Overview

This article describes the Release Notes for ExOS 7.4.2.

 

Information

Version 7.4.2 introduces a mechanism that better handles Distributed Denial of Service Attack (DDoS) attacks coming from the Wide Area Network (WAN) or malicious software, preventing the appliance from consuming too much memory. In consequence, the TCP Health report has eliminated the Ignored Connections count. Nevertheless, Ignored Connections for real-time traffic is still available.

Supported upgrade versions:

• 7.0.0, 7.0.1, 7.0.1u1, 7.0.2, 7.0.2u1, 7.0.3, 7.0.3u1 and 7.4.1
• 6.4.6, 6.4.7 

Upgrade Path:

• The supported upgrade path from 6.x is to upgrade to 6.4.3 or later first. Then upgrade to 7.0.0.
• The upgrade from 6.4.3 may take longer than normal due to the database upgrade that takes place.
• Version 7.x will only accelerate with peers running 6.4.3 and later due to a change to the Exinda internal protocols. If you are installing v7.x into an x800 estate, the best approach is to upgrade your core box to 6.4.3 and then install v7 on one or more branch offices.
• This allows all the existing appliances to accelerate to the core appliance and allows the v7 appliance(s) to accelerate to the core box running 6.4.3
• This version was released with a new set of virtual images that are running 7.4.1 by default. If your environment already contains configured virtual machines running an older version, please upgrade to 6.4.3 first and follow the upgrade path above described.

Platforms:

• 2061, 3062, 4010, 4061, 4062, 6060, 6062, 8060, 8062, 10060, 10062, 10063, 12063, Virtual 

Link to download the software image

• Download Link
• MD5: 775b8699550478693092aed3251a76e7
• File size: 665,594,428 bytes  

Major New Features:

• Exinda has released a new set of physical appliances for Data Centers, and they require ExOS 7.4.2 as a minimum code level:
  
  
  • Exinda 10063: Recommended for large Data Centers, it can handle up to 10Gbps of traffic for Diagnostics and Shaping and up to 400Mbps for Acceleration.
  • Exinda 12063: Our largest physical appliance to date, it can handle up to 15Gbps of Diagnostics and Shaping operations and up to 2Gbps of Acceleration operations.
    

• New L7 Signatures:
  
  
  • GitHub
  • Slacker      
  • HamiVideo      
  • Niconico       
  • Alipay    
  • Ustream       
  • Guild Wars 2       
  • Trendmicro Worry-Free      
  • Zalo  
  • NTT Docomo 
  • Softbank     
  • Microsoft Windows Update subtype for OS Update Classification
  • RTCP dissector     
  • Wikipedia      
  • Uber

• Improved L7 Signatures
  
  
  • BitTorrent  
  • Amazon Cloud
  • Netflix
  • OS Update
  • Funsion
  • MPlus
  • Oscar
  • Telegram
  • Spotify
  • QQ
  • SMTP midstream
  • Mig33
  • MagicJack
  • Syslog TCP
  • SIP

 

Bug Fixes and Minor Improvements:

Defect ID	Description
D-04410	Solved a classification issue where Proxy traffic is diagnosed as BitTorrent.
D-03452	Fixed an issue where DDoS attacks coming to the network severely affect Exinda's memory utilization.
D-05106	Solved an issue where the appliance was not processing, hence, dropping Kerberos authentication packets.
D-05125	Fixed a classification issue where Netflix was being misclassified as HTTPS
D-05137	Solved an issue where Exinda was dropping certain OpenVPN packets when these are being transmitted on a Generic Routing Encapsulation (GRE) tunnel with IP packets that have been previously fragmented.
D-05104	Fixed a report representation issue where traffic falling under the default Auto Catch-All policy was not being reported on the Control graphs.

 

Known Issues:

Defect ID	Description
D-04189	In certain scenarios, accelerating SMB (Simple Message Block) connections can result in slow file transfers.
D-03974	The Edge Cache process can trigger a condition that makes it reboot.
D-02086	Acceleration is not supported between sites that are separated by a firewall or a router that is performing NAT (Network Address Translation) overload.
D-04861	Users are not able to access the WebUI with a username that starts with a zero '0.'
B-06114	The inbound QoS (quality of service) for HTTP traffic hitting the Edge Cache engine can only be controlled by the policy set for the web application group or the HTTP application object.
D-04963	Users with monitor-only capabilities can start/stop the optimizer.
D-06081	Some CA (Certificate Authorities) certificates are displayed as Expired under Configuration > System > Certificates > CA Certificates. This, however, will not affect the appliance performance.
B-06115	APS values are normalized to 1024-bit of packet-size, so applications using very small-size packets like Citrix and RDP (Remote Desktop Protocol) are not recommended to be measured using our APS feature, as the values will be much higher than the real ones.
D-04111	The Edge Cache does not work for YouTube in Google Chrome browser. Workaround: Add --use-spdy=off --use-system-ssl to Chrome shortcut. For example: \Program Files (x86)\Google\Chrome\Application\chrome.exe --use-spdy=off --use-system-ssl. Refer to Adding Shortcuts Using Group Policy Preferences for more information on adding shortcuts using Group Policy.