Copyright

Copyright © 2019 Balasys IT Ltd.. All rights reserved. This document is protected by copyright and is distributed under licenses restricting its use, copying, distribution, and decompilation. No part of this document may be reproduced in any form by any means without prior written authorization of Balasys.

This documentation and the product it describes are considered protected by copyright according to the applicable laws.

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/). This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)

Linux™ is a registered trademark of Linus Torvalds.

Windows™ 10 is registered trademarks of Microsoft Corporation.

The Balasys™ name and the Balasys™ logo are registered trademarks of Balasys IT Ltd.

The Proxedo™ name and the Proxedo™ logo are registered trademarks of Balasys IT Ltd.

AMD Ryzen™ and AMD EPYC™ are registered trademarks of Advanced Micro Devices, Inc.

Intel® Core™ and Intel® Xeon™ are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.

All other product names mentioned herein are the trademarks of their respective owners.

DISCLAIMER

Balasys is not responsible for any third-party websites mentioned in this document. Balasys does not endorse and is not responsible or liable for any content, advertising, products, or other material on or available from such sites or resources. Balasys will not be responsible or liable for any damage or loss caused or alleged to be caused by or in connection with use of or reliance on any such content, goods, or services that are available on or through any such sites or resources.

2024-02-26 .Copyright

The following new features, bug fixes and improvements have been completed for Release 4.9.0 Proxedo API Security.

Features

  • The Timestamp selector can use the request start time
    There is a new option for the Timestamp selector, Use Request Start Time. If enabled, it selects the start time of the HTTP request. This is the new default behaviour.

Bug Fixes

  • Validation errors after changing component type
    Changing the type of a component on the UI could leave data in fields specific to the previous type, leading to validation errors. This has been corrected.

  • Validation errors are not visible on nested fields
    Validation errors were not properly displayed under the relevant fields on the UI if the field was nested under a field group. This has been corrected.

  • Filter plugin fails on accented letters
    The Filter plugin failed if it encountered accented letters in the message body. This has been corrected.

  • Applying the configuration could report failure
    In rare cases, querying the status of a configuration apply operation could falsely report failure, even when the operation is still in progress. This has been corrected.

  • JMESPath comparators accept non-numbers
    JMESPath comparators could accept values that are not numbers when configured through the API, which could lead to runtime errors. The values are now correctly validated.

  • Miscellaneous fixes

    • Several UI labels have been changed to be correctly capitalized.

    • Some required fields could be left empty when configuring a Backend TLS brick. These fields are now properly validated.

    • The Syslog Insight Target brick’s Host field is now properly validated.

    • Several Listeners could be configured to use the default port, which should not be allowed. This has been corrected.

    • The Status class field of Status class comparators is now mandatory.

    • The Flatten field of Syslog Insight Targets could be set to False when the Data Format field was set to SDATA. It had no effect, but now it is properly validated to be set to True.

Improvements

  • Administrator Guide improvements
    The Administrator Guide received several improvements related to correctness and consistency.

  • Improved validation in Insight Target components
    The hostname elements in Syslog and Elastic type Insight Target components are now validated more thoroughly.

  • More thorough component health checks
    Several components received more thorough health checks, which makes the Status page more accurately reflect the state of the PAS components.

  • Improved OpenAPI 3.0 and 3.1 performance
    The performance in processing OpenAPI 3.0 and 3.1 schemas using the relevant Enforcer plugins have been improved.

  • Storage certificate visibility
    To enhance security, the file permissions of the Storage component’s certificates have been limited to be accessible only to the pas service user.