Current Stories
PermaLink Sophos UTM Up2Date 9.201023 package04/11/2014 12:14 AM
 
We just did the upgrade.

System Version:  Sophos UTM 9.200-11

News:
Official 9.2 GA Release - update from 9.200.  Fix: OpenSSL vulnerability: TLS heartbeat read overrun (CVE-2014-0160)

Bugfixes:
 Fix [28439]: vpn site2site overwiev is missing ipsec respondOnly connections
 Fix [28953]: Object Changelog PopUp can not be closed in IE9
 Fix [29356]: [BETA] RED50 reconnects all the time
 Fix [29419]: [BETA] Web Policy tester and http.log do not display modifications by local site list
 Fix [29501]: Transparent AD SSO conflicts with WAF (port 80)
 Fix [29748]: [BETA] changing OTP has no effect on WAF
 Fix [29843]: [BETA] Changing AV Scanners cause memory spikes in http proxy
 Fix [30389]: [BETA] http cache fills up partition
 Fix [30441]: [BETA] SPX encryption has higher priority than SMIME or PGP encryption
 Fix [30446]: [BETA] SPX: some characters in mail subject lead to broken subject in pdf
 Fix [30561]: [BETA] Username with \ is seen in sAMAccountName with \\
 Fix [30571]: Add option to disable OTP for Webadmin/SSH from front panel LCD of UTM appliance
 Fix [30637]: [BETA] Handling Filter actions used in multiple policies
 Fix [30701]: [BETA] SPX: labels of original message are not correctly encoded in spx reply
 Fix [30723]: RED 10 stops working while handling large packets
 Fix [30869]: [BETA] DLP: Region selector of "Sophos CCL Rules" doesn't show the first element
 Fix [30898]: OTP: Token may be created for wrong user if remote/local user differ in case
 Fix [30925]: SPX: character sets other than UTF-8 break PDF and portal
 Fix [30934]: Incorrect Certificate used during Transparent HTTPS
 Fix [30940]: Wireless: Some SSIDs are shown as HASH(...) in WebAdmin
 Fix [30945]: ATP Dashboard Link & Reporting Issue (72h not visible)
 Fix [30949]: smtp scanner dies in combination with SPX and regular email encryption
 Fix [30951]: Outgoing mails get quarantined as "UNSCANNABLE" although "Quarantine unscannable and encrypted content" is disabled
 Fix [31368]: CVE-2014-0160: TLS heartbeat read overrun [9.2]

RPM packages contained:
 libaio-0.3.109-0.1.46.1123.g533121f.rb1.i686.rpm  
 libopenssl1_0_0-1.0.1g-1.1.0.162384817.g6fb2a0a.rb1.i686.rpm
 libopenssl1_0_0_httpproxy-1.0.1g-1.1.0.162384817.g6fb2a0a.rb1.i686.rpm
 libsaviglue-9.20-8.gf151022.i686.rpm              
 libudev0-147-0.84.1.1204.gafeab2c.i686.rpm        
 client-openvpn-9.20-6.g8b06b8a.noarch.rpm        
 cm-nextgen-agent-9.20-30.ge5cc2d9.i686.rpm        
 csync2-1.34-16.g6441592.i686.rpm                  
 ddclient-3.8.1-19.gc92ba51.noarch.rpm            
 ipv6-aiccu-20070115-22.g3a8bc92.rb2.i686.rpm      
 ipv6-hurricane-9.20-2.g0ad29e1.i686.rpm          
 irqd-0.7.0-1.0.159644070.g559c8c7.i686.rpm        
 modsecurity2-2.7.3-217.g3aac31f.i686.rpm          
 modurlhardening-9.20-105.gdd9c494.i686.rpm        
 openssl-1.0.1g-1.1.0.162384817.g6fb2a0a.rb1.i686.rpm
 perf-tools-3.8.13.15-111.g2bc35f6.i686.rpm        
 perl-IO-Socket-INET6-2.72-1.0.g8ae5623.rb1.noarch.rpm
 postgresql92-9.2.7-0.158345058.gf297d3f.i686.rpm  
 red-firmware2-3047-0.g0f89c54.noarch.rpm          
 udev-147-0.84.1.1204.gafeab2c.i686.rpm            
 utm-lcd-0.6-0.160585403.gdd50b97.i686.rpm        
 ep-reporting-9.20-50.g5038097.i686.rpm            
 ep-reporting-c-9.20-29.g8fe8de6.i686.rpm          
 ep-reporting-resources-9.20-50.g5038097.i686.rpm  
 ep-aua-9.20-21.geb23e00.i686.rpm                  
 ep-awed-9.20-12.ged755a7.i686.rpm                
 ep-awetools-9.20-0.160496936.g56cf6c5.i686.rpm    
 ep-branding-ASG-afg-9.20-15.g95ad6c2.noarch.rpm  
 ep-branding-ASG-ang-9.20-15.g95ad6c2.noarch.rpm  
 ep-branding-ASG-asg-9.20-15.g95ad6c2.noarch.rpm  
 ep-branding-ASG-atg-9.20-15.g95ad6c2.noarch.rpm  
 ep-branding-ASG-aug-9.20-15.g95ad6c2.noarch.rpm  
 ep-confd-9.20-277.gd2828a7.i686.rpm              
 ep-epsecd-9.20-8.g2b9a152.i686.rpm                
 ep-ha-9.20-10.g23d774e.i686.rpm                  
 ep-ha-daemon-9.20-12.gd43cf6f.i686.rpm            
 ep-hardware-9.20-25.g43085a0.i686.rpm            
 ep-hotspot-web-9.20-3.gbc6c5cb.i686.rpm          
 ep-init-9.20-15.g4ae830a.noarch.rpm              
 ep-ipsctl-0.5-0.160568320.g1b4e2e1.noarch.rpm    
 ep-libs-9.20-54.gafa5533.i686.rpm                
 ep-localization-afg-9.20-10.gced13ea.i686.rpm    
 ep-localization-ang-9.20-10.gced13ea.i686.rpm    
 ep-localization-asg-9.20-10.gced13ea.i686.rpm    
 ep-localization-atg-9.20-10.gced13ea.i686.rpm    
 ep-localization-aug-9.20-10.gced13ea.i686.rpm    
 ep-mail-templates-9.20-6.g280effa.noarch.rpm      
 ep-mdw-9.20-178.g9374392.i686.rpm                
 ep-raidtools-9.20-42.g6ceb7d8.i686.rpm            
 ep-red-9.20-21.gecf46fa.i686.rpm                  
 ep-screenmgr-9.20-0.gfa1fd0b.rb57.i686.rpm        
 ep-spx-auth-9.20-1.g90293a3.i686.rpm              
 ep-webadmin-9.20-349.gc2b1337.i686.rpm            
 ep-webadmin-contentmanager-9.20-27.g773d6f7.i686.rpm
 ep-webadmin-spx-9.20-4.gf5c4d08.i686.rpm          
 ep-wireless-firmware-5020-0.g5078652.i586.rpm    
 ep-chroot-smtp-9.20-107.g1754b76.i686.rpm        
 ep-chroot-pop3-9.20-2.gcfbe315.i686.rpm          
 ep-httpproxy-9.20-79.gbea8874.i686.rpm            
 kernel-smp-3.8.13.15-111.g2bc35f6.i686.rpm        
 kernel-smp64-3.8.13.15-111.g2bc35f6.x86_64.rpm    
 ep-release-9.201-23.noarch.rpm                    

