SiteProtector SP8.1 Update - README ===================================================================== Last modified: November 11, 2010 Copyright © 1994-2010 Internet Security Systems, Inc. All rights reserved worldwide. PLEASE READ THIS DOCUMENT IN ITS ENTIRETY. ===================================================================== CONTENTS ===================================================================== - Description - Compatibility - Applying the Update - Getting the latest Documentation - Customer Support - Reporting product issues - Files included with The Update DESCRIPTION ===================================================================== This is a Cumulative SiteProtector Patch. Please see the list of issues covered below. Cumulative Patch -- 11/08/2010 ========================================= Issue ID 407203 --------------- When using two factor authentication in SiteProtector is it possible for the console to stop refreshing data correctly if left idle for a long period of time. This is caused by an expired token requesting a re-login, which fails due to an improper initialization. This update allows SiteProtector to correctly process the login after the console has gone idle for a long period of time. This also allows the login dialog to properly redisplay after the idle period has expired. NOTE: Although the fixes in the cumulative patch are normally included in the next release version, this fix is an exception to that rule due to the release schedule. If you need this fix, another cumulative patch will be released after the core xpu that also includes this fix. This note is not applicable to the below fixes. Cumulative Patch -- 09/27/2010 ========================================= Issue ID 407130 --------------- When applying xpu's on Chinese systems (Tradiditonal), the text describing the XPU is not readable. This is a cosmetic issue that does not impede functionality. This problem occurs due to the Chinese systems' inability to display italicized characters. The italics have be removed. Cumulative Patch -- 09/02/2010 ========================================= Issue ID 407104 --------------- When migrating a locally managed Proventia M to a repository you may encounter problems with the Proventia M not accepting the SSL VPN policy after migration. The Proventia M will go into an Active with Errors state even though the policy will otherwise look normal in the Policy Editor. This occurs because temporary variables are left in the SSL VPN policy after migration and normally removed upon the next edit of the policy, but the Proventia M does not correctly parse these temporary variables if it receives the migrated policy before it is edited. This update allows SiteProtector to perform the migration without leaving the temporary variables in the policy so the Proventia M will stay active even if there are no additional edits to the policy. Note: If you are migrating Proventia Ms to repository, it is recommended to also get the "Migrate to Repository SSL VPN Portal Resources Fix", Patch ID 1366. Cumulative Patch -- 08/16/2010 ========================================= Issue ID 405821 --------------- When attempting to use the Event Collector Failover scripts provided with SiteProtector SP7 - 8.1, users may experience a race condition between the SensorController and the EC Failover Scripts. This will cause the sensors to not get the proper EC assignment and go "Offline". This patch removes the race condition and allows proper EC assignment. Cumulative Patch -- 08/11/2010 ========================================= Issue ID 407102 --------------- When viewing events in the SiteProtector analysis view on a console with the timezone option set differently from the system clock, the view's time filters may not work as expected. This fix allows SiteProtector to correctly filter time based on the timezone set in the options of the console. Note: this does not affect the behavior of changing timezones in the options while in use. If you change the timezone option after connecting the console, please reconnect the console to ensure the option change is able to propogate. Cumulative Patch -- 07/30/2010 ========================================= Issue ID 407072 --------------- On sites that contain Central Response rules that were manually created without specifying a vulnerability status, you may see responses trigger on rules they were not meant to trigger on. This fix allows SiteProtector to correctly treat Central Response rules with no vulnerability status specified as an "any" vulnerability status filter. NOTE: Because a new policy will need to be pushed out AFTER the fix is applied, be sure to delete CAPolicy.xml from the PF\ISS\SiteProtector\Application Server\temp\CentralResponseServer directory OR temporarily make a minor change to the Central Response policy to trigger an automatic policy push after you have applied the fix. ========================================= To resolve this, follow the steps to replace files in the APPLYING THE UPDATE section carefully. Be sure to read any notes on individual fixes. MD5 for the files included in this update: - ff734111017cf24905dcb4bfb325d4bc Console\SiteProtector.jar - a2ac851bede939fcda8ef8fbeba353f7 Server\SiteProtector.jar Build Number: 2.8.1.236 COMPATIBILITY ===================================================================== This update is applicable only to: - SiteProtector 2.0 (SP8.1) APPLYING THE UPDATE ===================================================================== To apply the update: Step 1 - Close out all SiteProtector consoles. Step 2 - On the Application Servers, stop the three SiteProtector services: SiteProtector Application Server Service SiteProtector Sensor Controller Service SiteProtector Web Server Step 2 - Put the SiteProtector.jar file from the Console directory in the patch in the following location on all Consoles. Be sure to backup the original files first. \Program Files\ISS\SiteProtector\Console\bin\ Step 3 - Put the SiteProtector.jar file from the Server directory in the patch in the following locations on the Application Server. Be sure to backup the original files first. \Program Files\ISS\SiteProtector\Application Server\bin\ \Program Files\ISS\SiteProtector\Application Server\deployed-apps\iss\SiteProtector.ear\lib\ Step 4 - On the Application Server, start the three SiteProtector services back up: SiteProtector Application Server Service SiteProtector Sensor Controller Service SiteProtector Web Server Step 5 - If you are currently experiencing Central Responses triggering on rules they were not meant to trigger on (Issue ID 407072) you will need to delete the following file to force a new policy push and ensure the Event Collectors get the fixed policy: \Program Files\ISS\SiteProtector\Application Server\temp\CentralResponseServer\CAPolicy.xml If you feel the need to remove the patch at a later date, the original .jar files can be restored using the same process. GETTING THE LATEST DOCUMENTATION ===================================================================== For the latest SiteProtector Information: http://www.iss.net/support/documentation/docs.php?product=16&family=8 CONTACT IBM SUPPORT WORLDWIDE ===================================================================== Phone: Call IBM Support by selecting phone number from this location: http://www.ibm.com/planetwide/ When prompted for type of support, select option 2 for Software Support You will need to provide your IBM Customer Number (ICN). Electronically: Go to https://www.ibm.com/support/servicerequest and open a new Service Request. INFORMATION REQUIRED FOR REPORTING PRODUCT ISSUES ===================================================================== If you encounter a problem with this product, please make notes that are as detailed as possible about the following: - Component and Build versions - Specific failure symptoms or undesirable behavior This information helps us reproduce the problem and resolve it as quickly as possible. FILES INCLUDED ===================================================================== - Console\SiteProtector.jar - Server\SiteProtector.jar ===================================================================== =====================================================================