WebMarshal

Version: 6.5.6, Last Revision: April 22, 2010

These notes are additional to the WebMarshal User Guide and supersede information supplied in that Guide.

The information in this document is current as of the date of publication. To check for any later information, please see M86 Security Knowledge Base article Q12719.

Table of Contents

What's New
Upgrading WebMarshal
Uninstalling
Hardware and Software Requirements
Change History

 

What's New

For more information about additional minor features and bug fixes, see the change history.

Features New in 6.5.5

“Works With Windows®  Server 2008 R2”
“Compatible with Windows®  7”
WebMarshal has been tested with Windows Server 2008 R2 and Windows 7.
WebMarshal has been independently verified as compatible with these platforms according to Microsoft-recommended standards.
Enhanced handling of large files and Streaming Media
WebMarshal now handles streaming media with no special configuration. User experience of large downloads is enhanced. For more information, see M86 Security Knowledge Base article Q12925.
Automated user purge
The "purge unreferenced users" function can now be configured to run daily.
Filter active sessions by user and/or processing node
New selection functions on the active sessions screen help to find specific sessions.
Add URL to category from Active Sessions
New right-click function to allow quick adding of URLs.
Configure how quotas apply to cached files
Optionally do not count files served from the WebMarshal Cache against the user's volume quotas.
TRACEnet blocks display in Reports
TRACEnet information displays under a "rule" name in the form TRACEnet\category (for example, TRACEnet\Spam Sites).
Default Rules have changed
The default policy imported on new installations has been reviewed and updated. For more information, see Knowledge Base article Q12986.
 

Features New in 6.5

Proxy Caching
WebMarshal now allows caching of HTTP web content to provide quicker response for users.
Support for Microsoft SQL Server 2008
WebMarshal now supports the use of Microsoft SQL Server 2008 for logging and reporting.
SafeSearch
WebMarshal now provides the ability to enforce use of the safe search features available in major search engines (as of this release, supporting Google, Yahoo!, and Bing).
TRACEnet
The TRACEnet functionality is an automatically updated "zero day" blacklist that prevents users from browsing to websites identified as malicious or dangerous by the M86 Security Labs team.
Dashboard and Monitoring Enhancements
A new Monitoring node of the console includes Active Session, Dashboard, and Event Log. The Dashboard has an improved layout, and includes sections for TRACEnet and Proxy Caching.
Automated Configuration Backup
WebMarshal can now be configured to automatically backup its configuration on a nightly basis.
Integration of Marshal8e6 Filter list
The Marshal8e6Filter list is an additional URL categorization listing now available with WebMarshal.
Customer Feedback
WebMarshal 6.5 reintroduces the Customer Feedback functionality that was previously available in WebMarshal 3.7. The function provides the ability for administrators to participate in sending anonymous information about browsing history to M86 Security. The information is used to improve product quality and functionality.
File Type recognition and unpacking enhancements
WebMarshal now recognizes and unpacks additional types, including OpenOffice file types. For details of other improvements see the MC items in the change history. See also M86 Security Knowledge Base article Q12839.

Features New in 6.1.7

Support for Additional Marshal Filtering List Categories
The Marshal Filtering List now includes the following new categories: General Business, Banner Advertisements, Social Networking, Business Networking, Social Media, and Web Storage.

Note:
 

Features New in 6.1.5

Support for Microsoft Windows Vista
WebMarshal now supports Windows Vista, 32 or 64 bit versions.
Support for Microsoft Windows Server 2008
WebMarshal now supports Windows Server 2008, 32 or 64 bit versions.

Notes:
 

Features New in 6.1

Connection Rules
WebMarshal can now control connection attempts from many Instant Messaging and Streaming Media applications. Connection Rules control HTTP
access only.
HTTPS Content Inspection
WebMarshal can now inspect HTTPS traffic. HTTPS rules include validation of the protocol and certificate. WebMarshal can decrypt traffic, apply content analysis, and re-encrypt for transfer to the client.
Real-Time Dashboard
The WebMarshal Console now provides a dashboard that allows an administrator to easily monitor statistical information about WebMarshal server performance, traffic volume, and filtering activity.
ISA plug-in functionality
WebMarshal 6.1 re-introduces the ISA plug-in (WebFilter) functionality that was previously available in WebMarshal 3.X. Connection rules and HTTPS rules are not available with the ISA plug-in.