The Badkey Team
http://beknown.com/john-willemse


Technorati:
PermaLink Sophos UTM Firewall Release 9.204/04/2014
 
We just did an upgrade to Firmware version: 9.200-11 on VMware ESX.
Release notes: UTM 9.200 Soft-Released (02-26-2014) @
astaro.org

Update to 9.200:

Major Features:
• Web: New UI policy model
• Mail: SPX encryption support
• Mail: DLP support
• Network: Botnet/C&C traffic detection and blocking
• Network: Major IPS performance improvements
• Authentication: Dual-factor authentication with OATH TOTP
• WAF: Authentication support

Smaller Features:
• Web: AD SSO in transparent mode
• Web: Warn action
• Web: Transparent HTTPS filtering w/o full SSL scanning
• Web: URL categorization override
• Web: PUA blocking
• Web: Enhanced log search
• Web: Policy tester
• Web/Endpoint: Web Control for SEC-managed endpoints
• Endpoint: Proxy support for LiveConnect
• Wifi: Hotspot: Fully customizable login page
• Wifi: Hotspot: Fully customizable vouchers
• Wifi: Hotspot: New hotspot type with authentication against UTM/Backends
• RED: optional tunnel compression
• RED: RED50: improve LCD output
• RED: RED50: VLAN configuration for switch ports
• WAF: Extended threat filtering
• WAF: Fallback hosts
• WAF: HTTP to HTTPS redirection
• Network: Support more DynDNS providers

From @download.astaro.com/UTM/v9/virtual_appliance/README.txt  (2014-Mar-04 )

Dear customer, thank you in your interest in the Sophos virtual UTM appliance.

We have decided to discontinue to provide a dedicated pre-compiled virtual UTM machine for VMware due to the limitations and restrictions this had for our customers which used this virtual machine. No matter how we configure and pre-install that virtual UTM machine, there are always customers which need a kind of customization, and it's difficult to change some of these parameters on a already existing virtual machine belated. So we think that it makes more sense for all of the customers to install the UTM software with their personal configuration on their own instead of using a pre-compiled  virtual machine which is difficult to parametrize.

To be clear: the support of Sophos UTM for virtual platforms like VMware ESX, Microsoft HyperV or Citrix XEN has NOT been discontinued. It┤s just the fact that we don┤t provide any more pre-installed pre-parametrized VMware machines. You are much more flexible in using our UTM solution by considering the following.

It is just a matter of some minutes to install you fully self-parametrized UTM in your virtual platform.

Please follow these steps:
- go to the same server you found this README.TXT, but from directory /UTM/v9/software_appliance/iso (don't use the files in directory smart_installer)
- download the ISO file you want to install (e.g. "asg-9.107-33.1.iso")
- create a new virtual machine in your virtualization   platform. customize it appropriate to your needs
- if asked for the type of your operating system, select "Linux 64 bit", "SUSE Linux Enterprise 11 64 bit" or similar
- as a rough guideline, we recommend at least: 2 CPUs (cores), 4 GB   RAM, 100 GB of disk space, and 2 NICs, 1 CDROM. For non-productive environments (evaluation/test machines), you can downsize of course
- it is no problem to add afterwards (also if the UTM already was running) CPUs, RAM, or NICs. It's not possible to resize the harddisks afterwards.
- for the NICs we recommend to use VMXNET3 drivers in VMware, or optionally E1000 drivers. DO NOT USE "FLEXIBLE" NICS  - it may lead to severe performance issues.
- mount the downloaded ISO file into the virtual CDROM

Now turn on your virtual machine and boot from the virtual CDROM. The UTM installer will come up. Go through the installer options and
screens and make the appropriate selections. If finished, the installation will begin.

