search

VMware VCENTER APPLICATION DISCOVERY MANAGER 6.0 Manuel d'utilisateur Page 2

  • Télécharger
  • Ajouter à mon manuel
  • Imprimer
  • Page
    / 7
  • Table des matières
  • MARQUE LIVRES
    • Noté. / 5. Basé sur avis des utilisateurs
Vue de la page 1
What’s New in PAN-OS 6.0
© 2014 Palo Alto Networks (PAN-OS 6.0) Page 2
URL Filtering Search Engine Cached Site Support—URL filtering policies will be applied when end-users attempt to
view the Google and Internet Archive cached copies of websites.
URL Filtering Translation Site Filtering Support—URL filtering policies will be applied to any URLs that are entered
into translation sites such as Google Translate. This will ensure that website translation tools are not used to bypass
URL filtering policies.
URL Filtering Safe Search Enforcement—This feature prevents users who are searching the Internet using one of the
top three search providers—Google, Bing, or Yahoo—from viewing the search results unless the strictest safe search
option is set in their browsers for these search engines. If the strictest safe search option is not set in the browser, users
will see a block page instructing them on how to set the option for the given search provider.
Extended Packet Capture—Enables the firewall to capture from 1 to 50 packets for anti- spyware and vulnerability
protection profiles for rules and exceptions defined in the profile. The extended capture provides more context when
analyzing threat logs.
Application Identification Features
Support for Hardware Security Modules—Certificate signing functions for SSL forward proxy, SSL inbound
inspection, and the master key storage functions can now be offloaded to a dedicated Hardware Security Module (HSM)
for enhanced key management security. HSM support is generally required when FIPS 140-2 Level 3 protection for CA
keys is required.
o HSMs supported: SafeNet Luna SA and Thales Nshield Connect.
o Platforms supported: PA-3000 Series, PA-4000 Series, PA-5000 Series firewalls, VM-Series, and on the M-
100 appliance.
TLS 1.2 Decryption—The ability to decrypt inbound sessions and forward proxy sessions that negotiate with TLS 1.2 is
now supported.
Option to Disable SIP ALG—By default, a Session Initiation Protocol (SIP) Application- level gateway (ALG) performs
NAT on the payload and opens dynamic pinholes for media ports. However, some SIP endpoints have NAT intelligence
embedded in their clients. Because the firewall must not modify the signaling sessions in this case, you can now disable
the SIP ALG functionality depending on the SIP applications in use in your environment. When SIP ALG is disabled, if
App-ID determines that a session is SIP, the payload is not translated and open dynamic pinholes are not opened.
User Identification Features
User-ID Integration with Syslog—The Syslog Listener will listen for syslog messages from non-standard user
authentication services (Proxies, NAC, Wireless Controllers) so that the User-ID Windows agent or the agentless user
mapping feature on the firewall can extract the authentication events from the log. Syslog filters that you define allow
User-ID to parse the messages and extract the IP addresses and usernames of users who successfully authenticated to
the external service and add the information to the IP address to username mappings it maintains.
o Syslog Listener natively supports BlueCoat Proxy, Citrix Access Gateway, Aerohive AP, Cisco ASA, Juniper
SA Net Connect, and the Juniper Infranet Controller.
Terminal Services API—The User-ID XML API has been extended to enable you to create scripts that allow for the
same type of IP address to username mappings on non-Windows based terminal services. Specifically, the existing
XML API calls that notify the firewall of IP address to username mappings have been extended to facilitate multi-user
host logon and logoff by including port mappings in addition to IP addresses.
Increased User-ID Active Users Limit—The User-ID active user limit has been increased on the high-end firewall
platforms, based on the memory capacity of the individual platforms. The following table summarizes the User-ID active
limits on all Palo Alto Networks next-generation firewall platforms:
Firewall Platform Use
r
-ID Active User Limit
PA-5060 256,000
PA-5050 and PA-5020 128,000
PA-4000 Series, PA-3000 Series,PA-2000 Series, PA-500, and PA-200 64,000
Vue de la page 1
1 2 3 4 5 6 7

Commentaires sur ces manuels

Pas de commentaire
Produits connexes et manuels pour Passerelles/contrôleurs VMware VCENTER APPLICATION DISCOVERY MANAGER 6.0
Passerelles/contrôleurs VMware VIEW 4.5 Manuel d'utilisateur   (14 pages)
  • Ratiotec EMPYRE ELITE Church Organ World WiMo Aptech
  • COOLPIX by Nikon Caméscopes ProScan Non Sanitaire Machine à plancher Actron Outils de jardin Dymo Cartouches d'encre
  • Oregon Scientific WMR90A Dell 14 Sony CA-DW50 Jvc RX-5040B Sony ICD-P320
  • RAM 2013 3500 Manuel de l'utilisateur Samsung B2030HD Manuel de l'utilisateur Philips 231P4QUPES/00 Manuel de l'utilisateur Samsung CM1099 Manuel Bosch AN traffic 4000 IR Manuel de l'utilisateur