Copyright

Copyright © 2019 Balasys IT Ltd.. All rights reserved. This document is protected by copyright and is distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this document may be reproduced in any form by any means without prior written authorization of Balasys.

This documentation and the product it describes are considered protected by copyright according to the applicable laws.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)

Linux™ is a registered trademark of Linus Torvalds.

Windows™ 10 is registered trademarks of Microsoft Corporation.

The Balasys™ name and the Balasys™ logo are registered trademarks of Balasys IT Ltd.

The Zorp™ name and the Zorp™ logo are registered trademarks of Balasys IT Ltd.

The Proxedo™ name and the Proxedo™ logo are registered trademarks of Balasys IT Ltd.

AMD Ryzen™ and AMD EPYC™ are registered trademarks of Advanced Micro Devices, Inc.

Intel® Core™ and Intel® Xeon™ are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

All other product names mentioned herein are the trademarks of their respective owners.

DISCLAIMER

Balasys is not responsible for any third-party websites mentioned in this document. Balasys does not endorse and is not responsible or liable for any content, advertising, products, or other material on or available from such sites or resources. Balasys will not be responsible or liable for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through any such sites or resources.

2021-05-06 .Copyright

Features

  • TLS 1.3 support
    We have expanded PAS TLS support with the newest TLS version. Now you can use it in TLS brick settings both in Client and Backend side. At the same time we have removed old SSL options from the configuration because they were obsolete.

  • Login failure notification
    We have introduced the login error feature. It helps if the password or username is incorrect by placing the focus in the appropriate field. We allowed login with enter.

  • Logout confirmation
    We added a logout confirmation window to prevent you logging out accidentally.

  • PCI-DSS compliance functions

    • Encrypted log transport
      You can configure TLS on Syslog target options to send TLS-encrypted log messages to Syslog servers.

    • Anonymizing card data
      You can turn on Mask credit card numbers option on Syslog target. It masks the middle section of recognised credit card numbers in any fields of the log message. Recognised credit cards are from one of the following issuers: American Express, Discover Card, Mastercard, VISA.

    • Heartbeat option
      We have introduced the heartbeat option for Syslog target. Possible ways to set up are:

      • periodical: heartbeat messages are sent regardless of activity

      • idle: heartbeat messages are only sent when there is no traffic towards the target

You can set up the frequency of heartbeat too.

  • Reported config load
    PAS generates hash from running configuration after restart/reload. Hash reported to all configured syslog targets. It reports the event of a configuration being loaded with a cryptographic hash of the loaded configuration.

  • Session ID extractor
    We have introduced session id extractor for Bricks configuration. It extracts the internal identifier of the HTTP session in keep-alive HTTP connections. Its 'Include request counter' option enables adding a request counter representing the number of requests in the session.

Fixes

  • Displaying of defaults
    We have fixed the default value appearing on the Web User Interface. When the default value is none then it doesn’t appear near the field.

  • Instance name validator
    In instance name, only characters from English alaphabet (a-z, A-z), numbers, and '_' are allowed.

  • Save_as field of syslog target cannot accept some chars
    We have made the selector options compliant with syslog protocol limitations.

  • Configure hostname in the insight syslog messages
    Hostname and process name in insight syslog messages: These values were meaningless or empty, now they hold the hostname of the host running PAS and the name of the product as process-name for clearer identification.

  • uri_query_param matcher not working
    We have fixed this issue. Now the this type of matcher is working correctly (finding and matching).

  • header matcher not working
    We have fixed this issue. Now the this type of matcher is working correctly (finding and matching).