THE INSTALLER DETECTS AUTOMATICALLY WHICH TYPE OF VIRTUALIZATION PLATFORM IS USED AND WILL INSTALL THE CORRECT DRIVERS/KERNEL MODUELS, LIKE VMWARE TOOLS ETC.

After the installation has finished and the UTM is rebooted, you can access the system by connecting to the Webadmin port 4444 on the NIC and IP you configured during the installation.

Dutch: Sophos UTM 9.2

Virtual Security is trots om Sophos UTM 9.2 te mogen aankondigen.

De ontwikkelaars van Sophos hebben de laatste maanden hard gewerkt aan het maken van UTM 9.2 de grootste Sophos release tot nu toe. UTM 9.2 heeft een verbazingwekend aantal nieuwe mogelijkheden. Op dit moment is UTM 9.2 als Beta beschikbaar voor iedereen die deze nieuwe versie wil testen. Zoals altijd is deze UTM firewall voor thuisgebruikers gratis. Virtual Security heeft ook de mogelijkheid om voor bedrijven een trial licentie te verzorgen.
Source: @virtualsecurity.nl/nieuws

Hierbij een overzicht van de nieuwe mogelijkheden:
  • Advanced Threat Protection (APT)
Een van de nieuwe features voor UTM 9.2 is de toevoeging van Advanced Thread Protection (APT) door Sophos UTM te integreren met Sophos Labs de is de Sophos UTM op de hoogte van wereldwijd actieve botnets en de bijbehorende command & control sites. Een Command en Control Site is de besturingsserver van een botnet. Door verkeer naar deze site te blokkeren wordt de communicatie van het botnet platgelegd en zullen interne servers of clients hier niet actief aan deelnemen. Daarnaast rapporteert de Sophos UTM welke interne PC's of servers geinfecteerd zijn met botnet malware zodat er verdere actie ondernomen kan worden om deze te verwijderen. Bijvoorbeeld door Sophos UTM endpoint te installeren op deze pc's.
Deze feature is beschikbaar in de Network Protection subscriptie en in de Fullguard van de Sophos UTM
  • Intrusion Protection System (IPS) Snelheid.
De IPS functionaliteid van de Sophos UMT is na een grondige optimalisatie sterk verbeterd. Dit is gerealiseerd door algemene verbeteringen in het IPS systeem maar ook door UTM Hardware specifieke optimalisatie te implementeren. Daarnaast is er een "pattern aging systeem" toegevoegd zodat er geen performance verloren gaat aan oude IPS regels. Dit is naar wens te configureren.
  • One-Time Password (OTP) / Two-Factor Authentication (2FA)
Een nieuw systeem is geimplemnteerd om sterke authenticatie te ondersteunen met behulp van de Goolge Authenticatior. Hierdoor kunnen gebruikers onderandere met Sterke authenticatie aanloggen op de Webadmin, Userportal en VPN. Daarnaast is het mogelijk om tokens die gebruikmaken van OATH en TOTP te gebruiken.
  • Nieuwe gebruikers interface voor Web Protection. 
De gebruikers interface voor Web Protection is volledig vernieuwd. Het is nog eenvoudiger om policies te maken en toe te kennen en te veranderen. Het is nu ook mogelijk om op gebruikers niveau policies te gebruiken. Ook is het mogelijk om device authenticatie te gebruiken zodat Sophos webprotection nog krachtiger is toe te passen.
  • Transparente Mode with Active Directory Single Sign On Authenticatie.
Het is nu mogelijk om met Web Protection in transparente modus te gebruiken met Active Directory SSO. Hierdoor zijn er geen proxysettings nodig op de clients en dit geeft dezelfde voordelen als dat je normaal zou hebben als je AD single-sign gebruikt op een explicit proxy.
  • Reverse Authentication (Authentication Offloading) voor Web Server Protection. 
Een compleet nieuw authenticatie mechanisme is toegevoegd aan Web Server Protection welke gebruik kan maken van basic authenticatie en form-based authenticatie. Hierdoor is het mogelijk om gebruikers hier tegen te laten authenticeren en indien geautoriseerd door te sturen naar de desbetreffende server. Bijvoorbeeld een webserver of Microsoft OWA.
  • Live AV Lookups en Sandbox Execution via Sophos Labs (Catchy Name still in the Works!)
Als Web Protection met de Sophos AV engine enabled is is er een nieuwe mogelijkheid om de optie "live cloud checksum lookups from Sophos Labs" te gebruiken. Lookups die falen zullen gescanned worden door de AV Engine. Lookups die "schoon"bevonden zijn zullen lokaal niet worden gescanned waar door de AV scanning sneller is. File checsums die onbekend zijn bij het wereldwijde netwerk van Sophos labs zullen als sample worden aangeboden en zal een verdere analyse plaats vinden door de files in een Sandbox te starten en het gedrag te analyseren.
  • Fully Transparent HTTPS Filtering
De Sophos UTM kan nu URL filtering doen op HTTPS sites zonder gebruik te maken van de huidige man-in-middle “full” HTTPS scanning engine. Door gebruik te maken van SNI ( Server Name Indication ) wordt de URL (of IP als de URL niet beschikbaar is) uit de HTTPS session onttrokken en gecontroleerd tegen de URL database.  
  • SPX One-Way Message Encryption
Sophos UTM 9.2 ondersteund nu een richtings encryptie van email berichten naar ontvangers die niet in het bezit zijn van een vertrouwd encryptie systeem zoals de reeds gesupporte encryptie via PGP of s/Mime. Een nieuwe optie bij Mail Protection is “SPX Encryption”. Dit is een richting mail encryptie gebaseerd op Secure PDF eXchange (SPX). Gebruikers kunnen uitgaande berichten encrypteren welke vervolgens worden verpakt in een encrypted PDF welke kunnen worden gelezen door de ontvanger als ze het wachtwoord weten.
  • Data Leakage Protection (DLP)
Een nieuw systeem voor Data Leakage Protection is toegevoegd aan mail protection welke door e-mails en bijlagen scant naar data die het bedrijf niet mag verlaten. Het is mogelijk om op categorie te filteren per regio met parameters zoals creditcard, bankrekening, adressen, telefoonnummers en meer dan 200 andere parameters.
Naast bovenstaande veranderingen in Sophos UTM 9.2 zijn er ook nog een aantal kleinere wijzigingen. De volgende zaken zijn ook toegevoegd of verbeterd.
  • Google Application Control
  • Background Active Directory Synchronization Option
  • Enhanced Web Log Searching
  • Fully Customizable Wireless Hotspot Pages 
  • RED Tunnel Compression
  • Web Protection Policy Testing Tool.
  • Authentication Method by Device Type
  • Local Site Reclassification Listing
  • More Detailed HTTP Logging
  • Web Control Integration with Sophos Enterprise Console
  • Potentially Unwanted Application (PUA) Blocking
  • HTTPS End-User Block Pages
  • Multi-domain Active Directory user support
Kortom Sophos UTM 9.2 is de oplossing om Microsoft ISA server of Microsoft TMG te vervangen.
Source: @virtualsecuritynl.blogspot.nl

