CyBlock/Cyfin Release 9.1.0 Now Available

Wednesday, May 21st, 2014

new-releaseWe are pleased to announce the release of a new version of CyBlock Appliance, CyBlock Cloud, CyBlock Software, and Cyfin. In this release, you will find corrections as well as enhancements to the products. For CyBlock, several enhancements have been added including the Application Controls feature that allows your users to view only specific YouTube videos and the new Authentication Manager that lets you to set up cookie authentication. Here are highlights of some of the enhancements.

 

CyBlock Cloud

  • Dashboard Charts. The following features have been added:
    • A Home screen provides an overview of the organization’s Web use for the last 7 days by displaying charts of Web-use visits, top users, top categories, and bandwidth usage.
    • Top charts show the top users, groups, categories, and sites by visits, hits, or bytes for a selected time frame.
    • Trend charts provide trends on users, groups, and categories by visits, hits, or bytes for a selected time frame as well as trends on denied and allowed hits traffic.

 Cyfin

  • Wavecrest Syslog Server. The Wavecrest Syslog Server is now available and allows you to send syslog data to the server at a configured port. Previously, you would have to install and configure a syslog daemon. Go to Data Management – Log Data Source – Setup to create or modify your syslog log file configuration. You will be able to enable the syslog server, select a port type, and enter a listening port.

 

CyBlock Appliance, CyBlock Cloud, and CyBlock Software

  • Application Controls. This new page gives you the ability to allow only specific YouTube videos. You can associate an allowed YouTube video with your blocking policies for Web Categories in which TV/Video Streaming is blocked. A number of video ID formats are accepted.
  • Authentication Manager. This includes the following changes:
    • Cookie authentication is now available providing you with another type of proxy authentication to support your organization.
    • The new Authentication Manager screen consists of the following tabs:
      • Rules – Rules for various network definitions can be set up to specify the authentication type for each entry. These entries include an individual IP address, a range of IP addresses, and a host name.
      • NTLM – On this tab, you specify if Web applications that fail to authenticate will be automatically or manually bypassed.
      • Cookie – On this tab, you define how long the cookie will persist if using cookie authentication. You can also specify and preview the details of your cookie authentication logon page.
      • Bypass – This tab allows you to automatically or manually bypass Web applications that do not authenticate and is available in CyBlock Appliance and CyBlock Software only.
      • Cache – This tab allows you to set up login name caching to cache the user name and IP address of every authenticated user and is available in CyBlock Appliance and CyBlock Software only.
  • E-Mail Address for Cookie Authentication. An E-Mail Address field has been added on the following pages and applies to only IDs:
    • Add Group or ID – The e-mail address for an ID must be added to use cookie authentication.
    • Modify Group or ID – The e-mail address may be modified for an ID.
    • Search for an ID – The e-mail address is display only.
  • Cookie Authentication Logon. The following features have been added:
    • When cookie authentication is enabled and a user tries to access a Web site, a logon page is displayed that will allow users to create an account.
    • When entering their credentials (i.e., e-mail address and password), you can require users to agree to the AUP before continuing on by configuring this option on the Authentication Manager – Cookie tab.
    • Once credentials are entered, the user will be redirected to the Web site.
  • Real-Time Web Monitor. This includes the following changes:
    • In the setup screen and monitor, under Display Options, the Authentication Type check box allows you to see the type of proxy authentication next to the user name in the monitor (e.g., user(cookie)). This feature is helpful for Technical Support.

 CyBlock Cloud, CyBlock Software, and Cyfin

  • Filtering Audit Reports. The ability to filter data by user, IP address, category, search term, and URL has been added to audit reports.

 To see the full release notes for your product, visit our Web site or the new Wavecrest Knowledge Base.

If you are at version 9.0.5, you can upgrade to the latest release by going to the Help – Check for Updates screen in your product.

If you are not at version 9.0.5, you can download the latest release by going to CyBlock Software Downloads or Cyfin Downloads. To upgrade CyBlock Appliance, please contact Technical Support at (321) 953-5351, Ext. 4 or support@wavecrest.net.

For additional assistance, please feel free to contact us.

Cyfin Release 8.8.2 and CyBlock Release 6.8.2 Now Available

Monday, July 1st, 2013

We are pleased to announce the release of new versions of CyBlock Appliance, CyBlock Software, and Cyfin. In this release, you will find significant enhancements to the products. For CyBlock, the first enhancement is the addition of a new screen that allows you to install client authentication certificates for the proxy so that it can connect to sites that require a nonstandard client certificate. The second enhancement involves a total revision of the Login Name Caching feature to allow more flexibility in the way user names are cached and cached entries are used. Also for CyBlock, domains that have issues when SSL Inspection is used can now be exempted from inspection.

