Overview
This article provides the essential details about the release of 7.0.2 version release.
Environment
This release includes all changes from versions up to and including these update releases: 6.3.13, 6.4.1 Update 1, 6.4.2 Update 3, 6.4.3 Update 10, 6.4.4, and 6.4.5 Update 1.
Platforms: 2061, 4010, 4061, 6060, 6062, 8060, 8062, 10060, 10062, Virtual.
Supported upgrade versions: 6.4.3, 6.4.4, 6.4.5, 6.4.6 and 7.0.x
Information
Update Download Sources
- If you are running a version prior to 7.0.1 use the image file exinda-v7.0.2-3073-x86_64.img
MD5: 4bd9ce01b20a0f6b837702b3825509cf
Size: 629,166,141 - If you are running version 7.0.1 or later, you can use the image file exinda-v7.0.2-3073-x86_64.v2.img
MD5: 8de70b01b33e6708eefc4818f605d50e
Size: 404,347,027
Note: if the installation of a v2 image appears to fail, please check the logs. It might be that your system only supports v1 images. This will be evident by the presence of the following log messages in the system log:
[writeimage.ERR]: *** Target root partition size is < 1.5G, only v1 images are supported
mgmtd[2163]: [mgmtd.WARNING]: Exit with code 2 from writeimage.sh
mgmtd[2163]: [mgmtd.WARNING]: Image installation failure: *** Target root partition size is < 1.5G, only v1 images are supported#012
Notices: If you are upgrading to ExOS 7.0 from ExOS 5.x or earlier:
This upgrade is not supported. Please upgrade to ExOS 6.3 first.
New images for the Virtual appliances are not available. To install a new virtual appliance running 7.0.2, please first install 6.3.0 and upgrade to 7.0.2.
Major Features
HTTPS caching for Edge Cache (B-04349)
Edge Cache now supports HTTPS sites allowing the appliance to be a forward proxy and decrypt content for caching. This is important as more and more applications and services are moving to the cloud. These SaaS-based applications are typically delivered over HTTPS and so to be effective, Edge Cache must support this HTTPS traffic. Sites to be cached can be specified as a white list of specific sites to cache, such as youtube.com, or as a blacklist of places not to cache. You can choose whichever approach works best for your environment. There is some vital information in the user manual about the handling of the certificates that are needed to make this a seamless experience for your network users. For more details; please be sure to read our Exinda Users Manual.
Updated Layer 7 Signatures (B-04397)
New Applications
- MS Exchange including subtype Outlook Web Access
- Doook
- vBulletin
Improved Signatures
- Adobe Creative Cloud
- BitTorrent
- eDonkey
- Flickr
- GoToMeeting
- HTTP
- IAX
- IMO
- iPlayer
- Improved detection for the browser and iOS
- iTunes
- Jabber
- Added subtype encrypted to include encrypted traffic
- L2TP
- LoveFilm
- Improved detection for the browser and iPad
- Oscar
- Paltalk
- PPLive
- Added new PPLive subtypes 'generic' and 'video'
- PPStream
- Renren
- Add renren detection over FTP
- RTCP
- RTSP
- Scydo
- SIP
- Added subtype for MPlusMPlus
- Improved detection for newer clients
- SIP
- Skype
- SPDY
- Spotify
- SSTP
- Teredo
- Thunder
- Improved detection for the Mac and mobile applications
- Tumblr
- Ultrasurf
- VeohTV
- Improved detection for Flash traffic
- Viber
- Added file-transfer subtype
- Viber
- Patterns to improve detection results
- YouTube
Bug Fixes and Minor Improvements
- [B-03494] - Fixes a bug with 'Periodic' scheduled reports (reported by Baiada).
- [D-03178] Fixed an issue where the system would restart unexpectedly when in a cluster doing acceleration.
- [D-03298] Fixed an issue that prevented SMB pre-population from working. With 6.4.5 and 7.0.1 the SMB pre-population jobs were failing.
- [D-03451] Fixed an issue with acceleration where UDP packets that were VLAN tagged and needed to be fragmented were being sent corrupted.
- [D-03590] Fixed a cross site scripting vulnerability CVE-2014-7157, CVE-2014-7158.
- [D-03571] Patched the version of BASH used within the product to fix the vulnerability for ShellShock. CESA-2014:1306, CVE-2104-6271, CVE-2014-7169.
Known Issues
- [D-02199] When an acceleration HA cluster is configured and the traffic being accelerated is located on a VLAN and has a VLAN tag, the traffic will not flow through the HA cluster properly. This issue is currently being investigated and a fix is expected soon.
- [D-01777] snmp: after a period of repeatedly querying the following sensors, the WUI will appear to be locked up and various processes within the appliance will crash. This will eventually repair itself. system health/cpu alarm, system health/disk alarm, system health/ram alarm, system health/nic alarm. The work around is to not query these SNMP values.
- [D-01921] Under some circumstances Microsoft Lync traffic will be classified as MSN traffic.