More @download.astaro.com/UTM/v9/software_appliance/iso/

Image:Badkey Corner - Sophos UTM Firewall Release 9.2

The Badkey Team

Technorati:
PermaLink Crossware Mail Signature for IBM Domino and Microsoft Exchange04/03/2014 11:54 PM
 




Crossware’s Mail Signature is a server based application that automatically adds compliant, personalized, good looking email signatures to all outgoing emails. From now on your emails will be 100% consistent with your corporate image. Your signatures may include legal disclaimers, logos, graphics and even advertising banners.

The signatures are tamper proof and fully configurable for any number of staff or groups. The signatures can include the traditional information like Name [first name, last name, and title], Position [job title], Division [business unit], Address [physical and postal], Phone Numbers [office number, mobile number, direct dial and fax] and Email Address. In addition any type of information like disclaimers, logos, marketing text etc. can be added.

Crossware’s Mail Signature Solution doesn’t require design changes to either your IBM Domino address book or any modifications to your Lotus Notes email template, and it is compatible with IBM Domino version 5 and above.

The application works with all the Domino email clients such as: Lotus Notes [Windows/Mac/Linux], Domino Web Access [iNotes] and even Blackberries. In addition, any database used for sending out emails can have a signature appended to the email.
More @ibm.com/partnerworld

Centrally manage you company’s email signatures with Crossware Mail Signature.
Crossware Mail Signature is an email signature product for IBM Domino and Microsoft Exchange which allows you to have complete control of your email signatures. Once you install the software, you can completely customise the design to include logos, advertisements, social media, imagery etc. It is server-based, so your signature will be automatically appended to every email that leaves your organisation, even those sent from mobile devices.

Your company signature will be ‘tamper-proof’, meaning that no one will be able to edit their signature.

Feel free to contact us in the EMEA region we have a contact for you.
Contact information:
Company CrossWare Ltd. 125 The Strand. Parnell. Auckland New Zealand
Phone: +64 9379 7044. http://www.crossware.co.nz

EMEA Region:  Rob Hollier. London, United Kingdom. Sales Manager
+44 20 3588 2000  
rob@crosswareuk.com

The Badkey Team
http://beknown.com/john-willemse


Technorati:
PermaLink CentOS alert RHSA-2014-0328. Kernel Update.04/03/2014 08:09 PM
We just upgraded OTAP to Centos 6.5 Kernel 2.6.32-431.11.2.el6.x86_64 x86_64

Details:
Updated kernel packages that fix multiple security issues and several bugs are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.

The kernel packages contain the Linux kernel, the core of any Linux operating system.

* A flaw was found in the way the get_rx_bufs() function in the vhost_net implementation in the Linux kernel handled error conditions reported by the vhost_get_vq_desc() function. A privileged guest user could use this flaw
to crash the host. (CVE-2014-0055, Important)

* A flaw was found in the way the Linux kernel processed an authenticated COOKIE_ECHO chunk during the initialization of an SCTP connection. A remote attacker could use this flaw to crash the system by initiating a specially crafted SCTP handshake in order to trigger a NULL pointer dereference on the system. (CVE-2014-0101, Important)

* A flaw was found in the way the Linux kernel's CIFS implementation handled uncached write operations with specially crafted iovec structures.
An unprivileged local user with access to a CIFS share could use this flaw to crash the system, leak kernel memory, or, potentially, escalate their privileges on the system. Note: the default cache settings for CIFS mounts
on Red Hat Enterprise Linux 6 prohibit a successful exploitation of this issue. (CVE-2014-0069, Moderate)

* A heap-based buffer overflow flaw was found in the Linux kernel's cdc-wdm driver, used for USB CDC WCM device management. An attacker with physical access to a system could use this flaw to cause a denial of service or, potentially, escalate their privileges. (CVE-2013-1860, Low)

Red Hat would like to thank Nokia Siemens Networks for reporting CVE-2014-0101, and Al Viro for reporting CVE-2014-0069.

