Secure Web Gateway 11.2.x Release Notes
New Features in the 11.2 Release
This release provides the following new features. For resolved issues in this release and the update releases, see further below.
NOTE: Secure Web Gateway 11.2 is provided as a main release.
For information about how to install this release, see the Upgrading to a New Version - Controlled Release. If you are installing the Secure Web Gateway appliance software for the first time, see Installing Secure Web Gateway for the First Time.
New Properties for Web Policy Rules
When configuring rules for your web policy, you can use these new items:
- A new property to expose encrypted archive directory listings.
- A new property to store the rule and rule set names or IDs that were processed at the end of the request and response filtering cycles.
GTI Data Included in Feedback File
Data that is collected by the GTI diagnosis script of the operating system is included in the output feedback file.
Support for Rolling TCPdump collection
Support for rolling TCPdump collection option is now available in the UI. For more details, see Create a packet tracing file. For more details on Performing Packet Tracing in Secure Web Gateway, see Performing Packet Tracing in Secure Web Gateway SWG
More Flexibility for HTTP Proxy Port Configuration
When configuring an HTTP Proxy Port, you can disable the Enable FTP over HTTP option. The option is enabled by default.
SSL Tap Configuration Enhanced
The following enhancements have been added to SSL Tap configuration:
- The destination port number is not overwritten by default when tapped packets are created.
- The destination MAC address can be customized when tapped packets are broadcast.
- SSL tapping now supports HTTP2 on Secure Web Gateway.
Detection of Excel 4 Macros Added
Excel 4 macros are now detected in media type filtering.
IP Spoofing Supported for HTTP(S) in Proxy Configuration
IP spoofing is supported for HTTP(S) when setting up proxies in Explicit Proxy or L2 Transparent mode.
What's new in update 11.2.5
Enhancements have been introduced as follows in this release.
-
Skyhigh Rebranding Changes
- Icons, and logos are rebranded from McAfee to Skyhigh Secure Web Gateway.
Known Issues and their Patches
For a list of issues that are known, but not resolved yet, see the table below.
Fix Version | Found Version | Description |
---|---|---|
11.2.11 | 11.2.10 |
Issue: After update to version 10.2.21, 11.2.10, 12.1.3, 12.2.0 the UI service will not start properly. Error descriptions show different errors, the specific root cause identifies as: "Caused by: javax.xml.stream.XMLStreamException: Maximum attribute size limit (524288) exceeded" Workaround: It is possible upgrading related limit by upgrading related SWG code/libraries. To retrieve upgraded version, please contact support. This Issue is fixed with WP-5462. Solution: Issue is fixed in version 11.2.11, release date is June 13, 2023
|
11.2.5
|
11.2.0
|
Issue: After you update a central management cluster from 10.2.x to 11.2.x (specifically 11.2.4 or earlier), you see one of the following issues:
Workaround: Run the following commands on each cluster node via CLI:
After the service restart, a new list is created automatically. |
11.2.4
|
11.2.3
|
Issue: 11.2.3 uses an updated version of Tomcat.
Issue: After you reboot, the kdump service fails to start. The current kdump service included in SWG isn't compatible with the latest kernel upgrade provided as part of the September 20, 2022 releases.
|
11.1.14
|
11.1
|
Issue: Your Browser response page shows corrupted text. No errors are seen in the SWG logs. Issue: Your browser triggers a file download, which is a text file named "f.txt." No errors are seen in the SWG logs. Issue: Memory-leak leads to one or more of the following issues:
Resolution: This issue is fixed in version 11.1.4 |
Resolved issues in update 11.2.16
This release resolves known issues.
NOTE:
- This release updates few of the FQDN used by SWG for GTI communication and Update Server communication to new Skyhigh FQDN's. Depending on features currently used by customer, post upgrade some manual changes may be required for uninterrupted service. Please refer to Migration to Skyhigh FQDN before upgrade.
- Secure Web Gateway 11.2.16 is provided as a main release and archived.
For information about how to upgrade to this release, see Upgrading to a new version – Main Release.
JIRA issue numbers are provided in the reference columns.