Library Search:


Go to the table of contents Go to the previous page Go to the next page
v7.5 Release Notes for Websense Web Security : Fixed in this version

Fixed in this version
Topic 50132 / Updated: 09-Jun-2010
Applies To:
Websense Web Filter 7.5
Websense Web Security 7.5
Several hotfixes (patches) created for previous releases have been incorporated into this version. In addition, changes requested by customers have been incorporated.
TRITON - Web Security (general)
*
When an internal error occurs in TRITON - Web Security, the stack trace no longer shows possibly sensitive information in the client browser. (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
Category names that include a comma can be changed without error. (v7.0 Hotfix 08, 21, 29)
*
LDAP user passwords are no longer readable in the HTML source of the Settings > Directory Services and Logon Directory pages. (v7.0.1 Hotfix 12, 19, 22)
*
An internal error no longer displays when administrators access the Settings > Risk Classes page. (v7.0.1 Hotfix 19, 22, v7.1 Hotfix 08, 12, 33, 35, 40, 41, 43, 48, 50, 52)
*
Administrators can now add proxy user names containing a hyphen (-). (v7.1 Hotfix 08, 12, 33, 35, 40, 41, 43, 48, 50, 52).
*
Administrators can now define non-qualified sites as unfiltered (for example, http://wrprod). (v7.1 Hotfix 08, 12, 33, 35, 40, 41, 43, 48, 50, 52)
*
When an administrator clicks Create Policy in the Common Tasks pane, all existing policies are now available to be used as the basis for creating the new policy.
*
When there are many Network Agent instances associated with a Policy Server, a scroll bar allows administrators to access configuration information for all instances. (v7.1 Hotfix 52)
*
TRITON - Web Security now accepts user names containing a period when an administrator configures Master Database downloads via a proxy. (v7.1 Hotfix 41, 50, 52)
*
Database download status for each Filtering Service instance is displayed in TRITON - Web Security in a timely manner. (v7.1 Hotfix 35, 38, 40, 41, 43, 48, 52)
*
TRITON - Web Security issues prevent a connection to Policy Server have been corrected. (v7.1 Hotfix 21, 33, 35, 40, 41, 43, 48, 50, 52)
*
Pages transmitted via SSL are no longer cached by the browser. (v7.1 Hotfix 21, 33, 35, 40, 41, 43, 48, 50, 52)
*
The Secure Attribute is now included in the Encrypted Session (SSL) cookie to avoid having the cookie sent as plain text. (v7.1 Hotfix 21, 33, 35, 40, 41, 43, 48, 50, 52)
TRITON - Web Security (Policy Servers page)
*
The list of Policy Servers on the Settings > Policy Servers page no longer shows duplicate entries after changes are made. (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12)
*
The logon page and Settings > Policy Servers page load more quickly, even when there are many Policy Servers listed in TRITON - Web Security. (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
A full list of Policy Server entries is displayed on the Settings > Policy Servers page, even when there are more than 25 entries. (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12, 19, 22)
TRITON - Web Security (Clients page)
*
A problem that caused an error preventing administrators from adding a client, either to the Clients page or to a delegated administration role, has been corrected. The error was: "The user cannot be added to the current role. A policy has already been assigned to this user in role: Super Administrator." (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
Directory clients (users, groups, and domains/organizational units) are now alphabetized in the Clients page, with domains appearing first, then groups, then individual users. (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
When adding clients, results returned from the directory service are now alphabetized, as are pages, if paging is necessary. (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
When an administrator adds network clients on the Clients page, the correct range is added, rather than a single IP address (computer client). (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
A problem that caused a Java error when the Clients page was selected has been corrected. The error no longer appears, and computer and network clients are displayed normally. (v7.0 Hotfix 08, 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