This update also fixes several bugs. Documentation for these changes will be available shortly from the Technical Notes document linked to in the References section.

All kernel users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. The system must be rebooted for this update to take effect.

More@redhat.com/errata/RHSA-2014-0328

The Badkey Team.

Technorati:
PermaLink ESX Build 1623387 (ESXi 5.5 Update 1)03/14/2014 09:54 PM
 

VMware ESXi™ 5.5 Update 1 11 MAR 2014 Build 1623387
Upgrade gedaan naar build 1623387 in de LAB omgeving (OTAP) voor evaluatie.

Image:Badkey Corner - ESX Build 1623387 (ESXi 5.5 Update 1)

Handig is RVTools 3.6 Version 3.6 (February, 2014). http://www.robware.net/

Description VMware ESXi 5.5.0 Update 1  
https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U1&productId=353&rPId=5254

Release Date 2014-03-11
See more at: https://my.vmware.com/web/vmware/details?downloadGroup=ESXI55U1&productId=353&rPId=5254#sthash.kMuxAW9R.dpuf

VMware ESXi 5.5 Update 1 Release Notes
https://www.vmware.com/support/vsphere5/doc/vsphere-esxi-55u1-release-notes.html

One small enhancement,
VMware ESXi 5.5, Patch ESXi550-201403210-UG: Updates ESXi 5.5 net-igb vib (2065823)
http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2065823

Image:Badkey Corner - ESX Build 1623387 (ESXi 5.5 Update 1)



The Most Affordable and Flexible Virtualization Solution
The QNAP TS-439 Pro II is certified as compatible with VMware« vSphere (ESXi and ESX) virtualization platform.
The NAS can be utilized as the networked shared storage of VMware virtualization environments and Windows cluster servers. Comparing with traditional SAN (Storage Area Network), the Turbo NAS is a competitive alternative with much lower setup and maintenance costs in an IP SAN.

The Feature-rich and Integrated Applications for Business
The NAS supports file sharing across Windows, Mac, Linux, and UNIX platforms. Versatile business applications such as file server, FTP server, printer server, web server, and Windows AD support are provided. The dominant features, such as WebDAV, Share Folder Aggregation (also known as DFS), IPv6 and IPv4 dual-stack, Wake on LAN, schedule power on/ off, HDD S.M.A.R.T, comprehensive log systems, and policy-based unauthorized IP blocking are all included features of a QNAP NAS server.

Image:Badkey Corner - ESX Build 1623387 (ESXi 5.5 Update 1) Image:Badkey Corner - ESX Build 1623387 (ESXi 5.5 Update 1)  


The Badkey Team
http://nl.linkedin.com/in/willemsej

Technorati:
PermaLink Running IBM Notes Traveler 9 on Linux Badkey03/12/2014 12:28 AM
 

Image:Badkey Corner - Running IBM Notes Traveler 9 on Linux Badkey

We now run IBM Notes Traveler V9.0.0.1 for Linux for xSeries Multilingual on VMware / vSphere 5.5 see the Release Notes
https://www.vmware.com/support/vsphere5/doc/vsphere-esx-vcenter-server-55-release-notes.html

What is IBM Notes Traveler ?  http://www-03.ibm.com/software/products/nl/notetrav/
IBM Notes Traveler on wikipedia.org  http://en.wikipedia.org/wiki/IBM_Notes_Traveler

File: NOT_TRA_9001_LIN_ML.tar.gz Build 201307181414 on Linux. In the LAB of Badkey.

IBM Notes Traveler 9.0.0.1 Interim Fix 4 Product Documentation
http://www-10.lotus.com/ldd/dominowiki.nsf/dx/IBM_Notes_Traveler_9.0.0.1_IF4

IBM Notes Traveler 9.0.1 IF 3 / 9.0.0.1 IF4 available
http://blog.nashcom.de/nashcomblog.nsf/dx/ibm-notes-traveler-9.0.1-if-3.htm

Index of recommended maintenance for IBM Notes Traveler
http://www-01.ibm.com/support/docview.wss?uid=swg24019529

[root@ install]# ./TravelerSetup -f installer.properties -i silent -l en
Notes Traveler 9.0.0.1 build 201307181414
Silent install started..
Notes Traveler version 9.0.0.1 build 201307181414 will be installed.

IBM Notes Traveler

What is IBM« Notes« Traveler ?
"No charge, push email software for IBM Notes users"

What's new in IBM Notes Traveler 9

Adaptive Initial Sync
Adaptive Initial Sync (AIS) is a new feature in IBM Notes Traveler 9.0.1 that helps ensure server availability in certain situations, such as bringing a server online or recovery scenarios.

MobileIron support for Android devices
Organizations using MobileIron to manage their mobile applications will now be able to take advantage of MobileIron application management capabilities with the IBM Notes Traveler client for Android, including the ability to provision application configuration settings, manage access through MobileIron Sentry, and enforce MobileIron application specific security polices. For more information, refer to this article link.

