Change history for Symantec Web Gateway 4.0.0.x
search cancel

Change history for Symantec Web Gateway 4.0.0.x


Article ID: 152372


Updated On:


Web Gateway


You seek a detailed change history for Symantec Web Gateway 4.0.0 builds.


Previous Version -
1. This release addresses a compatibility issue when IE6 opens directly a PDF and Office files after SWG AV scan.
It works fine when the file if first saved and then opened. After this release, the AV scanning of
PDF and Office files is forced to streaming and will be transparent to IE.

Previous Version -
1. Added scanning, blocking and detailed reporting for HTTP file uploads (outgoing)
including plain HTTP POST, webmail attachments and Yahoo! Messenger POST transfers.

2. Added scanning and blocking for file transfers through a SOCKS proxy, including HTTP,
FTP, and IMs.

3. New feature: Quarantine - It is now possible to quarantine infected PCs from Internet

4. Various enhancements to reports:
- Web Destinations enhancement to report the top ten users per category.
- Filters were added to most of the reports to allow any report to zoom in on a
smaller subset for a custom result. Examples include the Executive summary which
can be filtered to specific group, or subnet, etc., Enterprise browse time, Infected
clients, Attack reports, Application reports and so on.
- The the date filter is now maintained and carried on when "zooming" in / following
a link in a report, to produce a continuous and consistent thread of research.
- A new web domain column was added to custom report.
- Reports can be delivered now over FTP in addition to email.
- Optimized marking clients/events as fixed to get faster response.
- Allow preview of end user pages without first saving.
- Added NTLM and LDAP test button for configuration validation.

5. Improved detection and control of WindowsLive IM file transfers over Proxy. Improved
handling of simultaneous transfer of multiple files through Yahoo Messenger and IRC.

6. Performance enhancement to the UI system delivers faster reports when using the
preset date filters (yesterday, last 7 days, last 30 days, etc.).
- In addition, the reports' default date filter changed to be "Today" (configurable).
This results in a faster default UI response time on across the board.

7. Added support for SNMP V3

8. Login security enhanced with ability to set required password length
and complexity, User account lockouts after multiple failed logins, and forced logoff
after maximum usage time.

9. After hours settings for Content filter is set per policy (previously a
global setting).

10. Whitelist enhanced to enforce a scenario where an IP is whitelisted and is also
being used to identify a server (such as a proxy) - now the whitelist function will
take precedence for this IP.

11. Added description field to policies and URL exceptions for administration convenience.

12. Released a new dcinterface v4.0.1. It fixed a problem of dcinterface didn't send some
specific computers IP and LDAP username to SWG.

13. Add a checkbox of applying static route to internal network.

Previous Version -
1. Fixed a problem that SWG stops upload event to Central Intelligence.

2. Fixed a problem that occasionally SWG miss malicious file download detection
over FTP protocol.

Previous Version -
1. Improved handling of FTP uploads, FTP over BlueCoat proxy and certain FTP sites.

Previous Version -
1. Fixed a scenario that may intermittently miss LDAP authentications.

2. Fixed a problem where the wrong workgroup policy may be applied.

3. Fixed an issue where the SWG Proxy settings may be disabled if any of the
following configuration tabs (Network, Operating Mode, Name, Email, Syslog, SNMP,
Time) has changed after the upgrade to release

4. Support for new Microsoft SilverLight updates.

5. Fixed a FTP protocol handling that may lead to FTP download failure.

Previous Version -
1. Fixed a scenario that may intermittently miss LDAP authentications.

2. Fixed a problem where the wrong workgroup policy may be applied.

3. Fixed an issue where the SWG Proxy settings may be disabled if any of the
following configuration tabs (Network, Operating Mode, Name, Email, Syslog, SNMP,
Time) has changed after the upgrade to release

4. Adjusted support for Microsoft SilverLight following changes in this application.

Previous Version -
1. Addressed a scenario that enabled a file download over a random port to bypass AV

2. Content Filter added six (6) new categories:
General Business - This category includes Web sites of industry, business, economy and
supply of services.

Social Networking -This category contains Web portals that provide a virtual community
to find and connect to people interested in a particular shared subject. The sites
enable their members to publish profiles including personal data / media and provide
interpersonal communication channels.

Business Networking - This category contains web portals that provide a virtual
community to cultivate business contacts.

Social Media - This category includes Web sites that enable users to view, search for,
rate and publish media files and streams.

Web Storage - This category includes Web sites that offers file system-like services
to share or backup files, often combined with user definable access rights.

Banner Advertisements - This category includes Web sites for ad-serving services, ad
servers and pay-to-surf services.

