Copyright

Copyright © 2019 Balasys IT Ltd.. All rights reserved. This document is protected by copyright and is distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this document may be reproduced in any form by any means without prior written authorization of Balasys.

This documentation and the product it describes are considered protected by copyright according to the applicable laws.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)

Linux™ is a registered trademark of Linus Torvalds.

Windows™ 10 is registered trademarks of Microsoft Corporation.

The Balasys™ name and the Balasys™ logo are registered trademarks of Balasys IT Ltd.

The Proxedo™ name and the Proxedo™ logo are registered trademarks of Balasys IT Ltd.

AMD Ryzen™ and AMD EPYC™ are registered trademarks of Advanced Micro Devices, Inc.

Intel® Core™ and Intel® Xeon™ are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

All other product names mentioned herein are the trademarks of their respective owners.

DISCLAIMER

Balasys is not responsible for any third-party websites mentioned in this document. Balasys does not endorse and is not responsible or liable for any content, advertising, products, or other material on or available from such sites or resources. Balasys will not be responsible or liable for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through any such sites or resources.

2023-07-20 .Copyright

The following new features, bug fixes and improvements have been completed for Release 4.5.0 Proxedo API Security.

Features

  • WAF Enforcer
    To complement the positive security model enforcement capabilities, PAS now features a Web Application Firewall module that provides rule-based attack prevention and virtual patching for known web-based security vulnerabilities. The WAF Enforcer protects against a variety of application layer attacks including credential theft, code injection, cross-site scripting (XSS), cookie poisoning, CSRF, SQL injection, DoS, ransomware, and more. The WAF Enforcer is built on top of the proven ModSecurity open-source web security framework. The use of the WAF Enforcer is subject to a separate license, please contact our sales team at sales@balasys.hu for pricing and further details.

Bug Fixes

  • Miscellaneous fixes

    • When encountering an error during upgrading the configuration, the post-upgrade phase of the pas-mgmt-upgrade-config tool only displayed a generic error message. This has been improved to provide additional details of the error.

    • The Elasticsearch Insight target encountered an error while sending Insights. This has been corrected.

Improvements

  • Elasticsearch Insight targets use bulk inserts
    PAS now uses bulk inserts when sending Insights to an Elasticsearch target. This improves Elasticsearch performance when handling large traffic volumes.

  • Ephemeral storage settings for Kubernetes deploments
    PAS now support requests and limits for ephemeral storage when deployed in Kubernetes.

  • Separate resource limits for Kubernetes deploments
    PAS only supported resource limits that define both CPU and memory limits when deployed in Kubernetes. These limits can now be defined separately as well.

Notable changes

  • Elasticsearch Insight targets do not need doc_type defined
    PAS now does not need a document type defined for its Elasticsearch Insight targets. The default document type parameter was deprecated with Elasticsearch 6.