Copyright

Copyright © 2019 Balasys IT Ltd.. All rights reserved. This document is protected by copyright and is distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this document may be reproduced in any form by any means without prior written authorization of Balasys.

This documentation and the product it describes are considered protected by copyright according to the applicable laws.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)

Linux™ is a registered trademark of Linus Torvalds.

Windows™ 10 is registered trademarks of Microsoft Corporation.

The Balasys™ name and the Balasys™ logo are registered trademarks of Balasys IT Ltd.

The Zorp™ name and the Zorp™ logo are registered trademarks of Balasys IT Ltd.

The Proxedo™ name and the Proxedo™ logo are registered trademarks of Balasys IT Ltd.

AMD Ryzen™ and AMD EPYC™ are registered trademarks of Advanced Micro Devices, Inc.

Intel® Core™ and Intel® Xeon™ are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

All other product names mentioned herein are the trademarks of their respective owners.

DISCLAIMER

Balasys is not responsible for any third-party websites mentioned in this document. Balasys does not endorse and is not responsible or liable for any content, advertising, products, or other material on or available from such sites or resources. Balasys will not be responsible or liable for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through any such sites or resources.

2022-10-12 .Copyright

The following new features, improvements and bugs have been completed for Release 4.1.0 Proxedo API Security.

Features

  • Text content handling in the Flow Director

    • The 'Raw content' matchers and selectors have been renamed to 'Text content' matchers and selectors, respectively. They use the decoded but not parsed content of the request or response in text form.

    • The content of requests and responses can now be accessed via 'Raw content' matchers and selectors. The 'Raw content' matcher requires an expression in hexadecimal string format.

    • 'Substring' comparators have been renamed to 'Contains' comparators.

    • 'Content' selectors have been renamed to 'Parsed content' selectors.

  • Sorting and filtering are available for Web UI tables
    Web UI tables can now be sorted and filtered, providing great support in large configurations. Customized filter panel and sorter for multiple elements are available.

  • Filtering and sorting in Changes page
    Customized filtering and sorting of multiple elements are available for the table presenting the changes made to the configuration in the Changes page.

  • New save as selector values are available for Fraud Detector plugin
    New, supported selector values for the save as field are available for the Fraud Detector plugin. Now, it is possible to configure many more selectors for the Fraud Detector plugin, the data of which can be used in fraud scoring without custom evaluation rules.

  • New copy button
    A new copy button is available on the table view of each component (beside editing and deleting functions), which makes it possible to create a copy of the selected instance.

  • Storage component failure error window
    When the storage component is not running or failed, the Web UI now provides a warning with information on that.

Bug Fixes

  • Inconsistency in the format of range comparators' minimum and maximum number field value
    Range comparators did not run properly, because there has been inconsistency between the formats of the minimum and maximum number fields defined in the configuration, that is defining them in separate values, and the format the Flow Director has been searching for these values, that is, as a single value. Now, these formats have been synchronized and the range comparators work as expected.

  • Inconsistency in the format of Timestamp selectors and extractors
    Due to the non-matching value formats of time zone and time format fields defined for timestamp selectors and extractors, timestamp selectors did not function properly in the configuration. Now, as the value formats have been synchronized, timestamp selectors function as expected.

  • Non-matching output of raw content matchers
    Raw content matchers’ output did not match the actual Raw content. This has been fixed.

  • Compound matchers incorrectly displayed themselves as selectable items in the Matchers' list
    Compound matchers have been listed as selectable items in the Matchers’ list on their own edit page. This has been fixed and compound matchers can no longer include themselves as items in the Matchers’ list.

  • Client address and server address selectors available as Insights
    So far client address and server address have not been available as Insights. Now it is possible to use client address and server address selectors as Insights.

Improvements

  • New Migration Guides available
    New and updated Migration Guides are available for migrating PAS in the Kubernetes and in the VM environment.

  • Upgrade to the latest stable version
    The Web UI’s framework, layout engine and form engine have been upgraded to the latest available, stable versions.

  • Early failure detection in Kubernetes
    The failure to apply a configuration is detected at an early stage in Kubernetes. Long running of applying a configuration can also be identified. The exact identification of status in applying the configuration decreases timeloss.

  • Code refactoring to eliminate textual code quality errors
    To enable measures for automated environment, the PAS repository has been refactored to eliminate code quality errors.