Secure Web Gateway 12.1.x Release Notes
New Features in the 12.1 Release
Rebranded SNMP SMI and MIB file with updated Org OID for Skyhigh Security
As part of the rebranding, a new Object Identifier (OID) has been introduced for Org Skyhigh Security. We are updating the SNMP OID from .1.3.6.1.4.1.1230* to .1.3.6.1.4.1.59732*. You'll need to update your management software accordingly if they are referring to these OID. For more details, see Configure event monitoring with SNMP.
Configure Proxy Control X-Cache Header
A configurable option is now available to either add or remove the Proxy Control X-Cache header in the response. The new setting is located at Policy > settings > proxy control, and the checkbox is called Override X-Cache Header. The setting is enabled by default. For more details, Configure the X-Cache Header in the Response.
TCP Half Close support for TCP Proxy and SOCKS Proxy
TCP Half Close refers to a TCP connection that is half-closed. So if one participant in a TCP connection has initiated FIN in one direction, then it can still receive data from another participant until the second FIN is received from the other direction. TCP Half Close support is provided for SWG acting as TCP Proxy or SOCKS Proxy. For details, see TCP Half Close for TCP or SOCKS Proxy.
Configure Separate Passwords for SNMPv3 Auth and Encryption
You can now configure separate passwords for Authentication and Encryption for the SNMPv3 messages. For details, see Configure Event Monitoring with SNMP.
Return To Sender
Return To Sender allows SWG to send response packets for any request on the same interface on which it received them. SWG bypasses the kernel routing to route the response packets. It can be applied to a specific IP address and port for inbound or outbound traffic. For details, see Create Return To Sender Settings.
MediaType Detection for InDesign Files
Media Type can detect InDesign INDD and INDT files and templates. For these file types, the MediaType.EnsuredTypes property contains application/x-indesign. For details, see Media Type Detection for InDesign.
Resolved Issues in the 12.1.1 Release
This release resolves known issues.
For a list of issues that are currently known, but not resolved yet, see Secure Web Gateway 12.x Known Issues.
NOTE: Secure Web Gateway 12.1.1 is provided as a controlled release.
For information about how to upgrade to this release, see Upgrading to a New Version - Controlled Release.
JIRA issue numbers are provided in the reference columns.
SWG Release version 12.1.0 was rolled back due to an identified performance Issue. Therefore, the List of Issues fixed in the aforementioned Version is available as resolved in the Current Release Version.
Reference | Description |
---|---|
WP-5067 | Sub rule sets are no longer deleted when importing a rule set via REST API. |
WP-5108 | Core dump issue related NHP and connection timeout has been fixed. |
WP-5170 | Parallel events can be handled again properly when the rule engine on Secure Web Gateway is called from a temporary proxy process transaction. |
WP-5225 | When mirroring decrypted traffic with the SSL Tap feature, the source and destination IP addresses are not reversed. |
WP-5226 | Fixed performance and slowness issues caused due to an update in Kerberos package. |