Features New in 6.0.3

Disk Space Checking
WebMarshal Proxy now checks free disk space and refuses requests if space is low. The minimum required is 512MB by default. The warning level is 1.5GB. For details, see M86 Security Knowledge Base article Q11896.
Sophos for Marshal Support
M86 Security now provides an integrated package (updater and scanner) using the Sophos Anti-virus engine. You can download Sophos for Marshal from the M86 Security website. Version 6.0.3 and above trial keys enable this component. If you want to try Sophos for Marshal and you already have a permanent WebMarshal key, please contact M86 Security to obtain a special time-limited key.

Features New in Release 6.0

Array Support
WebMarshal 6.0 is more scalable and now supports centrally managed arrays.
Server Groups
Rules and configuration settings can be applied to groups of processing servers.
Database Outage Resilience
WebMarshal will continue processing user requests even if the database goes offline. The database is not used to store configuration. Database log records are queued until the database comes back online.
Content Type Detection
WebMarshal can now block content based on the Content-Type header returned by websites. This means WebMarshal does not need to download a file to block it by type. This saves bandwidth usage.
Archive and Document File Unpacking
WebMarshal recursively unpacks archive and document file types and applies content rules to the contained files.
Active Directory Connectors
WebMarshal can now import users and groups using native Active Directory Connectors. WebMarshal can import from the local AD domain and trusted domains.
Policy Containers
The structure of WebMarshal rules has been improved to allow for nested policy containers. This allows for clearer more intuitive policy layout and additional flexibility.
Additional Access Control
WebMarshal now allows different levels of access to Console items and the Array Manager. Access can be granted to helpdesk staff.
Streamlined User Interface
WebMarshal now has an updated configuration console, designed to make administration tasks easier and more intuitive, including an improved policy tester.
Text Logging
WebMarshal services log functional and error information to text log files.
Revert Configuration
You can re-set any configuration changes that have been made in the Console and not yet committed.

Features of previous versions that are not included in the initial 6.0 release

ISA Plug-in Support
 Plug-in (WebFilter API) installation to ISA is not supported in this release. Same-server chained installation is supported.
Feedback
URL Aggregator feedback to M86 Security is not implemented.
Rule Action 'Send Net Popup'
This action has been removed.
 

Earlier Feature Enhancements

To review earlier feature enhancement history, see the release notes for earlier WebMarshal versions.

Upgrading WebMarshal

To upgrade from a previous version 6.x release, run the product installer on each server where WebMarshal components are installed (including the Array Manager, and any additional processing node servers and Console installations). 

See the upgrade notes below for version-specific information.

You cannot upgrade directly from a version 3.X installation. Due to the changes in policy structure and server communication in WebMarshal 6.X, you must install WebMarshal 6.X as a new installation. Database and software upgrade from version 3.X or earlier versions is not supported. Upgrade from Beta releases of WebMarshal 6.0 is not supported.
Note: Version 3.X license keys are not valid for WebMarshal 6.X. You must obtain a new permanent key. When installed, WebMarshal generates a 30-day trial key.
 
You can install WebMarshal 6.X side-by-side with WebMarshal 3.X on the same server. Note that you cannot use the ISA plug-in for both versions at the same time. For details, please see M86 Security Knowledge Base article Q11833.

Upgrading from 6.0 to 6.5

When you upgrade a WebMarshal 6.0 installation to 6.5, you will be asked if you want to upgrade your policy. The policy upgrade adds new sample HTTPS and Connection Rules and policy elements, to assist you in using new features of the product. The upgrade does not change any existing policy elements, and it does not change the effective rules.

Note: Using HTTPS Content Inspection significantly increases CPU usage on the WebMarshal processing servers (due to encryption and decryption load). Depending on the amount of HTTPS traffic that you choose to inspect, you may need to improve your server specification.