When an administrator adds directory clients, Websense software can now query more than one global catalog server. (v7.0 Hotfix 08, 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
When an administrator adds a network client, and the first value in the second IP address is greater than 127 (for example, 1.1.1.1 - 128.0.0.0), TRITON - Web Security no longer displays a warning. (v7.0 Hotfix 08, 21, 29)
*
User names that include quotation marks (") anywhere in the LDAP path are now displayed properly in TRITON - Web Security. (v7.0.1 Hotfix 06, 12, 19, 22, v7.1 Hotfix 08, 12, 20, 33, 40, 41, 43, 48, 50, 52)
*
Administrators were sometimes unable to browse the root domain when child domains were added to directory services. (v7.1 Hotfix 08, 12, 20, 33, 40, 41, 43, 48, 50, 52)
*
Clients whose user name contains a comma can now be added via the Search option on the Add Clients page without an extra backslash character being appended. (v7.1 Hotfix 52)
*
TRITON - Web Security correctly displays organizational units (OUs) that contain a plus sign (+) in the name. (v7.1 Hotfix 41, 50, 52)
TRITON - Web Security (custom URLs and limited access filters)
*
If you have a significant number (hundreds or more) of recategorized URLs or regular expressions, clicking OK on the Edit Categories page no longer results in a very long delay (many minutes) before the Filter Components page loads and changes can be saved. (v7.0.1 Hotfix 12, 19, 22, v7.1 Hotfix 08, 12, 33, 35, 40, 41, 43, 48, 50, 52)
*
In environments with a large number of custom URLs (recategorized or unfiltered), the Edit Policy page now loads more quickly. (v7.0.1 Hotfix 22, v7.1 Hotfix 08, 12, 33, 35, 40, 41, 43, 48, 50, 52)
*
An problem that caused valid URLs to be flagged as invalid when URLs were recategorized has been corrected. (v7.0.1 Hotfix 12, 19, 22)
*
Unfiltered URLs are saved only once. The Policy Database does not create duplicates. (v7.1 Hotfix 20, 38, 40, 41, 43, 48, 50, 52)
*
Custom URLs are now displayed in a more consistent manner. (v7.1 Hotfix 12, 33, 35, 40, 41, 43, 48, 50, 52)
*
When a category is selected on the Filtering Components > Edit Categories page, a complete list of custom URLs for the category is displayed. (v7.0.1 Hotfix 22, v7.1 Hotfix 08, 12, 33, 35, 40, 41, 43, 48, 50, 52)
*
Custom URLs (recategorized and unfiltered) and URLs added to limited access filters are categorized properly when they contain uppercase letters. (v7.1 Hotfix 35, 38, 40, 50, 52)
TRITON - Web Security Toolbox
*
The Check Policy tool now shows the correct policy for users defined in a Windows Active Directory global catalog server identified by IP address. (v7.1 Hotfix 50, 52)
Delegated administration
*
A problem that caused delegated administrators to receive an error message when they attempted to look up clients or URLs has been corrected. (v7.0 Hotfix 08, 21, 29)
*
A problem that sometimes prevented delegated administrators from logging on to TRITON - Web Security has been corrected. (v7.0.1 Hotfix 21 and v7.1 Hotfix 02)
*
Websense user accounts that include a hyphen (like "report-auditor") can now be added to a role. (v7.0 Hotfix 08, 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
User search is now as quick for delegated administrators as for WebsenseAdministrator (v7.1 Hotfix 48, 50, 52)
*
Delegated administrators whose permissions do not include viewing user names cannot use the Toolbox to search for user data. (v7.1 Hotfix 43, 48, 50, 52)
Reporting (Log Server and Log Database)
*
Log Server now successfully looks up users' full name and associated groups with User Service to ensure that user names are visible in reports. (v7.0.1 Hotfix 17, v7.1 Hotfix 05)
*
During startup, Log Server tries to connect to the database a specified number of times before recording a failure to connect. (v7.1 Hotfix 15, 18)
*
When integrated products send records with malformed URLs to Log Server, the high value in the protocol field is removed, and the records are added successfully to the Log Database. (v7.1 Hotfix 18)
*
Log Server no longer shuts down when renewing an SSL certificate. It successfully stores the certificate in the LogServer.exe.p12 file. (v7.0 Hotfix 31)
Reporting (Today and History pages)
*
