New Features and Enhancements for On-Premises Appliance Version 106.0.0.379
New Features and Enhancements for On-Premises Appliance Version 106.0.0.379
Enhanced Appliance SNMP MIB support
Added the following OIDs: CPU usage trap, UCD-SNMP-MIB::laTable, UCD-SNMP-MIB::dskTable, interface status (up/down) trap, oplpStatus, dpopStatus, haState.
To learn more: Configure SNMP
Disabled longest prefix match for custom URL lookup
We can now disable longest prefix match in NG-SWG when matching incoming URLs against URL lists. As a result, the incoming URL will match against all URL lists with a positive match criteria. This is different from the current behavior of matching with the URL list with the longest prefix match.
Important
Disabling the longest prefix match is a fundamental change in how policy processing happens with NG-SWG. Hence, it is recommended to review the intended behavior of this feature on your policy set thoroughly before enabling this feature.
Note
This feature is currently in Controlled GA. Contact your Sales Representative or Support to enable this feature.
Support for Entity Obfuscation
You can now choose to obfuscate the matched content for custom entities created using the Entities tab in the UI.
The obfuscated content will be stored in the customer managed forensic folder and seen in the “Preview” and “Preview File” sections of an incident in the WebUI. Entity Obfuscation requires the Entity modifier feature to also be enabled on the tenant.
Customers using DPOP will not be able to leverage this functionality since forensics is not available as a feature on DPOP. Additionally, If the appliance is not updated to Release 106 and you select obfuscation for a DLP entity, any DLP scan that includes the profile associated with the mentioned entity will not yield any match results for all the profiles involved in the scan. Please ensure that the appliance version is upgraded to 106 before using this functionality.
Note
This feature is currently in Controlled GA. Contact your Sales Representative or Support to enable this feature.
Removed Secure Forwarder functionality
Appliance version 103.0.0.338 is the last version to support Secure Forwarder. The following changes were made for Appliances:
- Deprecated Secure Forwarder and ICAP integration with 3rd-party DLP engine
- Removed the following CLI commands:
dataplane secure-forwarder
dataplane dlp-engine [enable | reqmod-uri | respmod-uri
- Updated the KMIP CLI command
dataplane secure-forwarder kmip-server
todataplane ssh-tunnel kmip-server