If you are logging data to a SQL database, the database must be upgraded. If necessary, the installer will prompt for credentials of a database user with permission to upgrade the database (database owner privilege). If the database is not upgraded, database logging will be disabled until you upgrade the database and re-enable logging. For more information and instructions, see M86 Security Knowledge Base article Q12030.

Be sure to upgrade any WebMarshal Console installations on other workstations.

Upgrade Notes

 

Uninstalling

Note: In a multi-node ISA environment, prior to removing WebMarshal from a processing node, first re-configure WebMarshal to use the standalone proxy (not the ISA plug-in). For more information about this requirement and how to recover from any problems that could occur, see M86 Security Knowledge Base article Q13684.

You can cleanly uninstall the program using the following steps:

  1. Close the WebMarshal applications including the Console and Reports on all workstations.
  2. On the WebMarshal server(s), use the Windows Add/Remove Programs control panel to remove WebMarshal.
  3. If you selected a location outside the WebMarshal install folder for files created by WebMarshal (such as Proxy Cache or Configuration Backup), the uninstallation will not remove the files. Delete these files manually if required.
  4. On any other workstations where WebMarshal components were installed, use the Windows Add/Remove Programs control panel to remove them. These components can include WebMarshal console software and WebMarshal Reports.
  5. You can drop the WebMarshal database from the SQL server by using the SQL Express administration tools.

 

Hardware and Software Requirements

Hardware required is dependent on the number of concurrent web users and the rules in use. Use of Filtering Lists improves performance. Heavy use of TextCensor decreases performance.

Typically a computer with the following specifications is adequate as a processing server for 250-500 concurrent users.

WebMarshal Array Manager and processing servers require the following software:

WebMarshal Console requires:

WebMarshal Reports require:

 

Change History

The following additional items have been changed or updated in the specific build versions of WebMarshal listed.

6.5.6 (April 22, 2010

WM-3952 In version 6.5.5, database logging incorrectly logged activity in local time at the Array Manager (instead of UTC). Fixed. For more information, see M86 Knowledge Base article Q13729.
WM-3963 Installation or upgrade now records the date and time (UTC) in the Registry.

6.5.5.6975 (March 10, 2010) 