MobileIron support for Companion and ToDo applications on Apple iOS devices
Organizations using MobileIron to manage their mobile applications will now be able to take advantage of MobileIron application management capabilities with the IBM Notes Traveler Companion and ToDo apps for Apple iOS devices. For more information, refer to this article link.

Return receipts for Android devices
On IBM Notes Traveler for Android device, you can now elect to receive return receipts when your mail has been opened

More @Whats_new_in_IBM_Notes_Traveler_9.0.1

No charge, push email software for IBM Notes users
IBM« Notes« Traveler is push email software that provides quick access to email, calendar and contacts from a wide range of mobile devices or tablets.
This no charge mobile offering is available for IBM Notes and Domino« users. Enhance the productivity of your mobile workforce with this security-rich software.

IBM Notes Traveler (formerly IBM Lotus« Notes Traveler):
Is designed to keep your users connected and productive with full-featured email for smartphones and tablets.
Is security-rich, helping to safeguard sensitive data while enhancing compliance with your corporate policies.
Enhances administrator productivity and helps optimize network throughput.

The Badkey Team
http://nl.linkedin.com/in/willemsej

Technorati:
PermaLink Sophos UTM Firewall Release 9.203/07/2014 12:12 AM
 
We just did an upgrade to Firmware version: 9.200-11 on VMware ESX.
Release notes: UTM 9.200 Soft-Released (02-26-2014) @
astaro.org

Update to 9.200:

Major Features:
• Web: New UI policy model
• Mail: SPX encryption support
• Mail: DLP support
• Network: Botnet/C&C traffic detection and blocking
• Network: Major IPS performance improvements
• Authentication: Dual-factor authentication with OATH TOTP
• WAF: Authentication support

Smaller Features:
• Web: AD SSO in transparent mode
• Web: Warn action
• Web: Transparent HTTPS filtering w/o full SSL scanning
• Web: URL categorization override
• Web: PUA blocking
• Web: Enhanced log search
• Web: Policy tester
• Web/Endpoint: Web Control for SEC-managed endpoints
• Endpoint: Proxy support for LiveConnect
• Wifi: Hotspot: Fully customizable login page
• Wifi: Hotspot: Fully customizable vouchers
• Wifi: Hotspot: New hotspot type with authentication against UTM/Backends
• RED: optional tunnel compression
• RED: RED50: improve LCD output
• RED: RED50: VLAN configuration for switch ports
• WAF: Extended threat filtering
• WAF: Fallback hosts
• WAF: HTTP to HTTPS redirection
• Network: Support more DynDNS providers

From @download.astaro.com/UTM/v9/virtual_appliance/README.txt  (2014-Mar-04 )

Dear customer, thank you in your interest in the Sophos virtual UTM appliance.

We have decided to discontinue to provide a dedicated pre-compiled virtual UTM machine for VMware due to the limitations and restrictions this had for our customers which used this virtual machine. No matter how we configure and pre-install that virtual UTM machine, there are always customers which need a kind of customization, and it's difficult to change some of these parameters on a already existing virtual machine belated. So we think that it makes more sense for all of the customers to install the UTM software with their personal configuration on their own instead of using a pre-compiled  virtual machine which is difficult to parametrize.

To be clear: the support of Sophos UTM for virtual platforms like VMware ESX, Microsoft HyperV or Citrix XEN has NOT been discontinued. It┤s just the fact that we don┤t provide any more pre-installed pre-parametrized VMware machines. You are much more flexible in using our UTM solution by considering the following.

It is just a matter of some minutes to install you fully self-parametrized UTM in your virtual platform.

Please follow these steps:
- go to the same server you found this README.TXT, but from directory /UTM/v9/software_appliance/iso (don't use the files in directory smart_installer)
- download the ISO file you want to install (e.g. "asg-9.107-33.1.iso")
- create a new virtual machine in your virtualization   platform. customize it appropriate to your needs
- if asked for the type of your operating system, select "Linux 64 bit", "SUSE Linux Enterprise 11 64 bit" or similar
- as a rough guideline, we recommend at least: 2 CPUs (cores), 4 GB   RAM, 100 GB of disk space, and 2 NICs, 1 CDROM. For non-productive environments (evaluation/test machines), you can downsize of course
- it is no problem to add afterwards (also if the UTM already was running) CPUs, RAM, or NICs. It's not possible to resize the harddisks afterwards.
- for the NICs we recommend to use VMXNET3 drivers in VMware, or optionally E1000 drivers. DO NOT USE "FLEXIBLE" NICS  - it may lead to severe performance issues.
- mount the downloaded ISO file into the virtual CDROM

Now turn on your virtual machine and boot from the virtual CDROM. The UTM installer will come up. Go through the installer options and
screens and make the appropriate selections. If finished, the installation will begin.

THE INSTALLER DETECTS AUTOMATICALLY WHICH TYPE OF VIRTUALIZATION PLATFORM IS USED AND WILL INSTALL THE CORRECT DRIVERS/KERNEL MODUELS, LIKE VMWARE TOOLS ETC.

After the installation has finished and the UTM is rebooted, you can access the system by connecting to the Webadmin port 4444 on the NIC and IP you configured during the installation.

Dutch: Sophos UTM 9.2

Virtual Security is trots om Sophos UTM 9.2 te mogen aankondigen.

