Technical Library | Support

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
v8.0.1 Release Notes for On-Premises TRITON AP-EMAIL
v8.0.1 Release Notes for On-Premises TRITON AP-EMAIL
Topic 70145 | Release Notes | TRITON AP-EMAIL | Version 8.0.1 | Updated: 01-Jun-2015
Applies To:
TRITON AP-EMAIL v8.0.1
Websense® TRITON® AP-EMAIL version 8.0.1 is a correction release that includes email protection updates and fixes, some requested by our customers. This release also includes important fixes for recent system vulnerabilities. See Important updates for details.
Part of the TRITON APX security solutions, TRITON AP-EMAIL is a Websense on-premises, V-Series appliance-based system that prevents malicious email threats from entering an organization's network, and protects sensitive data from unauthorized email transmission.
 
* 
Important 
Some older V10000 and V5000 appliances are not supported with version 8.0.0 and higher. See V-Series appliances supported with version 8.0 for details.
You can also deploy TRITON AP-EMAIL on a virtual appliance. Download the image file (WebsenseEmail801Setup_VA.ova) from the MyWebsense downloads page. See the virtual appliance Quick Start Guide for deployment information.
In addition, TRITON AP-EMAIL can be deployed on a Websense X-Series modular chassis blade server, part of a high-performance network security system. This support has the benefit of making on-premises email protection available on a platform that is scalable for large enterprise organizations. See the following resources for information about X-Series appliance deployment:
*
X-Series Appliance Getting Started Guide
*
X-Series Appliance Command Line Interface Guide
Use these Release Notes to find information about version 8.0.1 TRITON AP-EMAIL. Version 8.0.1 Release Notes are also available for the following Websense products:
*
TRITON Manager
*
Websense Web Protection Solutions (including Content Gateway)
*
Websense Data Protection Solutions
*
V-Series Appliance
*
X-Series Appliance
See the Administrator Help for details about on-premises TRITON AP-EMAIL operations.
If you are installing this on-premises email protection solution for the first time, see Installing Websense Appliance-Based Solutions.
If you are upgrading from a previous email protection system version, see Upgrading Email Protection Solutions.
Important updates
The initial username and password for the TRITON AP-EMAIL virtual appliance have been changed as of version 8.0.1, as part of a security update that removed ssh root access to the appliance. Use the following username and password for initial logon:
email_va
email_va#123
See the virtual appliance Quick Start Guide for more deployment information.
TRITON AP-EMAIL now includes the TRITON AP-DATA mobile agent, a Linux-based appliance that lets you secure the type of email content that is synchronized to users' mobile devices when they connect to the network. This includes content in email messages, calendar events, and tasks. For more information, see the topic titled Installing AP-DATA Agents and Servers in the TRITON AP-DATA Help.
The following critical vulnerabilities are also resolved in TRITON AP-EMAIL version 8.0.1:
OpenSSL vulnerability (FREAK)
This vulnerability was identified in CVE-2015-0204.
An OpenSSL client may accept the use of an RSA temporary key in a non-export RSA key exchange cipher suite. A server could present a weak temporary key and downgrade the security of the session.
Java vulnerability (SKIP-TLS)
This vulnerability was identified in CVE-2014-6593.
This Java vulnerability allows the use of a man-in-the-middle (MITM) attack to spoof the identity of any server. In the worst case, an attack could completely disable TLS encryption. At the least, encryption could be made susceptible to cracking. A likely scenario for exploitation of this vulnerability may be a WiFi hotspot or local network attack.
Java cross-site scripting vulnerability
A cross-site scripting vulnerability allows a user to enter and save JavaScript in the email system user database. Entering that script as a Personal Email Manager password gives an attacker access to a web session while posing as a valid user.
Operating system (OS) command injection
A command injection vulnerability allows a user to introduce system-level commands into code to change program execution. A flaw in a Java application could permit an attacker to execute server commands in TRITON AP-EMAIL.
Contents
*
Installation and upgrade
*
Resolved and known issues

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
v8.0.1 Release Notes for On-Premises TRITON AP-EMAIL
Copyright 2016 Forcepoint LLC. All rights reserved.