Other enhancements in this release include the ability to import Active Directory Groups and IDs on a more frequent basis than once every 24 hours, and for Cyfin, we have made numerous changes to log file configurations. We also have a number of corrections in this release. The enhancements are described below.

  • SSL Certificates.  This includes the following changes:
    • The ability to install client authentication certificates for the proxy has been added so that the proxy can connect to sites that require a nonstandard client certificate. The proxy uses the installed client certificates when SSL Inspection is enabled to identify clients (Web applications) to Web servers.
    • The Advanced Settings – Proxy Settings – SSL Certificates screen has been added to allow you to add a client certificate. On this screen, you assign domains and groups and/or IDs to the certificate so that the usage of the certificate is secured to only those domains and for those groups and/or IDs. All fields on the screen are required.
    • As certificates are added, they are displayed in a list where you can enable/disable, edit, view, and delete each certificate.
  • Login Name Caching.  This includes the following changes:
    • The Advanced Settings – Proxy Settings – Login Name Caching screen has been updated to allow more flexibility in the way user names are cached and cached entries are used. The screen now consists of the following fields:
    • Cache Mode – The following options are available:
      • Primary – In this mode, cache is used when connection requests are made. If a cache entry is not found or is invalid, authentication occurs and user names are added to the cache.
      • Supplemental – This option is the default and replaces the previous Enable option. If authentication fails or an entry in the Authentication Manager Bypassed list is accessed, the cache is used before the user name “bypassed.”
      • Disabled – In this mode, cache is never used, and all connection requests are authenticated. Entries in the Authentication Manager Bypassed list are given the user name “bypassed.”
    • Duration of Valid Entry – This is the time in minutes that the entry will be available in cache before it is cleared. The default is two minutes.
    • Exempt IPs – This box allows you to enter IP addresses that should be excluded from login name caching. Wildcards (e.g., asterisk (*)) in IP addresses are not matched and should not be used.
  • SSL Inspection.  This includes the following changes:
    • The Advanced Settings – Proxy Settings – SSL Inspection screen now allows you to specify domains to be tunneled, that is, exempted from inspection.
    • Domains to be tunneled can be added or deleted.
    • The list of domains to be tunneled will include specific entries from the URL List. These sites are known to have issues when SSL Inspection is used, and they cannot be deleted from the domain list.
  • Active Directory.  The ability to import Active Directory Groups and IDs on a more frequent basis than once every 24 hours has been added. The Frequency field was added to the Advanced Settings – Groups and IDs – Import – Active Directory – Schedule screen allowing you to schedule the import hourly or at a specific hour.
  • Log File Configurations.  This includes the following changes:
    • On the Logfiles – Setup – Select Logfile Type screen, the Type of Logfile drop-down box has been updated as follows:
      • The following log file configurations have been added.
        • EdgeWave iPrism
        • NETGEAR
        • Palo Alto Firewall
        • Trustwave
      • The following log file configurations have been renamed.
        • 8e6 to 8e6 Appliance
        • BorderManager Proxy to BorderManager
        • BorderWare Firewall to BorderWare
        • Cisco Cache Engine to Cisco Content Engine
        • IronPort Appliance to IronPort
        • Nemesis Cache Proxy to SuperLumin Nemesis
        • NetCache Appliance to NetCache
        • Symantec Web Security to Symantec Web Gateway
      • The sort in the drop-down box has been changed to a case-insensitive sort. Previously, entries beginning with a lowercase letter were sorted last in the list, and entries with the first few letters in uppercase were out of order.
      • The following log file configurations have been converted to an XML format and allow the processing and better handling of more records. Previous and new reports may show differences in counts based on the number of records processed.
        • Barracuda Networks
        • Bloxx Proxy
        • Blue Coat Systems (SGOS 3 & 4 & 5)
        • Blue Coat Systems Common Format
        • CyBlock Appliance
        • CyBlock Proxy
        • Cyfin Proxy
        • EdgeWave iPrism
        • IronPort
        • McAfee Web Gateway
        • NETGEAR
        • Palo Alto Firewall
        • Squid Proxy
        • SuperLumin Nemesis
        •  Webwasher Gateway V7

To see the full release notes for your product, visit the Support Forum. You can download the latest release by going to the Administration – Product Update screen in your Cyfin or CyBlock product.

For additional assistance, please contact us.