Benefits of upgrading to ProxySG 6.7

book

Article ID: 171339

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

What are the benefits of upgrading to ProxySG 6.7?

Resolution

ProxySG 6.7 contains new features plus improvements in performance and security. For further information please see the webcast Proxy 6.7 Upgrade Benefits - All You Need to Know and the attached Proxy6.7_Upgrade_Benefits.pdf which is available from the Download Files section.

Features:

  • SSLV Integration with ProxySG/ASG
  • Universal policy enabling SG policy movement to WSS
  • Client certificate emulation for reverse proxy
  • Numerous WAF enhancements for reverse proxy deployments
    • Command Injection Engine Version Logging
    • WAF Scan Details Logging (x-bluecoatwaf-scan-info)
    • SOAP Request Handling 
    • Cross Site Request Forgery (CSRF) Attack Protection 
    • Masking Sensitive Data in Access Log Details 
    • Invalid/Multiple Encoding Details in Access Logs 
    • Identify Transactions in Exception Pages and Access Logs 
  • DNS Proxy access logging
  • User Email Address Reporting
  • Authenticating Outbound SSH Connections
  • SCP Upload Client
  • Kerberos Constrained Delegation
  • Application Groups
  • Application Attribute Enhancements
  • SGOS on Cisco Cloud Services Platform
  • New Reverse Proxy and WAF Licensing
  • OpenSSL Upgrade to version 1.0.2
  • Skype for Business
  • Enhanced CCL Policy
  • HTTP Non-Cacheable Debug Log Enhancement
  • Data Leak Detected Exception Page for Symantec DLP Violations
  • SSL Intercept and DNS Policy Support in Tenant Policies
  • VPM Support for Client Certification Validation CCL
  • Policy Control of Cookie Persistence in Authentication

New Features in 6.7 (when upgrading from 6.5)

  • Intelligence Services (URL Threat Risk Levels, Geo IP)
  • CASB Audit Feed: 21K apps, + groups, + attributes in policy and logs

New Features in Advanced Secure Gateway 6.7 (Content Analysis-specific)

  • Integration with Symantec Endpoint Protection Manager
  • Unified Threat Reporting (new to ASG but an existing feature in ProxySG with standalone CA)
  • Symantec Cloud Sandboxing
  • Symantec AV vendor
  • Symantec Advanced Machine Learning support.

Performance

  • ProxySG Performance Gains with SSL Offload
  • Network HSM failover
  • Pipelining Disabled by Default for Better Network Performance
  • Improved ICAP Load Balancing

Security

  • Increased Key Sizes for Emulated Server Certificates
  • ECDSA support
  • Extended Cipher Suites: AES-GCM and SHA384 support (+6 ciphers)
  • New TLS and Cipher Defaults
  • TLS update including additional ciphers and updated defaults for better security and ECDSA certificate validation

Attachments

Proxy6.7_Upgrade_Benefits.pdf get_app