WM-1931 WebMarshal now tracks each protocol for each domain separately in Active Sessions. If two protocols are used to access a domain at the same time, WebMarshal counts two visits.
WM-2082 The "exclude request from logging" action did not correctly exclude visits to HTTPS sites. Fixed.
WM-2084 When using the ISA plugin, browsing could be slowed due to inefficient user matching. Fixed.
WM-2177 McAfee for Marshal failed to scan some extracted files. Fixed.
WM-2300 The Server Tool now provides for editing of temporary and log file locations and some common proxy settings.
WM-2316 The Support Tool can now upload gathered information automatically by FTP.
WM-2337 WebMarshal with HTTPS inspection now can proxy requests from FTP clients that use the HTTP CONNECT method. For configuration options, see Knowledge Base article Q12950
WM-2338 The Active Sessions view can now be filtered by processing node.
WM-2363 Updated information in Active Directory accounts imported through the NT Connector is now handled correctly.
WM-2462 When adding a user group in the Console, status information was not refreshed automatically. Fixed.
WM-2519 Upload rules are now disabled automatically when running as an ISA plugin.
WM-2545 The SmartFilter functionality has been updated to the latest version of the software SDK.
WM-2562 WebMarshal can now import users through the AD connector from a domain trusted by the domain in which it is installed (one-way trust).
WM-2611 All changes to policy elements now prompt for a configuration commit. This change is for consistency and user understanding.
WM-2684 Sophos scanning could fail to delete temporary '$$$' files. Fixed.
WM-2688 Configuration backups included uncommitted changes. Fixed: Backups now include only committed changes. Note that membership of user groups and URL categories is updated without explicit commits and the latest values are always included.
WM-2696 A new "What's New and Cool" page displays in the Console after an upgrade has been performed. This page is also available from the Console Help menu.
WM-2704 For user understanding the default paths for configuration backup and traffic logging in the Console use the variable %WebMarshal% to indicate they are relative to the install location.
WM-2921 In multi-node ISA Enterprise environments, unregistering of the WebMarshal filter did not work. Fixed. Note that the Microsoft Firewall service must be manually restarted after ISA configuration has been fully replicated to all servers.
WM-3020 The Performance Monitor counter descriptions now indicate the units counted.
WM-3021 The Proxy service could fail to delete temporary files when Sophos scanning was enabled. Fixed.
WM-3023 The Active Sessions view can now be filtered by user name.
WM-3032 The User Properties window now includes a tab showing all groups the user is a member of.
WM-3037 Advance logging settings can now be configured to set full logging for particular IP client IP addresses.
WM-3044 Streaming content type configuration has been removed because it is no longer required as a result of WM-3063.
WM-3063 WebMarshal now hold back a small fixed amount of downloaded files instead of a percentage.
WM-3069 The MarshalFilter functionality has been updated to the latest version of the software SDK.
WM-3077 The name of the connected Array Manager now displays in the title bar of the Console window.
WM-3148 WELF logging now shows the parent container name if a request is blocked because no rule in the container matched.
WM-3178 Web installer packages now are signed with a publisher name.
WM-3196 The Proxy service could exit prematurely during shutdown. This issue has been addressed with a code change.
WM-3220 Block pages now change to a small format when required.
WM-3228 SmartFilter categories have changed. For details see the Upgrade Notes section.
WM-3229 Streaming media domain browsing end times could be logged outside the time of the parent session. Fixed.
WM-3230 Database purging could fail to delete records where domain and session end times did not match. Fixed.
WM-3245 It is now possible to specify whether files served from the WebMarshal cache are counted against volume quotas.
WM-3270 The Dashboard now includes links to enable TRACEnet and caching if these features are not enabled.
WM-3280 Domain and File classifications are now logged to WELF logs.
WM-3286 File classifications applied to common web files were sometimes not logged to the database. Fixed.
WM-3305 Optional links to a Marshal Reporting Console instance have been added in the Console.
WM-3306 Bing Explicit content servers are added to the Adult and Nudity category in default rules.
WM-3310 The TRACEnet text log now records when a request would have been blocked but the user or URL was excluded from blocking.
WM-3312 The TRACEnet text log now records when a request would have been blocked but the user or URL was excluded from blocking.
WM-3330 Active Sessions now includes information on the files and amount of data served from the Proxy Cache. Information on files cached in the user's browser is no longer included.
WM-3331 SQL database logging now indicates if a file was served from the WebMarshal proxy cache.
WM-3337 File type DOCIRM was not included in the ENCRYPTED file type group. Fixed.
WM-3359 If required TRACEnet library and index files are missing, the administrator is notified by email every 6 hours.
WM-3381 User name information was reloaded on the nodes when quotas were updated. Fixed: User information is only reloaded when the list changes.
