Vital SecurityTM Web Appliances NG Update Release Notes - Version 8.4.0

The following core documentation set is available for Version 8.4.0. In addition, they can be opened from the Management Console by clicking :

Table of Contents


Installing This Update

Version 8.4.0 can be installed either as an Update which upgrades a previous version or as a new installation. Both procedures are detailed below.

1) Update as in previous versions: Customers with 8.3.5 or 8.3.6 can upgrade to 8.4.0 by using the Install Update button or by a local update site (FTP). It is recommended to perform this update when there are no users using the system. Updates  time can vary based on database content size. This update should take approximately 45 minutes for an All-In-One appliance; Each scanning server  update will take approximately 20 minutes of downtime.   For more information on installing updates, please refer to the Management Console Reference Guide, page 131.

Recommended Update Procedure

  1. Pre-Update Installation:

    • If you are using an appliance with an All in One role, it is recommended to navigate to the Setup Console > Advanced Settings > Appliance Role and ensure that the appliance is set to the right role (either All in One or Policy Server) since earlier updates might have changed this setting. If the role is incorrect (e.g. Policy Server instead of All in One) you should reset it back before applying the new update.

    • Make a note of which ports you were using in Settings > Devices > Scanning Server > HTTP configuration screen > Restricted Ports in URI. Note that if you used any other ports besides 21, 80 and 443, you will need to remap these after installing this Update.

    • Define the Firewall to enable HTTPS connection from Policy Server to Scanners. Open port 443 for outgoing messages. (Optional - if this is not defined, HTTP will be used instead.)

    • On a distributed system with multiple devices, the update procedure will be executed only if all the devices in the device list are connected. This is in order to ensure that the procedure can be completed successfully. You can validate device connectivity and see the last connection time in the devices tree in the Management Console>Settings>Devices. It is recommended to verify that all devices are connected to the Policy Server before beginning the update installation.

  2. Update Installation:

    • Install 8.4.0 using the Install Update button in the updates screen (Settings > Updates > Available Updates)

    • During the update installation, the Scanning Servers and Policy Server will be automatically restarted.

    • After installing the update, check in the Log View to ensure that the Update succeeded.

  3. Post-Update Installation:

    • After the Update, make sure to look in the Log View and remap any of the non-standard ports that you noted previously in the HTTP configuration screen if necessary (please refer to feature #20958 below).

    • In order to access the Limited Shell, you should reset the Setup Console password, so that the password for the Limited Shell will be set accordingly. For details on how to reset the Setup Console password, please refer to the Installation and Setup Guide, page 76.

2) New installation for both existing customers and new customers. An Installation CD is available for 8.4.0.

To install this Release using the Installation CD on NG-1000/NG-5000:
  1. Attach a CD drive, or a bootable USB flash device and a USB-keyboard and VGA monitor to the appliance.
  2. Check in the BIOS that it is set to Boot from CD/Flash Device using USB2.0.
    a. Navigate to Advanced BIOS features and press Enter.
    b. Using the arrow keys and the Page Up/Page Down keys, select the required device to boot from (e.g., USB-CDROM).
    c. To change the USB to 2.0, navigate backwards using the Escape key and select Integrated Peripherals.
    d. Select Enabled on the USB2.0 Controller.

  3. Change the second boot device from HDD-1 to HDD-0.
  4. Press F10 to exit and save configuration.
  5. When the Finjan screen appears, type “yes” to continue with the process.
    Let the installation run – it will take approximately 10 minutes.  The Appliance LCD will indicate that the Vital Security has not been installed yet even after at the end of this step.
  6. Set up the configuration as required via the Setup Console > Initial Settings.
To install this Release using the Installation CD on NG-8000:
  1. Attach a CD drive to the blade.
  2. When the Finjan screen appears, type “yes” to continue with the process.
  3. Choose the first scsi disk available.
    Let the installation run – it will take approximately 20 minutes.
  4. Set up the configuration as required via the Setup Console > Initial Settings.
Existing customers who wish to upgrade from 8.3.5 or 8.3.6 using the Installation CD should perform the following procedure:
  1. Perform a Backup.
  2. Install the Release using the CD as detailed in the instructions above.
  3. Perform a Restore. Restore all application specific configurations, except old logs.

IMPORTANT! This release includes changes to the Default Security Policy, including new rules, new conditions, new condition items, and new rule order. Please look at the following sections below: Rule Condition Changes and MCRC Security Policy Changes.

Following either the Update or the New Installation procedure, Security Update #52 is used. Please retrieve and install the latest Security Update instead (Settings > Updates > Available Updates).



New Features

Rule Condition Changes

MCRC Security Policy Changes

For detailed explanations on the new Security Rules and the new rule order,  please refer to Security Policies In-depth.



Bug Fixes


New Limitations for this Release

Known Limitations

Release Notes - Vital Security Web Appliances NG

ISR VSNG.SYSRN1 5-November-06 EN

© Copyright 1996-2006. Finjan Software Inc. and its affiliates and subsidiaries. All rights reserved.

All text and figures included in this publication are the exclusive property of Finjan and are for your personal and non-commercial use. You may not modify, copy, distribute, transmit, display, perform, reproduce, publish, license, create derivative works from, transfer, use or sell any part of its content in any way without the express permission in writing from Finjan. Information in this document is subject to change without notice and does not present a commitment or representation on the part of Finjan. The Finjan technology and/or products and/or software described and/or referenced to in this material are protected by registered and/or pending patents including U.S. Patents No. 6092194, 6154844, 6167520, 6480962, 6209103, 6298446, 6353892, 6804780,  6922693, 6944822, 6993662, 6965968 and 7058822 and may be protected by other U.S. Patents, foreign patents, or pending applications.

Finjan, Finjan logo, Vital Security, Vulnerability Anti.dote and Window-of-Vulnerability are trademarks or registered trademarks of Finjan Software Inc., and/or its subsidiaries. Sophos is a registered trademark of Sophos plc. McAfee is a registered trademark of McAfee Inc. Kaspersky is a registered trademark of Kaspersky Lab. SurfControl is a registered trademark of SurfControl plc.  Microsoft and Microsoft Office are registered trademarks of Microsoft Corporation. All other trademarks are the trademarks of their respective owners.