Status Update - Software error in old Astaro versions

August 31, 2010

As previously communicated, on Friday August 27th we released a pattern which includes a fix for the y2k38 issue for all "old" versions (ie earlier than 7.507 and 8.001).

This fix was applied successfully by the pattern script, but the script had the unwanted side effect of removing a directory on the disk. This directory contains some temporary data used internally by the Astaro system and also, on version 7 systems, it contains a copy of some system libraries. These libraries were replaced by another pattern which was delivered approximately 2-3 hours later (depending on the version running).

Most customers and systems should not have experienced any issue. The system was correctly patched and the y2k38 problem has be circumvented.

However, the loss of temporary data meant that HA systems appeared to have lost the link between master and slave. In fact, they have not and the HA system is working normally, but WebAdmin does not show the correct status. This issue has, in almost most cases, been resolved either by rebooting the system or by an additional pattern which has been delivered on Monday and Tuesday (depending on the version). Although working correctly, we recommend that HA systems are rebooted at the next available maintenance window.

If a license was uploaded during the 2-3 hour period, then the new license was not recognised (because of a missing library) and the system reverted to a trial license. Uploading a new license once the library was replaced corrected this.

If the system was rebooted during the 2-3 hour period, the Astaro system fails to start. It was then necessary to log on through the console and manually recreate the missing directory and copy the missing libraries.

I and my team are clearly embarrassed to have to report such a situation and we sincerely hope that you have not been too inconvenienced by this issue. I understand that this is not an acceptable level of quality and that you should, and do, expect better from Astaro. We need to earn your trust and have therefore immediately made some changes to our software delivery process to eliminate these mistakes and ensure that in future we do meet your expectations as a partner.

Regards, Richard

Posted by Richard Walford at 5:34 PM | Permalink

---

Software error in old Astaro versions, update required

August 25, 2010

Dear Astaro Partners and Customers,

We work constantly to ensure all our customers' networks are secure and connected no matter what version of the Astaro Security Gateway they are running. This is why we wanted to inform our partners and customers of an upcoming software challenge we have identified that may affect installations using older versions of the Astaro Security Gateway.

Please read below:
 - What is the issue?
 - How can this issue be resolved?
 - What can I do if I have a problem on Sept. 4th?
 - Detailed "What should I do?" Workflow

In case you have any questions, don't hesitate to contact your usual Astaro representative.

Kind regards,
Your Astaro Team

Continue reading "Software error in old Astaro versions, update required" »

Posted by Gert Hansen at 5:00 PM | Permalink

---

Astaro Command Center Up2Date 2.201 Released

August 24, 2010

Today Astaro Command Center has been updated to 2.201. This up2date will address the UNIX time issue which was previously solved and distributed for ASG, and is the only fix in this release.

Continue reading "Astaro Command Center Up2Date 2.201 Released" »

Posted by Angelo Comazzetto at 6:05 PM | Permalink

---

Up2Date 8.001 Released

August 13, 2010

Our first Up2Date package for the new Astaro Security Gateway Version 8 is ready for distribution. Version 8 has enjoyed significant popularity in the past month, with thousands of new and existing customers experiencing V8's features and stability.

You will find 8.001 available for install via Up2Date on your installation. Mainly a bug fix release, this package will enhance the stability and operation of ASG V8, and addresses an issue with Unix time affecting certificates. Read on for the full details of this Up2Date.

Continue reading "Up2Date 8.001 Released" »

Posted by Angelo Comazzetto at 6:52 PM | Permalink

---

Up2Date 7.507 Released

We have released Up2Date 7.507 for ASG installations to address an issue around Unix Time which can affect the use of certificates, and thus your ASG installation. This up2date package should be applied before the end of August if possible. You can read more about this fix in the details below...

Continue reading "Up2Date 7.507 Released" »

Posted by Angelo Comazzetto at 6:10 PM | Permalink

---

Astaro Command Center 2.2 Released

July 16, 2010

We are excited today to inform you that Astaro Command Center 2.2 is available! After a half-year of development followed by a public Beta program, ACC 2.2 is ready for download via our FTP servers. Version 2.2 will be pushed out via Up2Date to all our installations next week.

This release is focused around adding great new abilities like Global configuration of Packet Filter rules and Web Security settings and profiles. We have also other fantastic features to make your life easier when working with ASG. Regardless of if you have one, or hundreds of installations, you are sure to find something that saves you time with ACC!

Read on for all the details for this release...

Continue reading "Astaro Command Center 2.2 Released" »

Posted by Angelo Comazzetto at 5:20 PM | Permalink

---

Up2Date 7.506 Released

July 14, 2010

We are releasing ASG Up2Date 7.506. The primary purpose of this release is to prepare V7 installations for the launch of our new Wireless Security solution. As well, the ASG installations will receive some updated files for support of the next point-release of Astaro Command Center V2.2. We also take the opportunity to fix a few small bugs.