The TRITON - Web Security Today and History pages can now connect to a Microsoft SQL Server database that uses a non-standard port. (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
The Current Filtering Load line now plots data up to the current time, and the line does not drop to zero. (v7.0 Hotfix 08, 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
When a Today or History page chart contains a large quantity of data, better scaling is used to make the legends more readable. (EI 4254)
Presentation reports
*
A copied presentation report can be edited and then saved without errors. (v7.0 Hotfix 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
Top N presentation reports now permit you to specify up to Top 200. Note that the graph may not display in the report when you use a large Top N value. (v7.0 Hotfix 08, 21, 29, v7.0.1 Hotfix 12, 19, 22)
*
A problem that could cause the Presentation Reports Scheduler to fail with a general error has been corrected. (v7.1 Hotfix 10)
*
A problem that caused Presentation Reports Scheduler to fail to connect to the Policy Database, causing scheduled reports to be lost after reboot, has been corrected. (v7.1 Hotfix 12, 33, 35, 40, 41, 43, 48, 50, 52)
Investigative reports
*
When the automatic reindexing setting is changed to Sunday, the setting is saved properly. (v7.0.1 Hotfix 24, 31, 33).
*
Spacing problems in concatenated reports exported to PDF have been addressed, so that character strings do not overlap and wrapping works correctly. (v7.0.1 Hotfix 09, 24, 31, 33, v7.1 Hotfix 45)
*
A problem affecting detail reports sorted by bandwidth has been corrected. (v7.0.1 Hotfix 09, 24, 31, 33)
*
When languages other than English are used, pie charts now display correctly. (v7.0.1 Hotfix 09, 24, 31, 33)
*
Pie charts display the correct time format (total number of seconds) when you selected Browse Time [seconds] for the Measure. (v7.1 Hotfix 25, 45)
*
Pie charts display correctly in locales use the period (.) symbol as a thousands separator. (v7.0.1 Hotfix 33)
*
Two new Websense\webroot\Explorer\wse.ini file parameters (chartWidth and chartHeight) make it possible to specify a custom width and height for pie charts, in case you need to expand the default size. (v7.1 Hotfix 25, 45)
*
Changing automatic reindexing setting to a Sunday no longer reverts to Monday when you save changes and refresh. (v7.0.1 Hotfix 09, 24, 31, 33)
*
Large bandwidth reports (approximately 1.5 GB) to PDF or Microsoft Excel format no longer results in an error, and the export is completed successfully. (v7.0.1 Hotfix 07, 09, 24, 31, 33).
*
Top 50 reports can be exported to PDF without error. (v7.0.1 Hotfix 07, 09, 24, 31, 33)
*
Scheduled reports can be exported to PDF without error. (v7.1 Hotfix 03, 16, 25, 45)
*
A problem that caused incorrect values in detail reports when administrators attempted to report on source IP address and destination has been corrected. (v7.0.1 Hotfix 03, 07, 09, 24, 31, 33)
*
Investigative reports now use UTF-8 encoding. Any information passed using ISO-8859-1 encoding is now converted to UTF-8. This corrects a problem that prevented delegated administrators from creating reports for managed clients belonging to a domain whose name included non-Latin characters (for example, Cyrillic or Chinese characters). (v7.0.1 Hotfix 03, 07, 09, 24, 31, 33)
*
An error that occurred when exporting investigative reports that show the top 50 or more <grouping> by <grouping> within a <grouping> (for example, Top 50 Categories by Action within a Risk Class, or Top 75 Users by Day accessing a Protocol) to PDF has been corrected. (v7.0.1 Hotfix 03, 07, 09, 24, 31, 33)
*
A problem that caused blank user names in reports if a user account did not have a full first and last name has been corrected. (v7.1 Hotfix 16, 25, 45)
*
Browse time reports now display properly. (EI 4656)
*
Administrators who log on to TRITON - Web Security using a network account with a long name now have access to investigative reports. (v7.1 Hotfix 45)
*
When a large investigative report is saved in Excel format, Microsoft Excel can now open the file. (v7.0.1 Hotfix 31, 33)
User identification and authentication
*
A problem that sometimes prevented non-Latin symbols in a user password from being recognized by manual authentication has been corrected. (v6.3.2 Hotfix 45)
*
