01-10-2008 04:08 PM
All,
I have read in one reply that some "issues" are fixed now with AsyncOS 5.5. Any information as to when this version will be released?
Thank you!
01-10-2008 05:18 PM
The Release 5.5.1 is already available for download.
Do you mean 6.x?
01-11-2008 08:15 AM
Aren't you mixing up Web Security with Email Security? 5.5.1 is available for Email Security, however not (yet) for Web Security where 5.2.0 is the latest available version. Right?
01-11-2008 12:41 PM
You are right, sorry for my mistake! :oops:
01-11-2008 03:31 PM
5.5.0 is available, but is a very limited release, being that it just finished the Beta process.
We currently do not yet have an ETA on a fully public release.
02-09-2008 01:25 AM
What does 5.5.0 fix from the current version? What new features does it enable? Thank you.
02-09-2008 02:28 AM
The list of resolved bugs will continually evolve until the general release of 5.5.0 (probably sometime in Q2 CY08).
As far as new features, the most notable new feature in 5.5.0 will be the addition of HTTPS traffic inspection.
-Jason
03-20-2008 02:40 PM
Dear Jason,
Can you briefly explain how does WSA perform HTTPS termination and inspection?
Thanks,
ezekiel
03-21-2008 05:05 PM
Ezekiel,
The short explanation is that the WSA executes a typical man in the middle SSL attack.
The WSA initiates SSL sessions with both the client and the server. After receiving the certificate from the server, the WSA generates it's own certificate and serves it to the client.
Since the certificate used to generate server certs is not trusted by the browsers, the browser will receive a trust warning. You can get around this by loading the CA cert into the clients on your network.
03-21-2008 07:48 PM
Just to make that a little more visual:
Client <- SSL Conn 1 -> WSA <- SSL Conn 2 -> Web Server
Since the WSA is in the middle of these SSL connections, it can see the traffic unencrypted, but you still maintain SSL security across the Internet and LAN.
For any sites with highly sensitive information (such as financial sites), you will also have the ability to set these categories to Pass-Through, so the WSA will not decrypt these connections.
-Jason
03-23-2008 02:54 PM
Thank you Jason and Josh.
Regards,
ezekiel
06-13-2008 10:36 PM
Thanks...
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide