhancement: Enhanced the FQDN Profile by allowing a user to specify the desired behavior when traffic does not contain an FQDN (encrypted non-HTTP traffic without an SNI)
- Enhancement: Added support for Security Profiles to inspect and evaluate traffic passing through an ICMP Policy Ruleset Rule
Enhancement: Enhanced the Application ID engine by decoupling it from the IDS/IPS engine. Application ID can now operate independently and does not require an IDS/IPS Profile to be configured.
Fix: Fixes an issue where Nginx proxy was not parsing SNI values properly resulting in repeated datapath restarts
- Fix: Fixes an issue where Traffic Summary Log was not showing the FQDN for traffic processed by a TLS Reverse Proxy Policy Ruleset Rule
- Fix: Fixes an issue with parsing the Malicious IP dataset obtained from Trustwave when the dataset is significantly large
- Fix: Fixes an issue where the session ID might change after the L4 processing stage
- Fix: Fixes an issue where Azure Redis Cloud Service was not being detected by Application ID
- Fix: Fixes an issue where Network Stats was showing incorrect connection rate values
- Fix: Fixes an issue where an IDS/IPS Profile Action set to Rule Default would not honor the Rule action guidance. IMPORTANT: This could change the observed behavior of IDS/IPS threat protection by dropping traffic for a high severity threat that was previously only detected.
- Fix: Various stability improvements in mixed-mode, high-traffic stress scenarios for all use-cases