Changes to winhttp.dll introduced by Microsoft software update KB960803 no longer prevent the logon application (LogonApp.exe) from authenticating users via NTLM, regardless of whether the /dhcp option is used. (v7.0.1 Hotfix 15, 27)
*
Custom LDAP groups are now properly applied, so that users are filtered correctly. (v7.1 Hotfix 17, 28)
*
Users whose name include a pound or hash symbol (#) anywhere in the LDAP path are now filtered correctly. (v7.1 Hotfix 12, 33, 35, 40, 41, 43, 48, 50, 52)
*
Users in an organizational unit (OU) that contains an ampersand (&) are now filtered properly. (v7.1 Hotfix 38, 40, 43, 48, 50, 52)
*
A User Service problem that caused Novell eDirectory Server to lock up, behaving as if it had reached the maximum number of allowable connections, has been corrected. Connections are now allocated correctly, and user identification works as expected. (v7.1 Hotfix 28)
*
Users who log on to Novell eDirectory via Novell ZENWorks are now identified properly by eDirectory Agent. A new wsedir.ini file parameter (NetworkAddressAttribute) can be used to specify where user machine IP addresses are stored. (v6.3.3 Hotfix 08, v7.1 Hotfix 24, 30)
*
eDirectory Agent now connects to Novell eDirectory Server through the port specified in TRITON - Web Security or in the wsedir.ini file. (v7.1 Hotfix 24)
*
DC Agent now runs as the domain account configured during installation, correcting a v7.1 problem. (EI 4659)
Filtering Service
*
The amount of memory required by Filtering Service when it loads the Master Database has been reduced to minimize download and load failures. (v7.0 Hotfix 28, 34, v7.0.1 Hotfix 04, 13, 26, 29)
*
Filtering Service and Network Agent now always use the communication ports specified in the websense.ini file. This addresses a problem that prevented TRITON - Web Security Toolbox features from functioning properly. (v7.0 Hotfix 19, 20, 28, 34, v7.0.1 Hotfix 04, 13, 26, 29)
*
When administrators use category filters to implement bandwidth-based filtering, user attempts to access affected categories are blocked or permitted appropriately. (v7.1 Hotfix 11)
*
Custom URLs that include one or more capital letters are now filtered appropriately. (v7.0.1 Hotfix 29)
*
Filtering Service now supports regular expression syntax not supported in previous versions. In addition, TRITON - Web Security now more accurately reflects the regular expression syntax supported by Filtering Service. (EI 3596)
Network Agent
*
Network Agent on Linux can now handle 13,000 packets per second with a drop rate of less than 1%. (v6.3.2 Hotfix 59)
*
A multi-threading problem with Network Agent on Linux has been corrected. Network Agent no longer stops running unexpectedly. (v7.1 Hotfix 32)
*
Network Agent can be configured to ignore traffic on specified ports. This prevents HTTPS traffic from being logged twice when Network Agent runs in conjunction with Content Gateway. Note that with the original hotfix, the configuration required setting an INI file parameter; in this version, the configuration is performed in TRITON - Web Security. (v7.0.1 Hotfix 13, 26, 29)
*
A new natuning.ini file parameter (ShowNICsIP) makes it possible to configure whether or not Network Agent shows the IP addresses of its network interfaces in TRITON - Web Security. (v7.0.1 Hotfix 13, 26, 29)
*
Filtering Service and Network Agent now always use the communication ports specified in the websense.ini file. This addresses a problem that prevented TRITON - Web Security Toolbox features from functioning properly. (v7.0 Hotfix 19, 20, 28, 34, v7.0.1 Hotfix 04, 13, 26, 29)
Remote Filtering
*
Two new securewispproxy.ini file parameters (FilterFTP and FilterHTTPS) make it possible to selectively enable or disable HTTPS (port 443) and FTP (port 21) filtering by Remote Filtering Client. (v7.0 Hotfix 24, v7.1 Hotfix 25)
*
A problem that caused Remote Filtering Client to fail to apply quota time, or to apply quota time incorrectly, to users whose machine had a wireless aircard has been corrected. (v6.3.2 Hotfix 40, 62, 64)
*
Machines that have Remote Filtering Client installed can now access the Web page for Live Search Cashback (a feature of MSN Live Search). (v6.3.2 Hotfix 47, 62, 64)
*
Remote Filtering Client machines can now access application services that use the same IP address as Remote Filtering Server. (v6.3.2 Hotfix 33, 40, 47, 62, 64).
