WebMarshal

Version: 6.0.3a, Last Revision: March 13, 2008

These notes are additional to the WebMarshal User Guide and supersede information supplied in that Guide.

The information in this document is current as of the date of publication. To check for any later information, please see Marshal Knowledge Base article Q11840.

Table of Contents

What's New
Upgrading WebMarshal
Uninstalling

Hardware and Software Requirements

Change History

 

What's New

For more information about additional minor features and bug fixes, see the change history.

Features New in 6.0.3

Disk Space Checking
WebMarshal Proxy now checks free disk space and refuses requests if space is low. The minimum required is 512MB by default. The warning level is 1.5GB. For details, see Marshal Knowledge Base article Q11896.
Sophos for Marshal Support
Marshal now provides an integrated package (updater and scanner) using the Sophos Anti-virus engine. You can download Sophos for Marshal from the Marshal website. Version 6.0.3 and above trial keys enable this component. If you want to try Sophos for Marshal and you already have a permanent WebMarshal key, please contact Marshal to obtain a special time-limited key.

Features New in Release 6.0

Array Support
WebMarshal 6.0 is more scalable and now supports centrally managed arrays.
Server Groups
Rules and configuration settings can be applied to groups of processing servers.
Database Outage Resilience
WebMarshal will continue processing user requests even if the database goes offline. The database is not used to store configuration. Database log records are queued until the database comes back online.
Content Type Detection
WebMarshal can now block content based on the Content-Type header returned by websites. This means WebMarshal does not need to download a file to block it by type. This saves bandwidth usage.
Archive and Document File Unpacking
WebMarshal recursively unpacks archive and document file types and applies content rules to the contained files.
Active Directory Connectors
WebMarshal can now import users and groups using native Active Directory Connectors. WebMarshal can import from the local AD domain and trusted domains.
Policy Connectors
The structure of WebMarshal rules has been improved to allow for nested policy containers. This allows for clearer more intuitive policy layout and additional flexibility.
Additional Access Control
WebMarshal now allows different levels of access to Console items and the Array Manager. Access can be granted to helpdesk staff.
Streamlined User Interface
WebMarshal now has an updated configuration console, designed to make administration tasks easier and more intuitive, including an improved policy tester.
Text Logging
WebMarshal services log functional and error information to text log files.
Revert Configuration
You can re-set any configuration changes that have been made in the Console and not yet committed.

Features of previous versions that are not included in the initial 6.0 release

ISA Plug-in Support
 Plug-in (WebFilter API) installation to ISA is not supported in this release. Same-server chained installation is supported.
Feedback
URL Aggregator feedback to Marshal is not implemented.
Rule Action 'Send Net Popup'
This action has been removed.

 

Features New in Release 3.7.5

Marshal URL Filtering List
WebMarshal now offers a new URL Categorization list with automatic updating, over 60 million web sites and 55 categories. WebMarshal trials include this list; full licenses are available through Marshal.

Features New in Release 3.7.4

Malware Scanner Selection:
WebMarshal now provides greater flexibility in Malware scanner usage.
Client Authentication Pass-Through
WebMarshal can use the client's credentials when requesting files from an upstream proxy (basic authentication only). This allows client information to be logged at the upstream proxy.
WELF Logging
WebMarshal can now create web activity logs in WebTrends Extended Logging Format (WELF) for use with Marshal Security Reporting Center.
Feedback
WebMarshal can now send summarized feedback information about browsing to Marshal for use in product improvement. To participate, see the Feedback tab of Server Properties.

Features New in WebMarshal 2006

Multiple Filtering Lists:
WebMarshal can now use URL categories provided by multiple filtering lists.
Malicious Content Scanner Support:
WebMarshal can now scan files for spyware and other malicious content (in addition to viruses).
HTTP/1.1 Support:
WebMarshal now supports use of the “HTTP/1.1 through proxy” setting in Web browsers. This support is available by default and no configuration is required.
New Main taskpad:
Taskpad view now includes an introductory taskpad providing access to the main features of the Console.

Note: WebMarshal 2006 does not support the N2H2 filtering list.

Features New in 3.5.4

Secure Computing URL Filtering List Integration

Added support for Secure Computing SmartFilter third-party filtering List (formerly N2H2 filtering list).

