Skip to content

Gateway Release: 22.02-01 - March 2, 2022

Enhancements

  • Enhancement: Added Forward and Reverse Proxy support for client certificate forwarding (mutual TLS)
  • Enhancement: Enhanced the Reverse Proxy Service Object to allow use of SNI when a decryption profile is not specified
  • Enhancement: Enhanced the FQDN Profile by allowing a user to specify the desired behavior when traffic does not contain an FQDN (encrypted non-HTTP traffic without an SNI)
  • Enhancement: Added support for Security Profiles to inspect and evaluate traffic passing through an ICMP Policy Ruleset Rule
  • Enhancement: Enhanced the Application ID engine by decoupling it from the IDS/IPS engine. Application ID can now operate independently and does not require an IDS/IPS Profile to be configured.

Fixes

  • Fix: Fixes an issue where Nginx proxy was not parsing SNI values properly resulting in repeated datapath restarts
  • Fix: Fixes an issue where Traffic Summary Log was not showing the FQDN for traffic processed by a TLS Reverse Proxy Policy Ruleset Rule
  • Fix: Fixes an issue with parsing the Malicious IP dataset obtained from Trustwave when the dataset is significantly large
  • Fix: Fixes an issue where the session ID might change after the L4 processing stage
  • Fix: Fixes an issue where Azure Redis Cloud Service was not being detected by Application ID
  • Fix: Fixes an issue where an IDS/IPS Profile Action set to Rule Default would not honor the Rule action guidance. IMPORTANT: This could change the observed behavior of IDS/IPS threat protection by dropping traffic for a high severity threat that was previously only detected.
  • Fix: Various stability improvements in mixed-mode, high-traffic stress scenarios for all use-cases