WM-3394 Proxy error and Filter error pages returned by WebMarshal have been improved to clearly show that they are error (not block) pages and to display more details of the error.
WM-3456 Default rules have been reviewed and clarified. For more information, see Knowledge Base article Q12986.
WM-3511 The Proxy Cache log file did not respect changes in the file size and retention setting until the Proxy service was restarted. Fixed.
WM-3515 The product has been rebranded for M86 Security.
WM-3528 The latest MSSAVI.DLL file is included in the installation.
WM-3548 WebMarshal now trickles uploads. This change resolves timeout problems with upload files and webmail sites.
WM-3552 The User Defined filetype was mistakenly shown as an option in rule conditions. Fixed.
WM-3556 UNC path locations cannot be selected for Traffic Logging and Proxy Caching. If a UNC location was specified before upgrade, it will still be used.
WM-3557 Automatic configuration backup can now use UNC paths. The account used for the Array Manager service must have access to the location.
WM-3570 TRACEnet update history display could show the wrong result intermittently. Fixed.
WM-3580 Processing of the Proxy Content Bypass list did not correctly match all entries that could be made in the user interface. Fixed.
WM-3585 Updated Visual C++ runtimes are included in the installation package.
WM-3599 TRACEnet block actions are now included in WebMarshal Reports and MRC reports. The "rule name" for a TRACEnet action is prefixed TRACEnet\.
WM-3611 When the Engine does not start due to interference from a resident virus scanner in the unpacking or temporary folders, WebMarshal emails the administrator.
WM-3618 When the Array Manager service failed to start it returned a generic error dialog with text referring to the ISA Firewall service even where ISA was not the cause. Fixed.
WM-3622 Category match information can now be shown on block pages using a new variable. See Knowledge Base article Q10865.
WM-3626 The default mapping of M86 Filter List categories to WebMarshal categories has been reviewed and improved.
WM-3633 SZDD files were recognized but not unpacked. Fixed.
WM-3656 Maintenance expiry information would not be properly updated in the Console when a new key was entered. Fixed.
WM-3657 Wildcard HTTPS domain entries did not work correctly in the Proxy Content Bypass list. Fixed.
WM-3664 All WebMarshal installation files are digitally signed.
WM-3670 Wildcard entries did not work correctly in the Add URL to Category window when the "also add WWW." option was selected. Fixed.
WM-3671 Certain PDF files could not be unpacked correctly or TextCensored. Fixed.
WM-3696 TRACEnet reclassify requests now use the server HTTPS://TNReclassify.m86security.com.
WM-3710 Some invalid requests generated by web browsers could cause the WebMarshal Proxy to fail. Fixed: the faulty requests now correctly return an "invalid request" page.
WM-3711 The first daily backup after installation did not include some settings. Fixed. Also, Backups always contain the committed policy, or (for on-commit backups), the policy that is being committed.
WM-3720 Problems with access while updating Categories could cause the Array Manager to stop unexpectedly. Fixed.
WM-3721 Firefox update checking does not succeed when HTTPS content inspection is enabled. For details and configuration to solve the issue, see Knowledge Base article Q12958.
WM-3723 Rule processing is enabled by default for new installations.
WM-3724 When adding a URL to a category, in some cases comments were not saved. Fixed.
WM-3725 The Real -Time Dashboard counter "requests" has been re-labeled "page requests" to clarify that this counter excludes images and JavaScript files.
WM-3730 The policy test dialog could incorrectly report that no rules matched if no Content Analysis rules matched. Fixed.
WM-3737 TRACEnet functionality is enabled by default for new installations.
WM-3738 Proxy caching is enabled by default for new installations.
WM-3741 In multi-node ISA Enterprise environments, registering of the WebMarshal filter did not work. Fixed. Note that the Microsoft Firewall service must be manually restarted after ISA configuration has been fully replicated to all servers.
WM-3744 In the Console, SafeSearch now displays immediately below TRACEnet to enhance visibility of this feature. This change does not change the order of filtering functionality.
WM-3747 The default mapping of M86 Filter List categories to WebMarshal categories has been reviewed and improved.
WM-3748 Performance when downloading large files through the ISA plugin has been improved with changes to internal buffering.
WM-3761 The Add URL to Category Reason information in the configuration file can cause bandwidth issues in WAN deployments. A configuration option is now available to disable saving this information. Contact M86 Security Support for details.
WM-3774 Some TextCensor scripts were not applied to webmail sending by default due to rules not applying to the data type used by the form upload. Fixed.
WM-3784 Some YouTube videos were not properly handled by Proxy Caching. Fixed.
WM-3785 Some wildcard URL listings in the M86 URL filtering list were not processed correctly. Fixed.
WM-3790 Invalid multi-byte characters in response headers were not correctly handled by WebMarshal. Fixed.
WM-3798 WebMarshal URL checking could be bypassed by adding . to the end of the domain name. Fixed.
WM-3821 SmartFilter categories and programming interface have been updated.