Features New in 3.5.3

Scan Text Downloads for Embedded Viruses

WebMarshal can detect viruses embedded in downloaded text files, such as HTML code. You can configure WebMarshal to scan all downloaded text files before the files load on the client computer. Scanning downloaded files may impact the performance of the WebMarshal Engine.

To configure WebMarshal to scan downloaded text files:

  1. Start the WebMarshal console.
  2. In the left pane, select  WebMarshal.
  3. On the Action menu, click Properties.
  4. On the Download Options tab, select Scan all downloaded text files and HTML code for embedded viruses.
  5. Click OK.

Support for ISA Server 2004 and 2006

This version provides support for Microsoft Internet Security and Acceleration Server 2004 and 2006 (ISA Server). With these versions, you can deploy WebMarshal as a Web filter plug-in.

If you are upgrading to ISA Server 2004, you do not need to change your ISA Server configuration or permissions settings. The WebMarshal plug-in continues to run under the Local System account.

Support for Norman Virus Control 5.8

This version updates the Norman antivirus engine to support Norman Virus Control version 5.8 (SDK Interface 12).

Features New in 3.5

User Quota Management

ISA Proxy Integration Changes

User Interface and Other Changes

 

Features New in 3.0

URL Filtering List Integration

User Interface

Proxy Server

Other Changes

 

Upgrading WebMarshal

Due to the changes in policy structure and server communication in WebMarshal 6.0, you must install WebMarshal 6.0 as a new installation. Database and software upgrade from version 3.X or earlier versions is not supported. Upgrade from Beta releases of WebMarshal 6.0 is not supported.
Note: Previous version license keys are not valid for WebMarshal 6.0. You must obtain a new permanent key. When installed, WebMarshal generates a 30-day trial key.
 
You can install WebMarshal 6.0 side-by-side with WebMarshal 3.X on the same server. For details, please see Marshal Knowledge Base article Q11833.

Upgrading from 6.0.2 to 6.0.3

When you upgrade from release 6.0.2 to 6.0.3, be sure to upgrade any WebMarshal Console installations on other workstations. 6.0.2 Consoles do not work with 6.0.3 because the .NET remoting version has been changed.

Note: Marshal always recommends that upgrades should include all components.

Uninstalling

You can cleanly uninstall the program using the following steps:

  1. Close the WebMarshal applications including the Console and Reports on all workstations.
  2. On the WebMarshal server(s), use the Windows Add/Remove Programs control panel to remove WebMarshal.
  3. On any other workstations where WebMarshal components were installed, use the Windows Add/Remove Programs control panel to remove them. These components can include WebMarshal console software and WebMarshal Reports.
  4. You can drop the WebMarshal database from the SQL server by using the SQL Express administration tools.

 

Hardware and Software Requirements

Hardware required is dependent on the number of concurrent web users and the rules in use. Use of Filtering Lists improves performance. Heavy use of TextCensor decreases performance.

Typically a computer with the following specifications is adequate as a processing server for 250-500 concurrent users.

WebMarshal Array Manager and processing servers require the following software:

WebMarshal Console requires:

WebMarshal Reports require:

 

Change History

The following additional items have been changed or updated in the specific build versions of WebMarshal listed.

6.0.3a (March 13, 2008

WM-1803 Browsing performance has been increased by improving IP-to-host lookup times.

