SecPoint® Protector 20.0 Firmware release

Rev. 1.0 - January 2013

ProtectorTM

Unified threat management

http://www.secpoint.com/protector.html

Copyright © 1999-2013 SecPoint®

Protector 20.0 - January 2013 Video: http://www.youtube.com/watch?v=U0LR4A6xPpQ

- New items in the Alert Center

We have added three more items

email queue, System Status, CPU Load. We consider these new items important for the

health of the Protector and consequently for the

health of your network. They are not necessarily

related to possible threats, but a constant

green status in any of these indicators means that

some aspects of your Protector need your

attention.

For these new indicators, an alert is raised in the following cases:

• Email Queue: when the

• System Status: when the

exceeds the maximum allowed

• CPU Load: when the

maximum allowed.

The maximum allowed

next alert level.

Just like all other indicators in the Alert Center, you can

customize threshold values

functions in the Alert Center menu.

Please refer to the Release Notes issued with Pr

for a detailed description of how to deal with Alerts.

Page 2 of 6

Protector 20.0

January 2013

http://www.youtube.com/watch?v=U0LR4A6xPpQ

items in the Alert Center

We have added three more items under the control of the Alert Center: Length of input

email queue, System Status, CPU Load. We consider these new items important for the

health of the Protector and consequently for the

health of your network. They are not necessarily

related to possible threats, but a constant non-

green status in any of these indicators means that

aspects of your Protector need your

For these new indicators, an alert is raised in the following cases:

the length of the input queue exceeds the maximum allowed

when the number of Not Good items showed in the

exceeds the maximum allowed,

: when the number of times the CPU exceeds a load of 50% exceeds the

allowed above is represented by the threshold values that trigger the

other indicators in the Alert Center, you can

customize threshold values of these new items using the

functions in the Alert Center menu.

Please refer to the Release Notes issued with Protector 18.5

for a detailed description of how to deal with Alerts.

20.0 Firmware release

Alert Center: Length of input

email queue, System Status, CPU Load. We consider these new items important for the

the maximum allowed,

showed in the System Status

the CPU exceeds a load of 50% exceeds the

threshold values that trigger the

Copyright © 1999-2013 SecPoint®

- Automated threshold recalculation

Whenever you need it, you may

network. To automate this, we have added a new function that recalculates all thresholds

automatically.

Thresholds will be recalculated based on the historical data

recorded by the Alert Center,

have been collected. The Protector will take as new

threshold for all Yellow level

most recent period, increased by 1

levels will be calculated from the Yellow level.

From this point on, the Alert Center will work with the threshold values that best fit your

network and every change from t

account.

- Backup & Restore

The backup / Restore function has been redesigned, to fit the need

reasons or for a migration to a newer unit.

Click on Create Backup to create a backup file.

Page 3 of 6

Protector 20.0

threshold recalculation

it, you may customize Alert Thresholds in order to be

this, we have added a new function that recalculates all thresholds

Thresholds will be recalculated based on the historical data

recorded by the Alert Center, when at least 30 days of data

The Protector will take as new

Yellow levels the values collected in the

, increased by 1. Thresholds for higher

from the Yellow level.

From this point on, the Alert Center will work with the threshold values that best fit your

network and every change from the Green status to another one should be taken into

The backup / Restore function has been redesigned, to fit the need of a backup for safety

migration to a newer unit.

create a backup file. Depending on your browser

20.0 Firmware release

stomize Alert Thresholds in order to better fit your

this, we have added a new function that recalculates all thresholds

From this point on, the Alert Center will work with the threshold values that best fit your

should be taken into

of a backup for safety

ser’s settings, you

Copyright © 1999-2013 SecPoint®

may be asked to input a download folder or not.

Then, you can restore a previously

on Browse to choose the backup file, then click on Start Restore.

When the restore starts, the

restoring, and at the end will restart services.

The Protector will not backup:

• Log tables (alert history, web filter log,

• Read-only tables

Page 4 of 6

Protector 20.0

may be asked to input a download folder or not.

a previously created backup file on the same or on another unit.

backup file, then click on Start Restore.

When the restore starts, the Protector will inform you about the database table

, and at the end will restart services.

backup:

(alert history, web filter log, login history, statistics…)

20.0 Firmware release

created backup file on the same or on another unit. Click

database table it’s

Copyright © 1999-2013 SecPoint®

- User-based proxy filtering

The user-based proxy access and

rely on a LDAP server, that must

LAN. Through this function

connection to your LDAP server (Active

directory, OpenLDAP) to allow the Protector to

connect to it and grab User/Group informa

To enable user-based access to

using the Protector as a proxy

the correct information in the fields of th

Authentication, then you have to create a user

group, in the Group Policies

name as the user group in the

In the following example the group NoYoutube, defined in

created with the same name

grabbed from AD by simply pressing the button

Page 5 of 6

Protector 20.0

filtering

access and filtering must

on a LDAP server, that must exist on your

Through this function you can create a

connection to your LDAP server (Active

to allow the Protector to

connect to it and grab User/Group information.

based access to the internet

proxy, you must enter

the correct information in the fields of the LDAP

you have to create a user

Group Policies, with the same

the LDAP server.

example the group NoYoutube, defined in Active Directory

with the same name in the WebFilter-Group Policies. The list of users has been

grabbed from AD by simply pressing the button Query LDAP.

20.0 Firmware release

ectory has been

The list of users has been

Copyright © 1999-2013 SecPoint® Page 6 of 6

Protector 20.0 Firmware release

When the user-based authentication is active, it’s necessary to configure the web browser

to point to the Protector, as proxy, on port 8080. The type of user authentication offered

today is Basic authentication, which requires each user to authenticate with userid and

password on the web browser.

- And… Charts: The loading of charts on the Welcome page has been deferred to when the

welcome page has been fully loaded. This is to avoid that a longer processing time that may

be necessary to produce a chart affects the time needed to load the main page.

Fuzzy OCR: This feature, that evaluates possible spam content in images attached to

emails, could not be disabled. This caused valid emails to be quarantined as spam. Now this

feature can be disabled in Anti-Spam > Configuration > Spam Settings > Spam Filter Rules.

SMTP configuration: A new Notes field has been added to this function, to allow to enter

information about the meaning of each IP.

Force firmware Update: With this new feature, the Protector can be forced from the VIP

Lounge to start a firmware update. This function does not have a user interface in the

Protector. It can be used when the Protector cannot be accessed from outside the local

LAN.