6.5.3.6489 (October 16, 2009) 

WM-3652 WebMarshal displayed a File Aborted page to the user if the actual size of web page data did not match the Content-length header. Fixed.

6.5.2.4636 (August 26, 2009) 

WM-934 The Customer Feedback mechanism last available in WebMarshal 3.7.5 is again implemented in this release.
WM-1722 Performance counters have been added for traffic between the Array Manager and the nodes, as follows: WMController\Bytes Received Array Manager and WMController\Bytes Sent Array Manager
WM-1837 If a version 6.0 database is selected, the user is now given the option to upgrade the database structure or select another database.
WM-2242 WebMarshal services are now configured to restart when they stop unexpectedly (using the Windows Service Control Manager settings).
WM-2347 Attribute names in XML configuration files were treated as case sensitive. This issue has been addressed for the following files: WMArrayMgr.config.xml, WMController.config.xml, WMEngine.config.xml and WMProxy.config.xml. Note that element (node) names are still case sensitive.
WM-2393 The display of quota amounts on pages presented to users now matches the rounding and units shown in the WebMarshal console.
WM-2399 The Connector Reload schedule time was not always saved correctly when changed. Fixed.
WM-2413 WebMarshal default block pages now use the standard WebMarshal.home template.
WM-2416 The "via" header returned to the client was not correctly formatted when using an upstream proxy. Fixed.
WM-2436 The Controller log now shows the name of each user group being loaded.
WM-2453 WebMarshal.home display issues present in earlier versions of Safari for Windows have been corrected in Safari 4.
WM-2454 The "file information" lines in the Engine log could display a blank "size" entry. Fixed.
WM-2492 Downloads aborted by the user or other software were still passed to the engine for processing. Fixed.
WM-2502 DNSBL lookups from URLCensor now have a configurable timeout. For more information see Knowledge Base article Q12716.
WM-2504 In earlier versions, adding  individual computers to groups by IP address did not grant the correct permissions. Fixed.
WM-2515 The unpacking file customization setting in the engine configuration XML file was not applied. Fixed.
WM-2516 Engine debug logging did not provide information about TextCensor triggering. Fixed.
WM-2531 The Server Properties "Apply" button could be activated even though no changes were made. Fixed.
WM-2532 Archive files containing files with duplicate names could cause unpacking errors. Fixed.
WM-2542 In earlier versions, upgrading could require a restart, or fail, due to an issue with locking of Performance Monitor DLLs. Fixed.
WM-2549 Description fields in rules and policy elements now allow a new line to be created by pressing Enter (previously required Ctrl+Enter).
WM-2553 IP address matching for authentication and LAT did not correctly match partial subnet ranges. Fixed.
WM-2560 Some console elements did not function correctly at 120dpi (accessibility for visual impairment). Fixed.
WM-2571 Unpacking of Office 2007 items could cause an exception. Fixed.
WM-2590 The "Grab" button on the rule tester did not identify running instances of Internet Explorer. Fixed.
WM-2592 The WebMarshal Proxy encountered an exception when "indefinitely" quotas applied to a user and that user browsed to WebMarshal.home. Fixed.
WM-2595 WebMarshal now supports addition of the X-forwarded_for header to help with diagnosing the source of requests. For more information see Knowledge Base article Q12723.
WM-2610 The TLS/SSL library used has been upgraded.
WM-2616 The rule warning time period selection dialog did not show the selected value as default when opened for editing. Fixed.
WM-2622 The Engine logged meaningless messages when scanning for malware if no malware was found. Fixed.
WM-2623 The auto-refresh of Active Sessions can now be disabled.
WM-2628 The retention of WebMarshal log files can now be configured. For more information see Knowledge Base article Q12717.
WM-2634 When a user without the correct Console permission modified a rule, the error message dialog did not function correctly. Fixed.
WM-2638 When a "display warning once" action was triggered, remaining rules were never processed, so the page could be permitted inappropriately. Fixed.
WM-2645 The Policy Test page "grab" function did not always update the URL field. Fixed.
WM-2647 TextCensor could fail to open some files for evaluation due to URL encoding of the file names. Fixed.
WM-2709 In version 6.1.6, the quota table on block pages was not correctly displayed. Fixed.
WM-2713 The WebMarshal Support Tool did not gather log and file information from custom locations. Fixed.