De ontwikkelaars van Sophos hebben de laatste maanden hard gewerkt aan het maken van UTM 9.2 de grootste Sophos release tot nu toe. UTM 9.2 heeft een verbazingwekend aantal nieuwe mogelijkheden. Op dit moment is UTM 9.2 als Beta beschikbaar voor iedereen die deze nieuwe versie wil testen. Zoals altijd is deze UTM firewall voor thuisgebruikers gratis. Virtual Security heeft ook de mogelijkheid om voor bedrijven een trial licentie te verzorgen.
Source: @virtualsecurity.nl/nieuws

Hierbij een overzicht van de nieuwe mogelijkheden:
  • Advanced Threat Protection (APT)
Een van de nieuwe features voor UTM 9.2 is de toevoeging van Advanced Thread Protection (APT) door Sophos UTM te integreren met Sophos Labs de is de Sophos UTM op de hoogte van wereldwijd actieve botnets en de bijbehorende command & control sites. Een Command en Control Site is de besturingsserver van een botnet. Door verkeer naar deze site te blokkeren wordt de communicatie van het botnet platgelegd en zullen interne servers of clients hier niet actief aan deelnemen. Daarnaast rapporteert de Sophos UTM welke interne PC's of servers geinfecteerd zijn met botnet malware zodat er verdere actie ondernomen kan worden om deze te verwijderen. Bijvoorbeeld door Sophos UTM endpoint te installeren op deze pc's.
Deze feature is beschikbaar in de Network Protection subscriptie en in de Fullguard van de Sophos UTM
  • Intrusion Protection System (IPS) Snelheid.
De IPS functionaliteid van de Sophos UMT is na een grondige optimalisatie sterk verbeterd. Dit is gerealiseerd door algemene verbeteringen in het IPS systeem maar ook door UTM Hardware specifieke optimalisatie te implementeren. Daarnaast is er een "pattern aging systeem" toegevoegd zodat er geen performance verloren gaat aan oude IPS regels. Dit is naar wens te configureren.
  • One-Time Password (OTP) / Two-Factor Authentication (2FA)
Een nieuw systeem is geimplemnteerd om sterke authenticatie te ondersteunen met behulp van de Goolge Authenticatior. Hierdoor kunnen gebruikers onderandere met Sterke authenticatie aanloggen op de Webadmin, Userportal en VPN. Daarnaast is het mogelijk om tokens die gebruikmaken van OATH en TOTP te gebruiken.
  • Nieuwe gebruikers interface voor Web Protection. 
De gebruikers interface voor Web Protection is volledig vernieuwd. Het is nog eenvoudiger om policies te maken en toe te kennen en te veranderen. Het is nu ook mogelijk om op gebruikers niveau policies te gebruiken. Ook is het mogelijk om device authenticatie te gebruiken zodat Sophos webprotection nog krachtiger is toe te passen.
  • Transparente Mode with Active Directory Single Sign On Authenticatie.
Het is nu mogelijk om met Web Protection in transparente modus te gebruiken met Active Directory SSO. Hierdoor zijn er geen proxysettings nodig op de clients en dit geeft dezelfde voordelen als dat je normaal zou hebben als je AD single-sign gebruikt op een explicit proxy.
  • Reverse Authentication (Authentication Offloading) voor Web Server Protection. 
Een compleet nieuw authenticatie mechanisme is toegevoegd aan Web Server Protection welke gebruik kan maken van basic authenticatie en form-based authenticatie. Hierdoor is het mogelijk om gebruikers hier tegen te laten authenticeren en indien geautoriseerd door te sturen naar de desbetreffende server. Bijvoorbeeld een webserver of Microsoft OWA.
  • Live AV Lookups en Sandbox Execution via Sophos Labs (Catchy Name still in the Works!)
Als Web Protection met de Sophos AV engine enabled is is er een nieuwe mogelijkheid om de optie "live cloud checksum lookups from Sophos Labs" te gebruiken. Lookups die falen zullen gescanned worden door de AV Engine. Lookups die "schoon"bevonden zijn zullen lokaal niet worden gescanned waar door de AV scanning sneller is. File checsums die onbekend zijn bij het wereldwijde netwerk van Sophos labs zullen als sample worden aangeboden en zal een verdere analyse plaats vinden door de files in een Sandbox te starten en het gedrag te analyseren.
  • Fully Transparent HTTPS Filtering
De Sophos UTM kan nu URL filtering doen op HTTPS sites zonder gebruik te maken van de huidige man-in-middle “full” HTTPS scanning engine. Door gebruik te maken van SNI ( Server Name Indication ) wordt de URL (of IP als de URL niet beschikbaar is) uit de HTTPS session onttrokken en gecontroleerd tegen de URL database.  
  • SPX One-Way Message Encryption
Sophos UTM 9.2 ondersteund nu een richtings encryptie van email berichten naar ontvangers die niet in het bezit zijn van een vertrouwd encryptie systeem zoals de reeds gesupporte encryptie via PGP of s/Mime. Een nieuwe optie bij Mail Protection is “SPX Encryption”. Dit is een richting mail encryptie gebaseerd op Secure PDF eXchange (SPX). Gebruikers kunnen uitgaande berichten encrypteren welke vervolgens worden verpakt in een encrypted PDF welke kunnen worden gelezen door de ontvanger als ze het wachtwoord weten.
  • Data Leakage Protection (DLP)
Een nieuw systeem voor Data Leakage Protection is toegevoegd aan mail protection welke door e-mails en bijlagen scant naar data die het bedrijf niet mag verlaten. Het is mogelijk om op categorie te filteren per regio met parameters zoals creditcard, bankrekening, adressen, telefoonnummers en meer dan 200 andere parameters.
Naast bovenstaande veranderingen in Sophos UTM 9.2 zijn er ook nog een aantal kleinere wijzigingen. De volgende zaken zijn ook toegevoegd of verbeterd.
  • Google Application Control
  • Background Active Directory Synchronization Option
  • Enhanced Web Log Searching
  • Fully Customizable Wireless Hotspot Pages 
  • RED Tunnel Compression
  • Web Protection Policy Testing Tool.
  • Authentication Method by Device Type
  • Local Site Reclassification Listing
  • More Detailed HTTP Logging
  • Web Control Integration with Sophos Enterprise Console
  • Potentially Unwanted Application (PUA) Blocking
  • HTTPS End-User Block Pages
  • Multi-domain Active Directory user support
Kortom Sophos UTM 9.2 is de oplossing om Microsoft ISA server of Microsoft TMG te vervangen.
Source: @virtualsecuritynl.blogspot.nl