This will be pushed out via our Up2Date infrastructure, however if you would just like to manually download it you can do so here. Otherwise read on for the details.

Continue reading "Up2Date 7.506 Released" »

Posted by Angelo Comazzetto at 2:33 AM | Permalink

---

Announcing release of Astaro Security Gateway Version 8

July 1, 2010

Today the next version of our flagship product is available; Astaro Security Gateway Version 8.000 has been released. Over 2 years in the making, we have collected feedback from you - our customers, partners, and distributors, and listened intently to the entire market and what it asked for in a security solution. Our open approach to feature requests set a new standard for visibility into our planning and allowed us to listen while we provided constant feedback and updates to you.

Today, we continue the success enjoyed by ASG Version 7. You will find a fresh WebAdmin GUI and improved auditing and compliance features. New features like VPN reporting, WebAdmin change tracking, new rights & roles abilities for multiple administrators, and the ability to print out the entire configuration for auditing or record keeping have been introduced. Support for IPv6 and a new 64-bit kernel have been implemented, along with many convenience features such as an easy way to search through all of WebAdmin and country blocking to prevent all communication with entire countries or regions.

Focusing on usable technology, our teams worked hard to make sure our product is easily configurable to solve real problems faced by businesses without the need for months of specialized training in how to use ASG features.

This post provides an overview of Version 8, how to get it, how to get using it, and the key dates and other information you need in order to begin using or selling this fantastic new release. Read on for full details and download information!

Continue reading "Announcing release of Astaro Security Gateway Version 8" »

Posted by Angelo Comazzetto at 2:30 AM | Permalink

---

IPS false-positive can block http download of windows executable

June 3, 2010

It has come to our attention that a specific intrusion prevention pattern which is normally used to detect .NET exploits is falsely detecting some windows executable downloads to be malicious.
You are only affected if you have the IPS system active, if you enabled the category "Attacks against Client Software" -> "Browser (Internet Explorer, Mozilla)" and set this category to "drop".
All other customers are not affected by this issue.

We have identified the pattern and are currently analyzing it. Once we are finished, we will run the fixed pattern set through our test procedures and expect to be releasing fixed ips patterns by tomorrow.

Read below how to work arround this issue ...

Continue reading "IPS false-positive can block http download of windows executable" »

Posted by Gert Hansen at 5:18 PM | Permalink

---

Astaro Command Center 2.2 Public Beta Begins

May 31, 2010

We would like to invite you to the Public Beta for our next point-release of the Astaro Command Center, Version 2.2. Our developers have been hard at work building and refining new features for our centralized management product, and there are some very powerful new things to see and test.

Astaro Command Center 2.2 will remain a completely free product, and is available as a software appliance ISO which you download and install on the hardware of your choice or run inside a VMware virtual machine (or other virtual solution). From there, you quickly configure your Astaro Security Gateway(s) to communicate with ACC and you then get the ability to configure, get overview information, and generate reports for all connected devices, to name just a few things. This leaves you with a sort of "Throne-Room" for your ASG installations.

This version introduces some great new abilities like Global Packet Filter configuration, central configuration of Web Security profiles, and automatic deployment of Global Objects. Read on for all the details.

Continue reading "Astaro Command Center 2.2 Public Beta Begins" »

Posted by Angelo Comazzetto at 4:19 PM | Permalink

---

Up2Date 7.505 Released

May 20, 2010

Hello! Up2Date 7.505 has started to push to installations. This version is mainly to update some ASG code in preparation for the imminent GA release of the Astaro RED product. In addition, there are some fixes, stability changes, and we have also released a few new features. Added are support for multiple syslog servers, a read-only WebAdmin role, and XAUTH support in site-site IPSEC Tunnels.

As part of our extending the home user licensing to 50 IP addresses last winter, we now are introducing a small change to the customization ability of installations using ASG at home. Focused around the Web Security block page (and other customization areas), a "home-user only" notice will appear and customizations of these types of pages is now limited. This allows us to continue to offer such a large amount of total protection for free home use without any other limitations. Full details of V7.505 are below...

Continue reading "Up2Date 7.505 Released" »

Posted by Angelo Comazzetto at 10:12 AM | Permalink

---

Letter from the CEO

May 7, 2010

Dear Astaro partners and customers,

I profoundly apologize for the events of today.

We issued two malfunctioning pattern updates for our flagship product Astaro Security Gateway which caused many of you significant troubles. I, and everyone at Astaro, understand that our most important asset is the trust of our partners and customers and today was a bad day for us.

Please allow me to share the results of our preliminary investigation into what went wrong.

