SecPoint Logo

Protector V38.5 Powerful UTM Firewall Release

 The New Protector 38.5 features a large range of new improvements

New 38.5 - March 2017

 

  • More than 35 updates.
  • Improved System Status
  • Improved Anti Spam File Management.
  • More Browser Updates for Chrome.
  • Improved IPS System/
  • Improved Update Process.
  • 4 HD Support Videos.
  • GEO Localization to Anti Spam Quarantine.
  • Improved Social Media Blocking.
  • Updated browsers Opera, Chrome, Firefox, TOR.

 

 

 

 

 Anti-Spam Improvements

 

File Attachments

 

 

 

 

  

 

 

  

 

 

 

 

 

 

 

 

The Anti-Spam system has been subject to a number of improvements, most of

which are about blocking File Attachments. In the File Extensions pages, new examples

have the purpose to clarify how to configure the system to perform the most frequent

actions with attachments: Accept a file from a specific sender, or block an incoming file

type while allowing it in outgoing mail.

In the same pages, other improvements aim to make the configuration easier:

  •  The type (File extension or Regular expression) and the Value are visible in the list
  •  New checks on the data entry won’t allow to type invalid domains, such as “ALL”, “default”, etc.
  •  It is now possible to enter rule names containing blanks.
  •  The Microsoft® Office extensions containing macros have been added to the list
  • of attachments blocked by default

 

 

 

 

 

Deliver Cleaned Mail

 

 

 

 

 

A new option in the Anti-Spam Setup page allows to decide whether to

deliver or not a mail message after the cleanup process, be it of viruses or bad attachments.

 

 

 

 

 

The option is enabled by default and can be disabled by unchecking the check box.

Block Country

 

 

 

 

 

 

In the Firewall it’s possible to block all the traffic coming from one or more Countries.

This block can now be extended to mail. A new option allows to extend the block from

the Firewall to the Anti Spam system and consequently Hard Block all the mail messages

coming from those Countries. The option can be found in both the Firewall and the Anti Spam menu.

 

 

 

 

 

By enabling this option, all the Countries already blocked in the Firewall will be

added to the Hard Block List in this page. Please be aware that this type of

block will cause the rejection of all mail sent from the blocked Countries, without adding it to the Quarantine.

Geolocalization

This function has been improved thanks to a new geolocalization

database and a new algorithm. It allows to easily localize the Country of

origin of quarantined mail messages by showing the name of the Country

and its flag on the screen in the Mail Archiver.

 

 

 

 

 

  •  Social Media Blocking

 

 

 

 

 

 

 

This is a hard task to achieve, and with the present firmware, the Protector improves the

algorithm for social media blocking and enlarges the range of blockable domains. To block a

Social Media it’s necessary to enable the Web Filter and add the hostname of the Social Media

to the black list. Then, since most Social Media use the HTTPS protocol, it’s also necessary to enable the HTTPS block.

 

 

 

 

 

 

 

 

When a domain is added to the black list, the Protector will search the whole list of IP

addresses used by that domain. Social Media may use many thousands of IP addresses,

therefore, to avoid any performance issues, the Protector will try to merge the list of IP addresses

to the shortest possible list of CIDRs. This task is automatically performed once a day by the Protector,

or can be performed manually whenever a new domain is added to the black list.

 

 

  •  Firewall Profiles

 

 

 

 

 

A general review has been performed on the Firewall Profiles.

The new profiles are generally more restrictive than the older,

and are designed to offer a better protection to the Protector

units directly exposed to the Internet.

 

 

 

 

 

 

 

 

To choose a profile, go to menu Firewall – Profiles, then select

one of the available profiles depending on your needs and your network

topology. Once a profile has been selected, it will overwrite the existing

settings and can be freely modified by adding or removing rules.

 

 

  •  Network Indicators

The refresh time of network plugs, in the right part of the screen,

has been changed to nearly real-time. This allows to immediately

detect any network shortage or failure, minimizing the risk of consequences.

The maximum delay is 2 seconds.

 

 

 

 

 

 

  

 

Antispam:

  •  MCP exact match: better explanation of what is meant by "exact match"
  •   Better description of the meaning and the consequences of whitelisting email addresses

 

Domain User Management: New function to export the content of the Domain User Management to a CSV file

 

Firewall: The firewall has undergone a stress test in conjunction with the IPS system, to verify that it cannot be bypassed

 

IPS rules: Some IPS rules have been deactivated because they could cause false positives

 

The Greylist Status has been added to the System Status

 

IPS event logger: New checks have been added to the System Status to verify that the intrusion event logger is running

 

Fixes:

  •  The Web Filter Denied Page could appear empty in Chrome
  •  Some tables appeared overlapped in Chrome
  •  Mail Children Setup: after a firmware update the values were restored to the default
  •  Database update: After a factory reset, the Database Update web page showed no option selected

Internal improvements:

  •  Antispam: better management of the daily update of the antispam rules
  •  Script customization: some scripts were not customized with the current unit ID
  •  More checks added to verify the database integrity
  •  New process to check for possible crashes of the database manager
  •  Cleanup of all the data entry, to avoid any possibility of XSS attack
  •  The Smart host relay check has been improved to avoid false Not Good status