Java and Web VPM behavior changes post upgrading to SGOS 7.x
search cancel

Java and Web VPM behavior changes post upgrading to SGOS 7.x

book

Article ID: 235880

calendar_today

Updated On:

Products

ASG-S400 ASG-S200 ASG-S500

Issue/Introduction

After upgrading from SGOS 6.x to 7.x, for Malware Scanning policy we need to install an Access layer and Content Security Policy layer in the web VPM.

When you install any policy from Java VPM the Access layer and Content Security Policy layer gets removed from Web VPM as below:

1. Adding Access layer and Content Security Policy layer via Web VPM.

2. Once the policies are installed via web VPM and if we make any changes from Java VPM and install the policy as below:

3. Post installing policies via Java VPM the Access layer and Content Security Policy layer are automatically removed from Web VPM.

Resolution

In order to retain the changes in Web VPM, we need to continue using Web VPM, if we use Java VPM the changes for the Content Security Policy layer and Access layer will be removed.

From Management Center also, we need to use the Web VPM to add/install the policy as below (These wont be visible on Java VPM):

Additional Information

Two pre-configured policies, Access Security Policy and Content Security Policy, are available in 7.x release. These policies are configured through the web Visual Policy Manager (VPM) and require minimal manual input and deployment time. Use this feature to implement best-practices security coverage out of the box, and to facilitate setup, deployment, and testing of policies.

This feature provides the following benefits over manually writing policy:

  • Implementation time; effect is immediately apparent and especially useful in evaluation deployments and mid-sized organizations.
  • Applies security policy to protect users first, allowing you to customize your policy with more complex rules as you learn how to use VPM/CPL.
  • Incorporates existing best practices published by Symantec leveraging URL Threat Risk Levels, URL categories, and content scanning recommendations.
  • Offloads managing and updating of policy to Symantec (via the Policy Services subscription on SGOS).

The underlying policy definitions required for this feature are delivered through the Policy Services subscription. Both Access and Content Security policies are disabled by default.

For more information on this feature, refer to the ProxySG Web Visual Policy Manager Reference and the "Using Policy Services" chapter in the SGOS Administration Guide (7.x).