Continue reading "Letter from the CEO" »

Posted by Gert Hansen at 6:01 PM | Permalink

---

Faulty IPS pattern blocks all traffic - How to fix it!

Dear partners and customers,

As you might have noticed, our automated IPS pattern test routine has missed a faulty pattern which lead to the distribution of IPS pattern which blocked all communication through the Astaro Security Gateway. I personally apologize for this fault.

We will analyze this issue to find the root cause of the problem and how it was able to bypass our test procedures and update them accordingly to prevent such incidents in the future.
In the meantime we have found and fixed the pattern and uploaded the fixed one to our up2date servers. But because of the blocked communication, the system will not recover itself automatically.
Please find attached a HowTo explaining how to get a system up and running again.
Again, please accept my apology for this incident.

Gert Hansen

Founder and VP Products

---

Continue reading "Faulty IPS pattern blocks all traffic - How to fix it!" »

Posted by Gert Hansen at 11:16 AM | Permalink

---

ASG Version 8 Public Beta Continues

May 6, 2010

In a little over 1 month since the Beta of our next major ASG Version has been available, hundreds of downloads have occurred and thousands of comments have been posted in the V8 Beta Forum.

We have made some incremental Up2Dates to the Beta so far, and now today are releasing a larger Beta build which adds some hotly anticipated features like Location Based Blocking, Web Application Firewall Cookie Signing, and Custom WebAdmin/UserPortal Certificate support.

It is never to late to test the Beta! If you have been wanting to give it a try, you can do so easily. Read on for information on the new Up2Date, and information on how you can join the Beta if you are not already using ASG Version 8.

Continue reading "ASG Version 8 Public Beta Continues" »

Posted by Angelo Comazzetto at 5:18 PM | Permalink

---

ASG Version 8 Public Beta Begins

March 31, 2010

Astaro would like to invite you to join us in testing our next major version of our Security Gateway product. Over the past 18 months our developers have been hard at work - Astaro Security Gateway Version 8 introduces a new Kernel, 64-Bit Support, IPv6, a refreshed WebAdmin, New Reports, and many other exciting things designed to solve problems and secure your network.

A Public Beta of ASG V8 is available immediately, allowing you to test our current progress of this release and refine/shape its development during the next months along its path to General Availability. At Astaro, our goal is to build products that people want to buy, and have features our customers actually use. We listen to the feedback of our community, and ASG V8 is designed with your requirements in mind. Throughout this process, you can contribute, read the comments of others, and keep up-to-date on the latest Beta happenings at our New V8 Public Beta Forum. There you will find full details and ongoing discussions and news about the ASG Version 8 Public Beta.

The V8 Beta program will have some different details compared to our past Betas; it isn't quite feature-complete yet. Rather than bake everything to an almost-done state and unleash it all on you to test at once, we are starting this Beta a bit early and will add a few more things to it during the next few months leading up to release.

Anyone can test out the V8 Beta, if you would like to know more about how get the Beta Version and contribute your findings, just read on!

Continue reading "ASG Version 8 Public Beta Begins" »

Posted by Angelo Comazzetto at 9:00 PM | Permalink

---

Anti-Virus Scanner Announcement for Older ASG Versions

March 25, 2010

Astaro Security Gateway has dual, separate Anti-Virus Engines from different providers for all installations using Web or Mail Security. Customers have their choice to run in "single scan" mode which currently uses the Enterprise scanner from Avira, or in "dual scan" mode which then adds additional scanning from the Open Source ClamAV engine.

ClamAV has upgraded their core engine with a new version which is mandatory in order to support their patterns going forward. To accommodate this, we will make a change to the AV scanning behavior of ASG which our users should be aware of.

As of March 29th, 2010, installations running Astaro Security Gateway 7.400-7.405 will have their ClamAV scanning engines upgraded via a special "Pattern" Up2Date. These installations will then have the latest ClamAV engine for continued use of Dual Scanning mode. (ASG installations running 7.500+ are already compatible and upgraded, so no changes will occur if your installation is kept updated to the latest version.)

While keeping your ASG installation Up2Date to the latest version is always the most reliable way to have the strongest protection, please note that if your installation of ASG has not been updated in 13 months or longer and is currently using 7.200-7.306, it is not upgradeable to the newest ClamAV engine. For these customers who are using Web or Mail Security with Dual Scanning, on April 12th, 2010 the mode will be switched to "Single Scan" automatically. For customers using these older versions, if dual scanning engines are important to you, please update to the latest ASG version. *Note: Versions 7.0xx and 7.1xx are not covered and should be upgraded to a higher version before April 15th.

If you are running a version older than 7.400 and have further questions, or require help in updating to the newest revision of ASG V7, please open a support ticket or contact your Astaro partner for assistance.

