Protector V38.5 Powerful UTM Firewall Release
The New Protector 38.5 features a large range of new improvements
New 38.5 - March 2017
- More than 35 updates.
- Improved System Status
- Improved Anti Spam File Management.
- More Browser Updates for Chrome.
- Improved IPS System/
- Improved Update Process.
- 4 HD Support Videos.
- GEO Localization to Anti Spam Quarantine.
- Improved Social Media Blocking.
- Updated browsers Opera, Chrome, Firefox, TOR.

Anti-Spam Improvements
File Attachments


The Anti-Spam system has been subject to a number of improvements, most of
which are about blocking File Attachments. In the File Extensions pages, new examples
have the purpose to clarify how to configure the system to perform the most frequent
actions with attachments: Accept a file from a specific sender, or block an incoming file
type while allowing it in outgoing mail.
In the same pages, other improvements aim to make the configuration easier:
- The type (File extension or Regular expression) and the Value are visible in the list
- New checks on the data entry won’t allow to type invalid domains, such as “ALL”, “default”, etc.
- It is now possible to enter rule names containing blanks.
- The Microsoft® Office extensions containing macros have been added to the list
- of attachments blocked by default

Deliver Cleaned Mail

A new option in the Anti-Spam Setup page allows to decide whether to
deliver or not a mail message after the cleanup process, be it of viruses or bad attachments.

The option is enabled by default and can be disabled by unchecking the check box.
Block Country

In the Firewall it’s possible to block all the traffic coming from one or more Countries.
This block can now be extended to mail. A new option allows to extend the block from
the Firewall to the Anti Spam system and consequently Hard Block all the mail messages
coming from those Countries. The option can be found in both the Firewall and the Anti Spam menu.

By enabling this option, all the Countries already blocked in the Firewall will be
added to the Hard Block List in this page. Please be aware that this type of
block will cause the rejection of all mail sent from the blocked Countries, without adding it to the Quarantine.
Geolocalization
This function has been improved thanks to a new geolocalization
database and a new algorithm. It allows to easily localize the Country of
origin of quarantined mail messages by showing the name of the Country
and its flag on the screen in the Mail Archiver.


This is a hard task to achieve, and with the present firmware, the Protector improves the
algorithm for social media blocking and enlarges the range of blockable domains. To block a
Social Media it’s necessary to enable the Web Filter and add the hostname of the Social Media
to the black list. Then, since most Social Media use the HTTPS protocol, it’s also necessary to enable the HTTPS block.

When a domain is added to the black list, the Protector will search the whole list of IP
addresses used by that domain. Social Media may use many thousands of IP addresses,
therefore, to avoid any performance issues, the Protector will try to merge the list of IP addresses
to the shortest possible list of CIDRs. This task is automatically performed once a day by the Protector,
or can be performed manually whenever a new domain is added to the black list.

A general review has been performed on the Firewall Profiles.
The new profiles are generally more restrictive than the older,
and are designed to offer a better protection to the Protector
units directly exposed to the Internet.

To choose a profile, go to menu Firewall – Profiles, then select
one of the available profiles depending on your needs and your network
topology. Once a profile has been selected, it will overwrite the existing
settings and can be freely modified by adding or removing rules.
The refresh time of network plugs, in the right part of the screen,
has been changed to nearly real-time. This allows to immediately
detect any network shortage or failure, minimizing the risk of consequences.
The maximum delay is 2 seconds.


Antispam:
- MCP exact match: better explanation of what is meant by "exact match"
- Better description of the meaning and the consequences of whitelisting email addresses
Domain User Management: New function to export the content of the Domain User Management to a CSV file
Firewall: The firewall has undergone a stress test in conjunction with the IPS system, to verify that it cannot be bypassed
IPS rules: Some IPS rules have been deactivated because they could cause false positives
The Greylist Status has been added to the System Status
IPS event logger: New checks have been added to the System Status to verify that the intrusion event logger is running
Fixes:
- The Web Filter Denied Page could appear empty in Chrome
- Some tables appeared overlapped in Chrome
- Mail Children Setup: after a firmware update the values were restored to the default
- Database update: After a factory reset, the Database Update web page showed no option selected
Internal improvements:
- Antispam: better management of the daily update of the antispam rules
- Script customization: some scripts were not customized with the current unit ID
- More checks added to verify the database integrity
- New process to check for possible crashes of the database manager
- Cleanup of all the data entry, to avoid any possibility of XSS attack
- The Smart host relay check has been improved to avoid false Not Good status
|