DescriptionThis release includes all changes from releases up to and including these update releases: 6.3.13, 6.4.1 Update 1, 6.4.2 Update 3, 6.4.3 Update 10, 6.4.4, and 6.4.5 Update 1
Platforms: 2061, 4010, 4061, 6060, 6062, 8060, 8062, 10060, 10062, Virtual
Supported upgrade versions: 6.4.3, 6.4.4, 6.4.5, 6.4.6 and 7.0.x
Link to download the update:
If you are running a version prior to 7.0.1 use this link:
If you are running version 7.0.1 or later, you can use this link:
Note: if the installation of a v2 image appears to fail, please check the logs. It might be that your system only supports v1 images. This will be evident by the presence of the following log messages in the system log:
[writeimage.ERR]: *** Target root partition size is < 1.5G, only v1 images are supported
mgmtd: [mgmtd.WARNING]: Exit with code 2 from writeimage.sh
mgmtd: [mgmtd.WARNING]: Image installation failure: *** Target root partition size is < 1.5G, only v1 images are supported#012
Notices: If you are upgrading to ExOS 7.0 from ExOS 5.x or earlier:
This upgrade is not supported. Please upgrade to ExOS 6.3 first.
New images for the Virtual appliances are not available. To install a new virtual appliance running 7.0.2, please first install 6.3.0 and upgrade to 7.0.2.
HTTPS caching for Edge Cache (B-04349)
Edge Cache now supports HTTPS sites allowing the appliance to be a forward proxy and decrypt content for caching. This is important as more and more applications and services are moving to the cloud. These SaaS- based applications are typically delivered over HTTPS and so to be effective, Edge Cache must support this HTTPS traffic. Sites to be cached can be specified as a white list of specific sites to cache, such as youtube.com, or as a black list of sites to not cache. You can choose which ever approach works best for your environment. There is some important information in the user manual about the handling of the certificates that are needed to make this a seamless experience for your network users.
Updated Layer 7 Signatures (B-04397)
MS Exchange including subtype Outlook Web Access
Adobe Creativ Cloud
Improved detection for the browser and iOS
Added subtype ???encrypted??ª to include encrypted traffic
Improved detection for the browser and iPad
Added new PPLive subtypes 'generic' and 'video'
Add renren detection over FTP
Added subtype for MPlusMPlus
Improved detection for newer clients
Improved detection for the Mac and mobile applications
Improved detection for Flash traffic
Added file-transfer subtype
patterns to improve detection results
Bug fixes and minor improvements:
[B-03494] - Fixes a bug with 'Periodic' scheduled reports (reported by Baiada)
[D-03178] Fixed an issue where the system would restart unexpectedly when in a cluster doing acceleration.
[D-03298] Fixed an issue that prevented SMB pre-population from working. With 6.4.5 and 7.0.1 the SMB pre-population jobs were failing.
[D-03451] Fixed an issue with acceleration where UDP packets that were VLAN tagged and needed to be fragmented were being sent corrupted.
[D-03590] Fixed a cross site scripting vulnerability CVE-2014-7157, CVE-2014-7158
[D-03571] Patched the version of BASH used within the product to fix the vulnerability for ShellShock. CESA-2014:1306, CVE-2104-6271, CVE-2014-7169. See this note on our support forum about our not being susceptible: https://support.exinda.com/#Topic/55562000000817011
[D-02199] When an acceleration HA cluster is configured and the traffic being accelerated is located on a VLAN and has a VLAN tag, the traffic will not flow through the HA cluster properly. This issue is currently being investigated and a fix is expected soon.
[D-01777] snmp: after a period of repeatedly querying the following sensors, the WUI will appear to be locked up and various processes within the appliance will crash. This will eventually repair itself. system health/cpu alarm, system health/disk alarm, system health/ram alarm, system health/nic alarm. The work around is to not query these SNMP values.
[D-01921] Under some circumstances Microsoft Lync traffic will be classified as MSN traffic.