What has changed in Internet Gateway 8.5 compared to older versions?

book

Article ID: 185012

calendar_today

Updated On:

Products

Management Platform (Formerly known as Notification Server)

Issue/Introduction

What has changed in Internet Gateway 8.5 compared to older versions?

Resolution

IT Management Suite 8.5 introduces the following changes for Internet gateway 8.5:

  • Internet gateway supports WebSocket protocol, allowing to perform tasks in real time on Cloud-enabled agents.
    Persistent connection also reduces the load on Internet gateway because the handshake is performed only once and later only the data is exchanged.
    Communication flow between the Symantec Management Agent, Internet gateway, and Notification Server (and site servers) has remained the same.
  • Dependency on Apache HTTP Server and OpenSLL has been removed, reducing the maintenance efforts on security updates for Internet gateway.
  • One Internet gateway instance supports 15,000 concurrent client connections. (In 8.1, Internet gateway only supported 3,000 concurrent connections.)
    Note that Internet gateway component was changed to increase the number of supported concurrent connections. You might still need to increase the max connections or configure the dynamic port range on your operating system.
    https://docs.microsoft.com/en-us/biztalk/technical-guides/settings-that-can-be-modified-to-improve-network-performance
  • Operating systems supported for Internet gateway 8.5:
    • Windows Server 2008 R2
    • Windows Server 2012 R2
    • Windows Server 2016 (including Core Edition)
  • Certificate validation for site servers is extended to validate the site server certificate continuously.
  • The Internet gateway service that lets you detect running Internet gateway process has been changed:
    The service in 8.1 "C:\Program Files\Symantec\SMP Internet Gateway\Apache\bin\httpd.exe" -k runservice
    The service in 8.5 "C:\Program Files\Symantec\SMP Internet Gateway\InternetGateway.exe" service
  • The UI of Internet Gateway Manager has been improved and several new settings added:
    • Several new connection settings added
    • Connection per certificate - to not allow making too many connections with the same certificate from the same IP address. (to prevent DDOS attacks)
    • Options to change the Log Severities
    • FIPS cannot be enabled/ disabled in the UI anymore, because it disabled FIPS only for Apache. Now you would need to enable/disable FIPS for the operating system.
      https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation
  • Several performance counters are added to the Internet gateway
    The Performance Monitor allows to view metrics such as active client connections, connections in the queue, etc.
  • Internet gateway can now report to several Notification Servers.

Other things to know:

  • In-place upgrade is available with complete settings migration.
  • Internet gateway 8.1 is fully supported by 8.5 Symantec Management Agents, Notification Server, and site servers.
  • Internet gateway 8.5 supports Symantec Management Agents older than 8.5.