Release Notes Revision A
McAfee Web Gateway 7.5.0.3
Contents About this release Enhancement Installation instructions Known issues Find product documentation
About this release This document contains important information about the current release. We strongly recommend that you read the entire document. ®
McAfee Web Gateway (Web Gateway), version 7.5.0.3, is provided as a controlled release. It is a maintenance version providing an enhancement that was added to solve a problem present in previous versions.
Enhancement This release of the product includes the following enhancement.
Protocol version agreement configurable When Web Gateway sends a Client Hello message to a web server, a TLS_FALLBACK_SCSV part can be included in this message if a previous handshake with the server failed. This message part informs the server that the connection will only be set up if the supported protocol version on the server is not higher than the version used on the client, which is communicated in the Client Hello message. For example, if the server supports TLS 1.2, but the client sent SSL3, TLS 1.0, or TLS 1.1, the server responds with an Inappropriate fallback alert, and the connection is not set up.
1
This feature proved to be highly sensitive to network issues and led to a great number of false positives. The feature is therefore still implemented in Web Gateway, but it can now be enabled or disabled on the user interface. The feature is disabled by default.
Installation instructions The requirements for installing Web Gateway, version 7.5.0.3, on an appliance depend on the version you are currently running. •
When running version 7.5.0.2, an earlier 7.5.x, a 7.4.x, or a 7.3.x version, you can upgrade to the new version after activating a repository. See Upgrade from 7.3.x or later.
•
When running a 7.2.x or any earlier 7.x version: •
Create a configuration backup. Use the options provided under Troubleshooting | Backup/Restore on the user interface to create the backup.
•
Upgrade to the new version. See Upgrade from 7.2.x or earlier 7.x. The upgrade process includes a major upgrade of the operating system. It will take several steps and more time than usual. If the upgrade process fails or is interrupted, you can re-image the appliance using an image of the new version and install the configuration backup.
Alternatively, you can:
•
•
Create a configuration backup.
•
Re-image the appliance using an image of the new version and install the configuration backup.
When running a 6.8.x or 6.9.x version, you must re-image the appliance using an image of the new version.
Download an image of the new version from the download page of the McAfee Content & Cloud Security Portal at https://contentsecurity.mcafee.com/software_mwg7_download. For more information on re-imaging, see the McAfee Web Gateway Installation Guide.
Upgrade from 7.3.x or later When running a 7.5.x, 7.4.x, or 7.3.x version, you can upgrade to the new version after activating a repository. You can perform the upgrade on the user interface or from a system console.
Activate the repository Activate the repository for the new version before upgrading on the user interface or from a system console. You can activate the repository from a local system console, which is directly connected to an appliance, or work remotely, using SSH.
2
Task 1
Log on to the appliance you want to perform the upgrade on.
2
Run the following command: mwg-switch-repo 7.5.0.3
You can now upgrade to the new version on the user interface or from a system console.
Upgrade on the user interface You can work with the options of the user interface to perform the upgrade. Task 1
Select Configuration | Appliances.
2
On the appliances tree, select the appliance you want to perform the upgrade on. The appliance toolbar appears on the upper right of the tab.
3
Click Update Appliance Software. The upgrade to the new version is performed. The upgrade process also logs you off from the user interface.
4
When a message informs you that the upgrade has completed, proceed as follows: a
Log on to the user interface again.
b
Select Configuration | Appliances, then select your appliance.
c
On the appliance toolbar, click Reboot.
When the restart has completed, you can log on to the user interface again and start working with the new version.
Upgrade from a system console You can upgrade from a local system console, which is directly connected to an appliance, or remotely, using SSH. Task 1
Log on to the appliance you want to perform the upgrade on.
2
Run the following two commands: yum upgrade yum yum upgrade The upgrade to the new version is performed.
3
When a message informs you that the upgrade has completed, run the following command: reboot
When the restart has completed, a logon prompt appears. You can now log on to the user interface and start working with the new version.
3
Upgrade from 7.2.x or earlier 7.x When running a 7.2.x version or any earlier 7.x version, use a system console to upgrade to the new version. You can use a local system console, which is immediately connected to an appliance, or work remotely, using SSH. Task 1
Log on to the appliance you want to perform the upgrade on.
2
Run the following two commands: yum upgrade yum yumconf\* mwg-dist-upgrade 7.5.0.3 The upgrade to the new version is performed in two phases. After each phase, the appliance restarts automatically.
3
Proceed in one of the following ways to complete the installation: •
If you are using a local system console: When the second restart has completed, a logon prompt appears. You can now log on to the user interface and start working with the new version.
•
If you are using SSH: When the appliance restarts after the first upgrade phase, you are disconnected and the second upgrade phase begins. After this phase has completed, including the automatic restart, you can log on to the user interface and start working with the new version. If you log on before the second upgrade phase has completed, a message states that this phase is still in progress. When the appliance restarts at the end of this phase, you are disconnected again. Then you need to log on again to be able to work with the new version. You can also run the following command to view messages about the upgrade progress: tail -F /opt/mwg/log/update/mlos2.upgrade.log When you see that the upgrade has completed, press Ctrl+C to stop the monitoring process. You can now log on to the user interface and start working with the new version.
Known issues For a list of known issues in this product release, see this McAfee Knowledge Base article: KB82983.
4
Find product documentation After a product is released, information about the product is entered into the McAfee online Knowledge Center. Task 1
Go to the Knowledge Center tab of the McAfee ServicePortal at http://support.mcafee.com.
2
In the Knowledge Base pane, click a content source: •
Product Documentation to find user documentation
•
Technical Articles to find KnowledgeBase articles
3
Select Do not clear my filters.
4
Enter a product, select a version, then click Search to display a list of documents.
Product documentation Every McAfee product has a comprehensive set of documentation. For Web Gateway, this includes the following: •
McAfee Web Gateway Product Guide — Describes the features and capabilities of Web Gateway, providing an overview of the product, as well as detailed instructions on how to configure and maintain it.
•
McAfee Web Gateway Installation Guide — Describes how to set up Web Gateway, as well as several devices that can be run with the product.
•
McAfee Web Gateway Quick Start Guide — Describes high-level steps for setting up a Web Gateway version that is shipped as pre-installed appliance software on a hardware platform. This document is shipped in printed format with the pre-installed software and the hardware. Web Gateway, version 7.5.0.3, is not provided as pre-installed software.
Copyright © 2014 McAfee, Inc. www.intelsecurity.com Intel and the Intel logo are trademarks/registered trademarks of Intel Corporation. McAfee and the McAfee logo are trademarks/ registered trademarks of McAfee, Inc. Other names and brands may be claimed as the property of others. A00
