Skip to content

Gateway Release: 22.08

22.08-01 - September 7, 2022

  • Enhancement: Provides support for limiting TLS to a minimum version. IMPORTANT: The same minimum version must be used consistently throughout the Policy Rules associated with a Policy Ruleset (Standalone or Group). Otherwise the minimum version applied cannot be predetermined.
  • Enhancement: Enhances the TLS_ERROR messaging to be clear and actionable
  • Enhancement: Adds TCP Reset on Deny support for all Security Profiles applicable to Forwarding Rules
  • Enhancement: Enhances the FQDN Filtering Event text to show which FQDN is matched in an FQDN

  • Fix: Fixes an issue where the Anti-malware detection would not detect Malware for an unencrypted HTTP session

  • Fix: Updated Mellanox DPDK driver to address vulnerability related to CVE-2022-28199
  • Fix: Fixes an issue where certain traffic that doesn't have an SNI that should be denied was processed as allow
  • Fix: Fixes an issue where backend TLS_LOG events where showing a reversed source and destination IP/Port information
  • Fix: Removes not used samba-common-libs from the Gateway
  • Fix: Fixes memory pressure issues related to small form factor Ingress Gateway deployed in Azure
  • Fix: Fixes an issue where return path UDP traffic that was processed by a SNAT rule would not be handled properly by the Gateway
  • Fix: Fixes an issue with Forward Proxy to ensure the backend connection remains active when the response is delayed by more than 10 seconds. The response delay timeout for the proxy has been increased to 30 seconds.
  • Fix: Fixes an issue where VALTIX_INTERNAL event types were not being correlated with related events
  • Fix: Fixes an issue where an attempt to import a CA certificate for use in a Forward Proxy would throw an error
  • Fix: Fixes an issue where Egress Gateways deployed in AWS into a NAT Gateway-enabled Service VPC would not initialize
  • Fix: Fixes an issue where very large policies pushed to the Gateway would take longer than expected
  • Fix: Removes duplicate Events that were commonly recorded for Ingress traffic session processing
  • Fix: Fixes a stability issue related to TLS traffic that would cause Gateway auto-scaling
  • Fix: Fixes an issue where Policy Status update would take longer than expected to complete
  • Fix: Fixes an issue where incorrect Packet Capture Profile credentials can cause the DP to perform a hitless restart
  • Fix: Fixes the FQDN and URL Filtering messages when traffic is processed by the default ANY rule
  • Fix: Fixes an issue in a URL Filtering Profile where a top-level domain containing an end "/" does not match match a configuration where the RegEx ends in "/*" Filtering Profile row
  • Fix: Fixes and issue where the forward proxy could open an upstream connection using an incorrect destination port
  • Fix: Fixes an issue with the WAF event where the FQDN obtained from SNI or Host Header was not populated to the FQDN field
  • Fix: Fixes a stability issue related to ICMP traffic