More @download.astaro.com/UTM/v9/software_appliance/iso/

Image:Badkey Corner - Sophos UTM Firewall Release 9.2

The Badkey Team

Technorati:
PermaLink Windows XP SP3 and Office 2003. Support Ends April 8th, 201403/05/2014
.. we already removed all physical and virtual XP machines from the LAB environment.


Dutch: "Het is uitermate belangrijk dat u op die dag geen Windows XP meer draait, wanneer u verbonden bent met het internet. Het valt namelijk te verwachten, dat criminelen dan direct een stortvloed van opgespaarde kwaadaardige programma's zullen ontketenen. Specifiek gericht op zwakheden in Windows XP."

Why:
In 2002 Microsoft introduced its Support Lifecycle policy based on customer feedback to have more transparency and predictability of support for Microsoft products. As per this policy, Microsoft Business and Developer products, including Windows and Office products, receive a minimum of 10 years of support (5 years Mainstream Support and 5 years Extended Support), at the supported service pack level.

Thus, Windows XP SP3 and Office 2003 will go out of support on April 8, 2014. If your organization has not started the migration to a modern desktop, you are late. Based on historical customer deployment data, the average enterprise deployment can take 18 to 32 months from business case through full deployment. To ensure you remain on supported versions of Windows and Office, you should begin your planning and application testing immediately to ensure you deploy before end of support.

What:
It means you should take action. After April 8, 2014, there will be no new security updates, non-security hotfixes, free or paid assisted support options or online technical content updates.

Running Windows XP SP3 and Office 2003 in your environment after their end of support date may expose your company to potential risks, such as:
  • Security & Compliance Risks: Unsupported and unpatched environments are vulnerable to security risks. This may result in an officially recognized control failure by an internal or external audit body, leading to suspension of certifications, and/or public notification of the organization’s inability to maintain its systems and customer information.
  • Lack of Independent Software Vendor (ISV) & Hardware Manufacturers support: A recent industry report from Gartner Research suggests "many independent software vendors (ISVs) are unlikely to support new versions of applications on Windows XP in 2011; in 2012, it will become common." And it may stifle access to hardware innovation: Gartner Research further notes that in 2012, most PC hardware manufacturers will stop supporting Windows XP on the majority of their new PC models.

Get current with Windows and Office. This option has upside well beyond keeping you supported. It offers more flexibility to empower employees to be more productive, while increasing operational efficiency through improved PC security and management. It also enables your organization to take advantage of latest technology trends such as virtualization and the cloud.

Enterprise Customers: Microsoft offers large organizations in-depth technical resources, tools, and expert guidance to ease the deployment and management of Windows, Office and Internet Explorer products and technologies. To learn more about migration and deployment programs, please contact your Microsoft sales representative or Certified Microsoft Partner. Learn how to pilot and deploy a modern desktop yourself, download the free Microsoft Deployment Toolkit and begin your deployment today.

Small to Medium Business: There are many options for small and medium businesses considering moving to a modern PC with the latest productivity and collaboration tools. Small to mid-size organizations should locate a Microsoft Certified Partner to understand the best options to meet their business needs. If your current PC meets the system requirements for Windows 7 or Windows 8, you can buy Windows 7 Professional or Windows 8 Pro from a local retailer or Microsoft Certified Partner. If your PC does not meet system requirements, consider purchasing a new business PC with Windows 8 Pro.

More @www.microsoft.com/en-us/windows/enterprise/endofsupport.aspx

500 MEELLION PCs still run Windows XP. How did we get here? Just six months to go: what to do if you don't have $200 per PC.
By Gavin Clarke, 1st October 2013. More @www.theregister.co.uk/2013/10/01/six_months_end_xp_support/

Windows XP D-Day will be here before you know it.  Source: @news.cnet.com

Windows XP is still used on over one-third of installations.

Windows XP is still used on over one-third of installations. (Credit: Net Applications)


Dutch:
Windows XP: de Dag des Oordeels nadert, 8 april 2014 is de Dag des Oordeels voor Windows XP:
More @sites.google.com/site/computertip/einde-windows-xp

Informatieblad levenscyclus Windows-producten
More @windows.microsoft.com/nl-nl/windows/products/lifecycle

The Badkey Team

Technorati:

ClustrMaps
Locations of visitors to this page
My World Travel (21%)
world66.gif
47 countries World66 Member
Domino Social Edition
StatCounter Statistics

View My Stats
Visitor Activity
Planetlotus.org
StatCounter Came From
Crossware Mail Signature
Twitter