Copyright

Copyright © 2019 Balasys IT Ltd.. All rights reserved. This document is protected by copyright and is distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this document may be reproduced in any form by any means without prior written authorization of Balasys.

This documentation and the product it describes are considered protected by copyright according to the applicable laws.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)

Linux™ is a registered trademark of Linus Torvalds.

Windows™ 10 is registered trademarks of Microsoft Corporation.

The Balasys™ name and the Balasys™ logo are registered trademarks of Balasys IT Ltd.

The Zorp™ name and the Zorp™ logo are registered trademarks of Balasys IT Ltd.

The Proxedo™ name and the Proxedo™ logo are registered trademarks of Balasys IT Ltd.

AMD Ryzen™ and AMD EPYC™ are registered trademarks of Advanced Micro Devices, Inc.

Intel® Core™ and Intel® Xeon™ are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

All other product names mentioned herein are the trademarks of their respective owners.

DISCLAIMER

Balasys is not responsible for any third-party websites mentioned in this document. Balasys does not endorse and is not responsible or liable for any content, advertising, products, or other material on or available from such sites or resources. Balasys will not be responsible or liable for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through any such sites or resources.

2022-04-25 .Copyright

The following new features, improvements and bug fixes have been completed for Release 3.5.0 Proxedo API Security.

Features

  • PAS aggregator
    The Proxedo API Security web UI, having been enriched with an aggregator function, is capable of collecting all PAS services at one place. All the information collected, can be handled accurately by the PAS management and PAS security tools. In order to ensure proper security, all backend activities are handled under the one and the same port.

    • SNI rewrite rule - The Endpoint service can be configured with a new parameter, that is the SNI rewrite rule. The NSI rewrite rule can be used to rewrite the Server Name Indication (SNI) field in a TLS handshake towards the backends.

    • URL rewrite rule - The URL rewrite rule is an URL by which the backend servers understand incoming requests.

  • PAS aggregator configuration
    Partial configuration load process has been developed, so that in case the load of one or more components’ configuration does not succeed, there is a rollback to the original configuration. This ensures the proper and functional running of all components.

  • Multiple Endpoints for one listener Now it is possible to configure different backend Endpoints for each listener. This enables separate load balancing and encyption settings for each Endpoint.

  • Responsive menu behaviour
    The main menu window of the PAS web UI has been optimized to leverage both list and table view options. The main menu items having been supplemented each with an icon as well, the user can identify the menu items easily even when the size of the window has been decreased and only icons represent the navigation items. With the help of the ‘double right’ icon the menu window can be expanded, while with the help of the ‘double left’ icon the navigation window can be collapsed. Moving the mouse pointer over a menu icon makes the submenu items visible. Note that the product logo also either appears with or without text, dependent on the collapsed or enlarged size of the window.

Bug Fixes

  • Insight does not work with targets longer than 32 characters
    Insight target names are limited to the maximum of 32 characters. The PAS web UI does not let the user define an Insight target name longer than 32 characters. Existing Insight target names, longer than 32 characters are being exchanged during the migration period.

  • Endpoint failure policy error code corrected The returned Endpoint failure policy error code has so far been incorrect, but now the correct and expected code is received.

  • Transport Director does not handle URLs with user and password fields The Host header and URL rewrite parts of the Transport Director’s policy.py did not consider the user and password fields in the incoming URL. This has now been corrected.