Posted by Angelo Comazzetto at 10:08 PM | Permalink

---

Up2Date 7.504 Released

March 9, 2010

Today we release the 7.504 Up2Date for our Astaro Security Gateway product. This version has a few new features, and adds WebAdmin support for our new product RED. RED (Remote Ethernet Device) acts as a long Ethernet cable to a branch office, requiring no configuration or management. It just "brings" the small remote site directly into the connected ASG as an Interface, which is a totally new way of working with remote locations.

RED is in limited BETA now and will be available soon for all to purchase. You can find out more about Astaro RED here.

More 7.504 details are available by reading on...

Continue reading "Up2Date 7.504 Released" »

Posted by Angelo Comazzetto at 7:41 PM | Permalink

---

Up2date 7.503 Released

February 16, 2010

We are in the process of delivering Up2Date 7.503 to our installations. It will appear soon for installation via your WebAdmin. This is a small bugfix update which addresses an incompatibility when using the Web Security subscription with the new Astaro licensing model. It does not require a restart of the system. You can read on for more information and the manual download link.

Continue reading "Up2date 7.503 Released" »

Posted by Angelo Comazzetto at 9:04 PM | Permalink

---

Astaro Secure Client V9.2 released

December 17, 2009

This new release adds Windows 7 support, 64 bit optimization, support of new Intel Wi-Fi drivers, Tip of the day and many additional minor enhancements.

Continue reading "Astaro Secure Client V9.2 released" »

Posted by Udo Kerst at 12:44 PM | Permalink

---

Up2Date 7.502 Released

December 14, 2009

Up2Date V7.502 has been made available to solidify your Astaro installation. It is currently being distributed via our Up2Date system, and contains some new fixes and improvements. Continue reading for all the details.

Continue reading "Up2Date 7.502 Released" »

Posted by Angelo Comazzetto at 4:16 PM | Permalink

---

Current Versions

• Astaro Security Gateway V8: 8.001
• Astaro Security Gateway V7: 7.507
• Astaro Command Center V2: 2.201
• Astaro IPsec Client V9: 9.2
• Astaro Report Manager V4: 4.6

Release Notes

• Astaro Security Gateway V8.0
• Astaro Security Gateway V7.5
• Astaro Command Center V2.2

Known Issues Lists

• Astaro Security Gateway V8
• Astaro Security Gateway V7
• Astaro Command Center V2

Hardware Compatibility Lists

• Astaro Security Gateway V8 HCL
• Astaro Security Gateway V7 HCL
• Astaro Command Center V2 HCL

Links

• Astaro UBB
• Astaro KnowledgeBase
• My.Astaro.com

Subscribe to this blog's feed

• RSS (What is this?)
• E-mail

By Product

• Astaro Command Center
• Astaro Gateways
• Astaro IPsec Client
• Astaro Mail Archiving
• Astaro Security Gateway V6 (EOL)
• Astaro Security Gateway V7
• Astaro Security Gateway V8
• Older Astaro Security Linux Versions

Recent Posts

• Status Update - Software error in old Astaro versions
• Software error in old Astaro versions, update required
• Astaro Command Center Up2Date 2.201 Released
• Up2Date 8.001 Released
• Up2Date 7.507 Released
• Astaro Command Center 2.2 Released
• Up2Date 7.506 Released
• Announcing release of Astaro Security Gateway Version 8
• IPS false-positive can block http download of windows executable
• Astaro Command Center 2.2 Public Beta Begins

By Month

Select a Month... August 2010 July 2010 June 2010 May 2010 March 2010 February 2010 December 2009 November 2009 October 2009 September 2009 August 2009 July 2009 June 2009 May 2009 April 2009 March 2009 February 2009 January 2009 December 2008 November 2008 October 2008 September 2008 August 2008 July 2008 June 2008 May 2008 April 2008 March 2008 February 2008 December 2007 November 2007 October 2007 September 2007 August 2007 July 2007 June 2007 May 2007 April 2007 March 2007 January 2007 December 2006 November 2006 October 2006 September 2006 August 2006 July 2006 June 2006 May 2006 April 2006 March 2006 February 2006 January 2006 December 2005 November 2005 October 2005 September 2005 August 2005 July 2005 June 2005 May 2005 April 2005 March 2005 February 2005 January 2005 December 2004 November 2004 October 2004 September 2004 August 2004 July 2004 June 2004 May 2004 April 2004 February 2004 January 2004 December 2003 October 2003 September 2003 August 2003 July 2003 June 2003 May 2003 April 2003 March 2003 February 2003 January 2003 December 2002 November 2002 October 2002 September 2002 August 2002 July 2002 June 2002 May 2002 April 2002 March 2002 February 2002 December 2001 November 2001 October 2001 September 2001 August 2001 July 2001 June 2001 May 2001 April 2001 March 2001 February 2001 January 2001 December 2000 November 2000