6.0.3 (December 06, 2007

WM-588 Filtering Lists can now be enabled and disabled.
WM-838 NTLM authentication prompts could recur randomly when using Firefox. Fixed.
WM-853 When an IP User Group was created, the Console did not request a commit configuration from the user. Fixed.
WM-864 WebMarshal did not correctly pass FTP credentials as encoded by some browsers. Fixed.
WM-1103 When viewing rules that apply to a user or server, you can now select from items explicitly defined on the object, or effective permissions.
WM-1126 The event log could display entries twice, when both the WebMarshal proxy and Array Manager were configured to run on the same machine. Fixed.
WM-1170 Email notification fields allowed user to enter invalid email addresses. Fixed.
WM-1243 File names containing spaces caused problems when performing a FTP LIST with some IIS servers. Fixed.
WM-1382 The lower pane of the active sessions window was not refreshing. Fixed.
WM-1441 File names containing '&' were not correctly logged. Fixed.
WM-1468 Selecting multiple Users in an imported User Group incorrectly caused a delete button to display (imported users cannot be deleted). Fixed.
WM-1472 Excel 2007 binary files can now be recognized and unpacked.
WM-1474 The Server Properties window sometimes truncated the time zone information. Fixed.
WM-1480 Moving the system time back could cause problems. The clock can now be moved back by up to a day without issues.
WM-1490 Console sorting by columns has been improved.
WM-1492 Days until WebMarshal license expires was reported differently by the Console and the email notification message sent. Fixed. 
WM-1494 'Exclude from reporting' did not work correctly for HTTPS sites in Content Analysis rules. Fixed.
WM-1496 When policy is printed, disabled rules now display in gray text.
WM-1507 In a multi-domain Active Directory environment, only one domain could be seen when browsing for users. Fixed.
WM-1510 'Exclude from reporting' did not prevent domain logging in certain cases. Fixed.
WM-1512 File classification is now available as a Standard Rule action.
WM-1517 The installation now includes a tool that can be used to gather information required by Marshal Technical Support. For details, see Marshal Knowledge Base article Q11886.
WM-1521 Active Directory would not import more than 1000 users. Fixed
WM-1522 Binding a proxy port to a specific IP address would cause the proxy service to stop on other processing servers in a multi node environment. Fixed.
WM-1528 When an category was added to the MarshalFilter database download, MarshalFilter would fail. Fixed.
WM-1533 Signed files were incorrectly detected as encrypted. Fixed.
WM-1539 Browsing as an IP user could add the IP address to two different IP groups. Fixed.
WM-1540 Users added to groups via overlapping IP address ranges are incorrectly being added to multiple groups. Fixed.
WM-1541 Unable to insert Users or Groups into a newly created Group due to the Group list not refreshing correctly. Fixed.
WM-1548 Unable to delete Users or Groups when entered into a Group due to the Group list not refreshing correctly. Fixed.
WM-1551 Errors from filtering lists are now logged in text logs.
WM-1556 IP-to-hostname lookups for client computers can cause delay when the processing server is in a DMZ. A configuration flag has been added to disable these lookups if necessary. See Marshal Knowledge Base article Q11895.
WM-1557 Requests that returned a HTTP 304 response could generate a TextCensor error. Fixed.
WM-1561 Importing large numbers of URL categories caused the Console to be unresponsive. Fixed.
WM-1571 Importing an Active Directory group now imports child groups recursively.
WM-1581 When URLs were deleted from a Category, the console did not request a commit configuration from the user. Fixed.
WM-1587 Some virus scanners did not correctly detect password protected archives as "unable to scan". Fixed: By default, WebMarshal instructs scanners to unpack archives. This behavior can be changed with a setting in WMEngine.config.xml.
WM-1617 Virus scanning only checked the top level attachment (not unpacked items). Fixed.
WM-1632 The default rules named 'Block-Archives' actually blocked executable files. Fixed for default rules. Existing installations are not changed on upgrade.
WM-1637 License key request could fail because the request did not correctly use the required proxy credentials. Fixed.

6.0.2.2867 (October 23, 2007)

WM-316 The Exclude from Reporting rule action now completely excludes the specific request that triggers it.
WM-318 All components support NTLM authentication to SQL Server.
WM-323 WebMarshal proxy could fail under certain conditions when using the Safari browser on a Macintosh. Fixed.
WM-461 Some sites with trailing periods caused the Sophos virus scanner to generate a 'file could not be opened' error when 'Scan all downloaded text files and html code' was selected. Fixed.
WM-489 Panda anti-virus software is no longer supported.
WM-542 WebMarshal 3.7 (and earlier) License Keys are not supported. You must obtain a new permanent key.
WM-575 WMF files were not properly detected. Fixed.
WM-595 WebMarshal services are automatically added for access through Windows Firewall if possible.
WM-599 See WM-316.
WM-619 The From address for administrative email notifications can be customized.
WM-1016 The number of dump files saved for each service is limited to the most recent 10.
WM-1072 The default domain setting for basic authentication is no longer required.

Copyright © Marshal Limited 2007