*
Users can now add attachments to Microsoft Outlook messages on Remote Filtering Client machines. (v6.3.2 Hotfix 06, 33, 40, 47, 62, 64)
*
Users can now compile .java files using IBM RAD on Remote Filtering Client machines. (v6.3.2 Hotfix 06, 33, 40, 47, 62, 64)
*
Users can now log on to Windows Vista machines with Remote Filtering Client installed. (v6.3.2 Hotfix 06, 33, 40, 47, 62, 64)
*
The Remote Filtering Client installer now supports upgrade. It is no longer necessary to uninstall the existing version before installing a new version. (v6.3.2 Hotfix 06, 33, 40, 47, 62, 64)
*
A problem that made it possible to rename or delete the wdc.exe file has been corrected to prevent users from bypassing remote filtering. (v6.3.2 Hotfix 64)
Integrations
*
When Websense software is integrated with a Citrix product, administrators can now control whether end users who access HTTPS Web pages see a pop-up message when any part of the page is blocked by SSL protocol blocking. Four new wscitrix.ini file parameters you to specify whether a protocol pop-up message is to be displayed when the SSL or FTP protocol is blocked, and to set the minimum time interval between two sequential pop-up messages. (v7.0.1 Hotfix 18)
*
When Websense software is integrated with a Squid proxy, when the Filtering Service machine is shut down, client browser access no longer slows down or times out. (v7.0 Hotfix 25)
*
When a Citrix user is prompted for manual authentication, the information the user provides, rather than Citrix session information, is logged. (EI 4306, 4501)
*
The plug-in used when Websense software is integrated with Microsoft ISA Server has been updated to use the Windows API instead of ISAPI for memory allocation, preventing a problem that sometimes caused ISA Server to shut down with an out-of-memory error. (v7.1 Hotfix 44)
Diagnostics
*
The WISP trace (used by Websense Technical Support for diagnostic purposes) can now decode the WISP messages Dynamic HTTP Lookup Request and Dynamic HTTP Lookup and Log Request. (v7.0 Hotfix 34, v7.0.1 Hotfix 62)
*
The WebsensePing and TestLogServer tools now show custom URLs as recategorized. (v7.0 Hotfix 03, 20, 28, 34, v7.0.1 Hotfix 04, 13, 26, 29)
General
*
Websense daemons no longer deadlock when signaled with SIGTERM for graceful shutdown (kill pid). (v7.0 Hotfix 15, 20, 28, 34, v7.0.1 Hotfix 04, 13, 26, 20)
*
Attempts to stop Websense services now succeed as expected. (v7.0 Hotfix 20, 28, 34)

Quick Links




Go to the table of contents Go to the previous page Go to the next page
v7.5 Release Notes for Websense Web Security : Fixed in this version
(c) 2010 Websense, Inc. All Rights Reserved.