Last Revision:
August 15, 2022
These notes are additional to the WebMarshal User Guide and supersede information supplied in that Guide.
The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21182.
New Features
System Requirements
Upgrade Instructions
Uninstalling
Release History
For more information about additional minor features and bug fixes, see the release history.
To review earlier feature enhancement history, see the release notes for earlier WebMarshal versions, available through the Trustwave Knowledge Base.
Hardware required is dependent on the number of concurrent web users and the rules in use. Use of Filtering Lists improves performance. Heavy use of TextCensor decreases performance. Be prepared to adjust specification as required.
Typically a computer with the following specifications is adequate as a processing server for 250-500 concurrent users.
WebMarshal Array Manager, processing servers, and Console require the following software:
Note: Install Windows using the English language version.
Upgrade from 7.X is a standard in-place upgrade. Upgrade/migration from 6.X uninstalls the 32-bit software and installs the 64-bit software.
To upgrade from a WebMarshal 6.11 or later release, run the product installer on each server where WebMarshal components are installed (including the Array Manager, and any additional processing node servers and Console installations).
To upgrade from versions prior to 6.11, you must first upgrade to at least 6.11.0.
If you are logging data to a SQL database, the database must be upgraded. If necessary, the installer will prompt for credentials of a database user with permission to upgrade the database (database owner privilege). If the database is not upgraded, database logging will be disabled until you upgrade the database and re-enable logging. For more information and instructions, see Trustwave Knowledge Base article Q12030.
See the upgrade notes below for version-specific information. For upgrade notes relating to versions prior to 6.11, please see earlier Release Note documents available through the Trustwave Knowledge Base.
For upgrade notes relating to versions prior to 7.4, please see earlier Release Note documents available on the Trustwave website.
WebMarshal can be installed in a variety of scenarios. For full information on uninstalling WebMarshal from a production environment, see the WebMarshal User Guide.
To uninstall a trial installation on a single computer:
The following additional items have been changed or updated in the specific build versions of WebMarshal listed.
| WM-5727 | The Microsoft Office 365 endpoints list is automatically retrieved by WebMarshal and available for use in FileFilter and the Proxy Bypass List. |
| WM-5734 | Administrative notification emails now show the name of the node where the issue was reported. |
| WM-5735 | A new advanced setting allows dynamic update of the IP Group membership of a computer. See Trustwave Knowledge Base article Q21186. |
| WM-5739 | The default value for MaxRuleThreads (filter threads from Proxy to Engine) is reduced to 50. This setting enhances performance by reducing congestion in the Engine. |
| WM-5741 | WebMarshal can now be configured to authenticate and log requests using the IP address presented in the X-Forwarded-For header. |
| WM-5743 | For the avoidance of doubt, Windows authentication used by WebMarshal is no longer referred to as "NTLM". WebMarshal uses the "Negotiate" method and Kerberos is the preferred option. This is a wording change only. The functionality was already present. |
| WM-5748 | Categories deprecated in the Web Filter Database are no longer inserted in new installations. On upgraded installations these categories are renamed, but must be removed manually. See Trustwave Knowledge Base article Q21089. |
| WM-5777 | The Customer Feedback Module (anonymized browsing data) has been disabled. |
| WM-5784 | Visual C++ 2010 is no longer required or installed. |
| WM-5786 | The TextCensor2 DLL and dependencies now use the current version of Visual C++. |
| WM-5789 | The Engine service could hang in certain circumstances due to a resource deadlock. Fixed. |
| WM-5791 | In-memory caching of CRLs by the Proxy is more efficient. |
| WM-5793 | The version of the TLS/SSL library included in the install is updated. |
| WM-5794 | The version of the web access library included in the install is updated. |
| WM-5796 | The version of the archive unpacker included in the install is updated. |
| WM-5797 | The version of the PDF unpacking library included in the install is updated. |
| WM-5798 | The version of Visual C++ included in the install is updated. |
| WM-5799 | The version of Brotli compression support is upgraded. |
| WM-5344 | The Remote Console (ClickOnce) did not work on client systems with UAC enabled. Fixed. |
| WM-5510 | In release 7.2.0 and above, IP authentication did not work under HTTPS for entries manually created by computer name. Fixed. |
| WM-5542 | Blocked Upload requests were not logged. Fixed. |
| WM-5676 | Brotli compression is supported. |
| WM-5677 | Header Matching and comparison are supported as rule conditions. |
| WM-5683 | Configuration was committed each time the WebMarshal Console was opened. Fixed. |
| WM-5685 | WebMarshal did not correctly validate a HTTPS certificate chain when the original root certificate was expired but another valid chain existed. Fixed. |
| WM-5686 | The policy tester did not work for uploads. Fixed. |
| WM-5703 | A possible memory leak related to certificate handling was identified. Fixed. |
| WM-5704 | When no trusted certificate chain was available, the WebMarshal block page was not served. Fixed. |
| WM-5705 | Ajax requests with very large content in response headers failed. This issue is addressed with an increase in default permitted header size and ability to set allowed header size over all components. |
| WM-5715 | Validation of certificate chains is improved using additional TLS/SSL functionality. |
| WM-5602 | The version of the PDF unpacking library included in the install is updated. |
| WM-5635 | The Google Safe Browsing Scan Engine plug-in is removed. The Google Web Risk Scan-Engine plug-in is added. |
| WM-5499 | In earlier 7.X releases, console connections required the permission "Modify Policy". Fixed: the minimum permissions required are "Console Connect" and "View Policy" |
| WM-5522 | In earlier 7.X releases, adding many URLs to a category concurrently could cause the Controller service to stop. Fixed. |
| WM-5538 | Where no virus scanners were present, the Engine could fail to start due to an uninitialized value. Fixed. |
| WM-5511 | In release 7.3.1 when upgraded from a previous version, the Engine could encounter failures in the Scan Engine plugins. Fixed. |
| WM-5518 | Traffic Logging now includes the IP address of the remote server or chained proxy (in WELF format, "dst="; in W3C format, "r-ip"). |
| WM-5519 | On a very busy processing system, random file generation for temporary files could fail. Fixed: more attempts and a longer file name format are used. |
| WM-5500 | Filtering performance and scalability is significantly improved with an update to the Controller and new default settings. |
| WM-5477 | WebMarshal supports TLS 1.3. |
Note: To review change history for earlier versions, please see the Release Notes for the specific version of WebMarshal. All Release Notes are available through the Trustwave Knowledge Base.
Copyright © 2022 Trustwave Holdings, Inc.
All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. While every precaution has been taken in the preparation of this document, Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
While the authors have used their best efforts in preparing this document, they make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.
Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.