Changelog

The following list shows the changes from Airlock Gateway 7.8 to 8.0:

CHG: AP-18964 Remove deprecated deny rule security level LEGACY 
CHG: AP-23259 Remove redundant web-requests and system logfiles 
CHG: AP-23881 Remove SSLv3 and other weak ciphers 
CHG: AP-25872 Migrate from CentOS 7 to AlmaLinux 9 
CHG: AP-27397 Remove deprecated IP address patterns 
CHG: AP-27528 Reduce idle timeout for REST sessions 
CHG: AP-32325 Various filter improvements 
CHG: AP-32424 Remove obsolete NIC speed settings (CASE-32902) 
CHG: AP-32600 Anomaly Shield: revised page structure in Configuration Center 
CHG: AP-32607 Anomaly Shield: runtime performance of service improved 
CHG: AP-32641 Reorganize settings for server certificate validation for back-end 
              connections (CASE-32981) 
CHG: AP-32716 Improve performance of failover checks on active node (CASE-33055) 
CHG: AP-32849 Imported configurations must be of version 7.4 or newer 
CHG: AP-32873 Drop support for deprecated "SecurityGateway *" prefix in SG expert 
              settings 
CHG: AP-32894 Improve default searches in Kibana 
FIX: AP-32326 Correctly render "Has roles" column in session viewer (CASE-32767) 
FIX: AP-32492 Correctly create event EVENT_SY-H-DBSYNC-OK 
FIX: AP-32505 Write NMLY-200 message only for sessions with meaningful anomaly 
              data 
FIX: AP-32653 Correctly set lock state of default header allow/deny list 
              checkboxes (CASE-33078) 
FIX: AP-32836 Policy Learning suggestions work with embedded parameters 
FIX: AP-32862 Log execution of AnomalyShield soft actions in log only mode 
FIX: AP-32863 Correctly handle CA certificates for JWKS services 
FIX: AP-32875 CSRF token works with Tosca automation extension for Chrome 
              (CASE-33166) 
FIX: AP-32896 Immediately activate Webroot service when Webroot license is added 
FIX: AP-32929 Perform MAC address checks also with trial licenses 
NEW: AP-12767 Options for TCP keep-alive on back-end connections 
              (CASE-32659, CASE-27676, CASE-32969) 
NEW: AP-20380 Option for customizing policy learning suggestions before applying 
NEW: AP-25506 REST endpoint for CSRF token settings 
NEW: AP-25509 REST endpoint for deny rule settings 
              (CASE-32672, CASE-30282,  CASE-30905) 
NEW: AP-25519 REST endpoint for error pages 
NEW: AP-27573 Log forwarding with TLS uses system or custom CAs 
              (CASE-32359, CASE-30217, CASE-32646, CASE-32676, CASE-31742) 
NEW: AP-30008 Option for backup of system and custom files 
NEW: AP-30192 Kibana search and visualization for client-side connectivity issues 
              (CASE-31265) 
NEW: AP-30841 REST endpoint for global expert settings 
NEW: AP-31320 Synchronize Let's Encrypt certificates to passive failover cluster 
              node (CASE-32876) 
NEW: AP-32341 Add session counts to log message WR-SG-TIME-200 
NEW: AP-32364 Add IPv6 support for Threat Intelligence 
NEW: AP-32477 Add entry_url to log message NMLY-200 
NEW: AP-32564 REST endpoint for reading gateway version 
NEW: AP-32601 Anomaly Shield: environment cookie with anomaly status 
NEW: AP-32679 Anomaly Shield: reusable traffic matchers for simplified 
              configuration 
NEW: AP-32722 Anomaly Shield: show training information in Configuration Center 
NEW: AP-32723 Anomaly Shield: upload and download of models in Configuration 
              Center 
NEW: AP-32724 Anomaly Shield: Manage models in Configuration Center 
NEW: AP-32750 Anomaly Shield: Action for removing roles from session 
NEW: AP-7635 Show number of consumed back-end licenses on license screen 
             (CASE-22107, CASE-10194, CASE-19122) 
NEW: AP-7805 Show path details in allow rule overview 
UPD: AP-31273 Update to Gem Engine 1.6 
UPD: AP-31717 Update OS components 
UPD: AP-32370 Update to Kerberos 1.20 
UPD: AP-32371 Update to httpd 2.4.54 
UPD: AP-32375 Update to jsoncons 0.168.7 
UPD: AP-32377 Update to syslog-ng 3.37.1 
UPD: AP-32379 Update to Tomcat 9.0.65 
UPD: AP-32380 Update to collectd 5.12.0 
UPD: AP-32383 Update to Redis 7.0.4 
UPD: AP-32384 Update to c-icap 0.5.10 
UPD: AP-32387 Update geolocation data (DB-IP) 
UPD: AP-32388 Update to PCRE2 10.40 
UPD: AP-32389 Update to libcurl 7.85.0 
UPD: AP-32394 Update to OpenSSL 3.0.5 
UPD: AP-32970 Update to Elasticsearch/Kibana 8.4.0 
UPD: AP-33020 zlib: Bugfix for CVE-2022-37434