Protector V38.5 Powerful UTM Firewall Release
The New Protector 38.5 features a large range of new improvements
New 38.5 - March 2017
The Anti-Spam system has been subject to a number of improvements, most of
which are about blocking File Attachments. In the File Extensions pages, new examples
have the purpose to clarify how to configure the system to perform the most frequent
actions with attachments: Accept a file from a specific sender, or block an incoming file
type while allowing it in outgoing mail.
In the same pages, other improvements aim to make the configuration easier:
Deliver Cleaned Mail
A new option in the Anti-Spam Setup page allows to decide whether to
deliver or not a mail message after the cleanup process, be it of viruses or bad attachments.
The option is enabled by default and can be disabled by unchecking the check box.
In the Firewall it’s possible to block all the traffic coming from one or more Countries.
This block can now be extended to mail. A new option allows to extend the block from
the Firewall to the Anti Spam system and consequently Hard Block all the mail messages
coming from those Countries. The option can be found in both the Firewall and the Anti Spam menu.
By enabling this option, all the Countries already blocked in the Firewall will be
added to the Hard Block List in this page. Please be aware that this type of
block will cause the rejection of all mail sent from the blocked Countries, without adding it to the Quarantine.
This function has been improved thanks to a new geolocalization
database and a new algorithm. It allows to easily localize the Country of
origin of quarantined mail messages by showing the name of the Country
and its flag on the screen in the Mail Archiver.
This is a hard task to achieve, and with the present firmware, the Protector improves the
algorithm for social media blocking and enlarges the range of blockable domains. To block a
Social Media it’s necessary to enable the Web Filter and add the hostname of the Social Media
to the black list. Then, since most Social Media use the HTTPS protocol, it’s also necessary to enable the HTTPS block.
When a domain is added to the black list, the Protector will search the whole list of IP
addresses used by that domain. Social Media may use many thousands of IP addresses,
therefore, to avoid any performance issues, the Protector will try to merge the list of IP addresses
to the shortest possible list of CIDRs. This task is automatically performed once a day by the Protector,
or can be performed manually whenever a new domain is added to the black list.
A general review has been performed on the Firewall Profiles.
The new profiles are generally more restrictive than the older,
and are designed to offer a better protection to the Protector
units directly exposed to the Internet.
To choose a profile, go to menu Firewall – Profiles, then select
one of the available profiles depending on your needs and your network
topology. Once a profile has been selected, it will overwrite the existing
settings and can be freely modified by adding or removing rules.
The refresh time of network plugs, in the right part of the screen,
has been changed to nearly real-time. This allows to immediately
detect any network shortage or failure, minimizing the risk of consequences.
The maximum delay is 2 seconds.
Domain User Management: New function to export the content of the Domain User Management to a CSV file
Firewall: The firewall has undergone a stress test in conjunction with the IPS system, to verify that it cannot be bypassed
IPS rules: Some IPS rules have been deactivated because they could cause false positives
The Greylist Status has been added to the System Status
IPS event logger: New checks have been added to the System Status to verify that the intrusion event logger is running