WM-2721 The timeout value for unpacking has been increased to allow for large archive files.
WM-2744 File type identification could cause an exception with certain corrupt files. Fixed.
WM-2755 URLs could be categorized incorrectly due to a problem with handling of temporary category insertions on the local node. Fixed.
WM-2805 The result of the Print function in the console has been improved.
WM-2858 The text of a form posting was not correctly identified and TextCensor was not applied. Fixed.
WM-2876 The Real-Time Dashboard now includes TRACEnet data.
WM-2915 File name matching was not applied in some cases after a warning pages was displayed. Fixed.
WM-2916 Form posting over inspected HTTPS could fail because closed connections were not properly detected. Fixed.
WM-2924 The proxy service could take excessive time to restart when required by policy change. Fixed.
WM-2989 Block rules were not applied in some cases after a warning pages was displayed. Fixed.
WM-3009 The Proxy service did not correctly handle the HTTP response 204 (no content). Fixed.
WM-3017 HTTP/1.1 support did not include the OPTIONS method. Fixed.
WM-3022 The WebMarshal Support Tool gathered dump files starting with the oldest. Fixed: The most recently created files are gathered.
WM-3028 The Active Sessions view lost its scroll position when refreshed. Fixed.
WM-3040 The WebMarshal Support Tool now runs at "below normal" priority so that other services have priority for processing time.
WM-3046 The default download trickle rate is set to 90% to improve perceived performance.
WM-3049 Installing URLCensor raises a warning that real-time DNS lookups affect the browsing experience.
WM-3060 When an upstream proxy was configured, reloading configuration would always restart the WebMarshal Proxy service. Fixed.
WM-3062 Binary content served with an incorrect MIME type of "text" was subjected to the hold-back requirement for text files. Fixed.
WM-3078 The default delay before trickling text files is reduced to 30 seconds. This can help to avoid client timeouts when binary content is mis-reported as text/plain in the response headers. 
WM-3082 The default server timeout in the proxy service is set to 300 seconds to help avoid timeouts when accessing sites with slow back-end response. 
WM-3101 WebMarshal now provides authentication caching to assist with access by applications that cannot respond to a request for proxy credentials. For more information see Knowledge Base article Q12734.
WM-3151 Computer users that were also members of a user group (range) could still browse some sites after being explicitly removed. Fixed.
WM-3161 HTTPS content inspection could consume excessive and increasing memory. Fixed.
WM-3214 Unpacking errors were not properly handled when they occurred at the beginning of unpacking. Fixed.
WM-3235 File type identification has been improved to show Word 6 and Document IRM types.
WM-3283 Problems with access while updating user groups could cause the Array Manager to stop unexpectedly. Fixed.
WM-3288 Text logs now correctly handle external error messages with multiple lines.
WM-3299 Word 6 documents are correctly recognized and scanned.
WM-3404 YouTube video was not blocked by Connection Rules due to a recent change in the YouTube/Google website. Fixed.
WM-3433 HTTPS Content Inspection did not properly release allocated memory. Fixed.
WM-3457 Yahoo Messenger was not blocked by Connection Rules in all cases. The problem has been addressed with additional testing of protocol headers.
WM-3459 Requests made with Accept-Ranges could cause multiple aborted connections to a server. Fixed: WebMarshal now strips Accept-Ranges headers. (WebMarshal does not support byte ranges because the entire file is required for scanning.)
MC-4 Certain MSI files were incorrectly recognized as OLE files. Fixed.
MC-13 Certain CAB files were detected as type BIN. Fixed.
MC-14 OGG audio and video streams are now detected.
MC-17 Encrypted PDF documents could be detected as type PDF (not encrypted). Detection of this type has been improved.
MC-37 PDF detection has been enhanced with a new type for documents with operations protected (Protected Acrobat PDF Document). These files can be unpacked and scanned.
MC-39 Microsoft Document Imaging (MDI) files are now recognized.
MC-40 Many Open Office document file types are now recognized.
MC-41 Word 2007 documents with Restricted Access were detected as type OLE. Fixed: these documents are now detected as encrypted Word documents.
MC-51 JPEG2000 file type identification has been improved.
MC-52 Some PDF files were not identified as encrypted. Fixed.
MC-54 PDF document unpacking has been improved.

Note: To review change history for version 6.1 and below, please see the Release Notes for the specific version of WebMarshal.

Copyright © M86 Security 2010