SafeSquid for Linux SWG safesquid-2018.0806.2020.3-swg-standard released
From Secure Web Gateway
Improvements
- Optimization in speed.
You will get better user experience and surfing speed. - Optimization in intelligent error correction.
Users reported inconvenience when connection timeout occurs when any server takes too long to reply to intitial connection request.
SafeSquid now makes 3 automatic retries in such events. - Optimized SNI implementation for automatic error correction while making SSL connection to remote websites.
A logical error, leading to faulty evaluation of SSL certificates presented by servers, was identified.
The error pertained to a flaw in SNI implementation, and has been fixed. - Optimized SSL session management.
Optimization done to reduce the memory utilization on SSL sessions.
SafeSquid now replaces SSL sessions to remote servers, more aggressively. - DLP configuration has been simplified and redundant options have been removed.
Redundant fields were removed from SafeSquid to simplify the DLP configuration.
DLP policies are now easier to configure. - Modified Access profiles section to directly use Ldap Profiles in User groups.
Mapping LDAP profiles to Usergroups in Access Restrictions section is now not necessary.
Access profiles section now displays and allows use of LDAP Profiles as User groups.
LDAP user groups are displayed in richer details in autosuggest mechanism. - Chunked content will not trigger buffering. Chunked responses by default will be automatically and intelligently bypassed for buffering.
Earlier when webserver was sending chunked content to SafeSquid automatic buffering was been done.
To suppress this administrator had to create complicated policies in SafeSquid.
SafeSquid will not anymore trigger buffering for chunked response. - Introduced new debugging mode in Image Analyzer.
A new field "Debug", added in the Image Analyzer, to facilitate easy debugging of the feature.
Enabling debug field to TRUE annotates the image with the scoring analysis.
If the scoring analysis predicts the image to be pornographic, the image will be automatically blurred.
Setting debug field to FALSE will replace blocked image with default template like checkeredgif. - Modified System configuration section to display mime type in autosuggest form that are to be compressed.
Earlier releases user had to create proper regular expressions to match MIME-types which should be buffered and compressed.
A semantic mistake in such regular expression could lead to ineffectiveness of the entry.
Autosuggest mechanism implemented on Always compress mimetype field to overcome this issue. - Implemented facility of User consent before any entry is deleted.
Ensured implementation of User consent before any entry is deleted from SafeSquid configuration. - Modified the broken bypass functionality.
When a user with bypass privileges now chooses to opens a website that has not been explicitly allowed, third-party urls seamlesslesly inherit the bypass. This bypass ensures clean rendering of the website requested by the user. The third-party urls will however remain blocked if they have been explictly blocked, or if any filter considers the content to be unacceptable.
The bypass feature intelligently supports clustered environment. - Fixed the problem of not blocking session based cookie which was without expiry time.
SafeSquid was not blocking the session based cookie that was having either wrong or no expiry time.
This is now fixed. - Introduced "privacy" and "bypass" logging mechanism.
Two new logs introduced in SafeSquid.
Privacy log captures incidences of third party web-sites when a user accesses a web-site, and action taken by elevated privacy.
When users with bypass privilege, execute their privilege to access a web-site that is not explicitly allowed, it is recorded in the bypass logs. It also records the users opinions about the site, and the URLs that were additionally bypassed, to present a seamless experience. - Modification for transparent redirect.
For transparent redirection (when 302 redirect is disabled) users were required to set the port to -1. However the default value in the configuration was 0. This anomaly caused dysfunction, because SafeSquid attempted to connect to remote web service on port 0. Now simply leaving the port to 0, when 302 redirect is disabled, the redirection intelligently keeps the port unchanged. - Introduced display of End User License Agreement(EULA) to user before product activation.
After new installation of SafeSquid End User License Agreement(EULA) will be shown. Please read the EULA properly.
Product activation process will continue only after your consent. - Improved the cloud restore mechanism.
Cloud restore mechanism is improved with proper display of files downloaded from cloud on SafeSquid WebGui.
New Users? Getting_Started
Download SafeSquid ISO to create your appliance.
Download safesquid-2018.0806.2020.3-swg-standard.tar.gz tarball for up-gradation or If you already have Linux 14.04 machine.