Today we've released UTM 9.601. The release will be rolled out in phases.
In phase 1 you can download the update package from our FTP server, in phase 2 we will spread it via our Up2Date servers.
WAF: TLS session tickets facilitate clients to speed up repeated TLS handshakes by re-using certain cipher parameters. This re-use of cipher parameters can cause encrypted connections to be less secure by impacting their perfect forward secrecy. To improve the overall security of the product, TLS session tickets are no longer enabled by the WAF.
Still haven't seen many UTMs pull 9.600 via Up2Date, is anybody aware of issues regarding getting 9.6 to appear through Up2Date?
Same here, I'm still waiting for the 9.600 up2date. Are there any news?
It will be provided via up2date soon. Sorry for the delay.
After upgrade to 9.601 without changes tsophos httpproxy: id="0002" severity="info" sys="SecureWeb" sub="http" name="web request blocked" action="block" method="GET" srcip="mylocalip" dstip="22.214.171.124" user="" group="" ad_domain="" statuscode="416" cached="0" profile="REF_DefaultHTTPProfile (Default Web Filter Profile)" filteraction="REF_HttCffEveryone (Everyone)" size="0" request="0xd37fa700" url="au.download.windowsupdate.com/.../am_delta_patch_1.285.1448.0_0c6bda89d1753049fea590a6e23c7542d3f4b47b.exe" referer="" error="" authtime="0" dnstime="2" aptptime="130" cattime="138" avscantime="0" fullreqtime="10162176" device="0" auth="0" ua="Microsoft BITS/7.8" exceptions="av,sandbox,ssl,fileextension,size" category="175" reputation="trusted" categoryname="Software/Hardware" content-type="application/octet-stream" application="winupdat" app-id="596" reason="range"
o my config, Windows Updates stopped working today.
Disabling AV scan did not help. Sites are in exceptions list for WebSecurity
Same here, also waiting for the 9.600 up2date. Regards!
Can I ask what the delay is for 9.600? I have been advised to update manually to 9.601 to fix the Transport endpoint is not connected issue.
I spoke to Sophos support about not getting 9.600 and was told "But not getting the automatic update of 9.6 is not a issue for now , as I see many customers that do not get the automatic update and I confirm that with my Senior and they confirm me that we are still pushing the update." so its a wait and see I guess, ive got both physical and virtuals awaiting these updates.
I have a virtual UTM, and even though I have an update waiting (9.600-5) for install, I have tried many times to upload the new up2date file, without it staying available on the UTM. While the update does update and I can actually schedule the install later when I log into the UTM, the Update is missing, and the schedule has been removed (because I put it on the second update to install both updates), this is most frustrating.
I'm also failing to get 9.600+ updates via Up2Date. Frustrating.
My Site2-Site RED tunnel between 2 UTMs is not working any more with this release.
With any new realase the good old (and quick fix support with community) astaro turns more and more into crap.
Sophos if you are not able to handel it, give it back to people how know what they are doing.
The time u need to release an update in this critical environment >>firewall<< is a complete NO GO !
My RED tunnel problems fixed themself after some more reboots.
Ranting without mentioning the concrete problems you have doesn't help anyone.
Still waiting here........
Now via Up2Date!!!