As of October 2008, the URL filter database contains 98 million entries,
covering more than 9 billion analyzed websites and other web content.
It covers more than 220 countries and 46 languages.

3. Various improvements of Application Control file scans through YahooMessenger, QQ,
AIM, WindowsLive.

4. Fixed CIU policy order when All Web Gateways option is used.

5. Addresses a scenario when FTP blocking protocol may not close the file transfer
properly with a certain implementation of server side ftp protocol termination.

Previous Version -
1. Enhanced FTP processing with a variant of the protocol including support for the
BlueCoat FTP proxy implementation.

2. Added scanning, blocking and reporting for FTP file uploads (outgoing).

3. New: customizable policy templates allow easy and flexible customization of the initial
policy settings.

4. Added Radius PAP / CHAP configuration options.

5. It is now possible to configure multiple syslog servers. Syslog event will be logged
simultaneously to all servers.

6. Enhancement to automatically address networks with proxy over port 80.

7. SNMP MIB of the SWG CPU utilization will now return the rolling one minute average.

Previous Version -
1. Enabled filter by Unauthenticated (LDAP) events in various reports.

2. Enabled AV database daily update through a proxy.

3. Fixed a scenario where the top OU chart in the Web destinations report may have
duplicate OU entries.

Previous Version -
1. Extended workgroup search reporting to cover members.

3. Added support for Safari browsers.

4. Fixed a scenario where after-hours policies may not execute.

5. Fixed a custom report filter issue - when using an Action filter additional filters
are not processed.

6. Fixed Radius custom port configuration not taking effect.

7. Changed infection alert generation to send no more than the configured alert
threshold per hour.

8. Fixed a scenario where AD Workgroups may not be retrieved from the directory to update
AD users record.

Previous Version -

1. Additional enhancements to NTLM to improve transparency. Added a configuration option
to use the SWG's interface host-name instead of IP for authentication. For IE
browsers, this option may eliminate a need to add the SWG IP to the browser's Local

2. Added trap ID to System alerts and Detection type to Malware alerts to assist in
automatic processing of SNMP and Syslog alerts.

3. This release addressed a scenario where a URL may not be classified if the domain
section of URLs is split across multiple packets or starts in the second or third

4. The SWG configured name will be now used as the SWG hostname unless the
interface hostname is explicitly configured.

5. Fixed a scenario where a successful FTP download may be reported as Blocked.

6. Support multiple SNMP community strings and access control list.

Previous Version -

1. NTLM Authentication, override incorrect domain returned by end-users IE browser.
Otherwise, IE browser may cause intermittent authentication failures.

2. Increased NTLM authentication throughput.

3. Fixed a problem where URL exception failed on HTTP CONNECT method.

4. On file inspection - disable auto-switch to streaming when malware is detected.

5. Enabled toggling of reporting option between department and OU.

6. Added a configuration option to display or hide port name in addition to the port

7. Added SWG and Central Intelligence names in Symantec logo.

8. Fixed SWG failed to bypass after detecting hard disk failure on systems without
redundant disk drive.

9. Fixed Ethernet auto-negotiation was turned off after software upgrade or turn off

10.Fixed the problem of cannot save configuration in any page.

Previous Version -

New Features in this release:
1. Application Control - provides the ability to monitor and control over 100 applications
and protocols including P2P, IM, remotes access utilities and more.

2. Central management Integration - enables central management of SWGs by
the Central Intelligence Unit (CIU).

3. Dual home topology is now supported on the 007 and 009 models. The feature
enables the second pair of inline ports (LAN/WAN2) and allows simultaneous processing
of two streams of network traffic.

4. Geolocation reporting is now available on the product and allows geolocation identity
of attackers, Botnet's Command and control, remote application servers and more.

5. Multiple AD workgroups are supported in addition to Departments and OU.

6. NTLM Authentication allows to periodically enforce end user authentication to AD

7. It is now possible to authenticate the SWG administrators using an external Radius

8. The SWG proxy support function can be configured to scan multiple ranges and up to
32 proxy ports.

9. The Black List edit function was enhanced to import black list file.

10. Additional SNMP MIB variables were added to allow polling for device status and
other management information.

11. SNMP traps can be sent to multiple trap receivers.

12. DCInterface Software enhancement to filter out certain administrative LDAP user names
allows to skip repeat login by administrative utilities to end-user systems)

13. It is now possible to exclude IP address(es) from a white listed IP subnet.

14. Report frequency and filters were added to report last 15 minutes and last 30 minutes

15. The SWG User interface for configuration was restructured utilizing various task
driven configuration tabs. The previous Advanced Page is eliminated.

16. Added additional filter to Enterprise Summary and Department reports.

17. Enhanced LDAP performance and domain controller session management.