Last Revision:
October 10, 2023
These notes are additional to the WebMarshal User Guide and supersede information supplied in that Guide.
The information in this document is current as of the date of publication. To check for any later information, please see Trustwave Knowledge Base article Q21182.
New Features
System Requirements
Upgrade Instructions
Uninstalling
Release History
For more information about additional minor features and bug fixes, see the release history.
To review earlier feature enhancement history, see the release notes for earlier WebMarshal versions, available through the Trustwave Knowledge Base.
Hardware required is dependent on the number of concurrent web users and the rules in use. Use of Filtering Lists improves performance. Heavy use of TextCensor decreases performance. Be prepared to adjust specification as required.
Typically a computer with the following specifications is adequate as a processing server for 250-500 concurrent users.
WebMarshal Array Manager, processing servers, and Console require the following software:
Note: Install Windows using the English language version.
The minimum prior version supported for direct upgrade is 7.4.0. To upgrade from earlier versions, first upgrade to 7.4.0 or above. For details, see release notes for previous product releases.
If you are logging data to a SQL database, the database may require upgrade. If necessary, the installer will prompt for credentials of a database user with permission to upgrade the database (database owner privilege). If the database is not upgraded when required, database logging will be disabled until you upgrade the database and re-enable logging. For more information and instructions, see Trustwave Knowledge Base article Q12030.
See the upgrade notes below for version-specific information. For upgrade notes relating to versions prior to 7.4.0, please see earlier Release Note documents available through the Trustwave Knowledge Base.
For upgrade notes relating to versions prior to 7.4, please see earlier Release Note documents available on the Trustwave website.
WebMarshal can be installed in a variety of scenarios. For full information on uninstalling WebMarshal from a production environment, see the WebMarshal User Guide.
To uninstall a trial installation on a single computer:
The following additional items have been changed or updated in the specific build versions of WebMarshal listed.
WM-5213 | Proxy caching supports caching of HTTPS content by default. For details of the setting to disable caching of HTTPS content, see Trustwave Knowledge Base article Q21204. |
WM-5354 | The default SQL provider is updated to MSOLEDBSQL. |
WM-5537 | Proxying of M-JPEG content could result in unlimited growth of a temporary file. Fixed. |
WM-5715 | Validation of certificate chains is improved. |
WM-5823 | Proxy certificates generated by WebMarshal could have invalid dates if the remote website certificate was misconfigured. Fixed. |
WM-5824 | Proxying of RTSP over websocket content could result in unlimited growth of a temporary file. Fixed. |
WM-5826 | In release 7.5.0, messages generated by the "Send email to administrator" rule action were not sent. Fixed. |
WM-5827 | The TLS/SSL library is updated. |
WM-5830 | The Web Filter Database includes additional categories. |
WM-5848 | The PDF unpacking component is updated. |
WM-5851 | Kaspersky for Marshal is removed from the installer options. This module is no longer sold. Customers must migrate to other scanners before 31 December 2023. |
WM-5857 | Database connections support SQL Multi-Subnet Failover. For details of the required setting, see Trustwave Knowledge Base article Q21205. |
WM-5727 | The Microsoft Office 365 endpoints list is automatically retrieved by WebMarshal and available for use in FileFilter and the Proxy Bypass List. |
WM-5734 | Administrative notification emails now show the name of the node where the issue was reported. |
WM-5735 | A new advanced setting allows dynamic update of the IP Group membership of a computer. See Trustwave Knowledge Base article Q21186. |
WM-5739 | The default value for MaxRuleThreads (filter threads from Proxy to Engine) is reduced to 50. This setting enhances performance by reducing congestion in the Engine. |
WM-5741 | WebMarshal can now be configured to authenticate and log requests using the IP address presented in the X-Forwarded-For header. |
WM-5743 | For the avoidance of doubt, Windows authentication used by WebMarshal is no longer referred to as "NTLM". WebMarshal uses the "Negotiate" method and Kerberos is the preferred option. This is a wording change only. The functionality was already present. |
WM-5748 | Categories deprecated in the Web Filter Database are no longer inserted in new installations. On upgraded installations these categories are renamed, but must be removed manually. See Trustwave Knowledge Base article Q21089. |
WM-5777 | The Customer Feedback Module (anonymized browsing data) has been disabled. |
WM-5786 | The TextCensor2 DLL dependencies are updated to more recent versions. |
WM-5789 | The Engine service could hang in certain circumstances due to a resource deadlock. Fixed. |
WM-5791 | In-memory caching of CRLs by the Proxy is more efficient. |
WM-5793 | The TLS/SSL library is updated. |
WM-5794 | The web download automation component included in the install is updated. |
WM-5796 | The archive extraction component in the install is updated. |
WM-5797 | The PDF unpacking component is updated. |
WM-5799 | The version of Brotli compression support is upgraded. |
WM-5344 | The Remote Console (ClickOnce) did not work on client systems with UAC enabled. Fixed. |
WM-5510 | In release 7.2.0 and above, IP authentication did not work under HTTPS for entries manually created by computer name. Fixed. |
WM-5542 | Blocked Upload requests were not logged. Fixed. |
WM-5676 | Brotli compression is supported. |
WM-5677 | Header Matching and comparison are supported as rule conditions. |
WM-5683 | Configuration was committed each time the WebMarshal Console was opened. Fixed. |
WM-5685 | WebMarshal did not correctly validate a HTTPS certificate chain when the original root certificate was expired but another valid chain existed. Fixed. |
WM-5686 | The policy tester did not work for uploads. Fixed. |
WM-5703 | A possible memory leak related to certificate handling was identified. Fixed. |
WM-5704 | When no trusted certificate chain was available, the WebMarshal block page was not served. Fixed. |
WM-5705 | Ajax requests with very large content in response headers failed. This issue is addressed with an increase in default permitted header size and ability to set allowed header size over all components. |
WM-5715 | Validation of certificate chains is improved. |
WM-5602 | The PDF unpacking component is updated. |
WM-5635 | The Google Safe Browsing Scan Engine plug-in is removed. The Google Web Risk Scan-Engine plug-in is added. |
WM-5499 | In earlier 7.X releases, console connections required the permission "Modify Policy". Fixed: the minimum permissions required are "Console Connect" and "View Policy" |
WM-5522 | In earlier 7.X releases, adding many URLs to a category concurrently could cause the Controller service to stop. Fixed. |
WM-5538 | Where no virus scanners were present, the Engine could fail to start due to an uninitialized value. Fixed. |
Note: To review change history for earlier versions, please see the Release Notes for the specific version of WebMarshal. All Release Notes are available through the Trustwave Knowledge Base.
Copyright © 2023 Trustwave Holdings, Inc.
All rights reserved. This document is protected by copyright and any distribution, reproduction, copying, or decompilation is strictly prohibited without the prior written consent of Trustwave. No part of this document may be reproduced in any form or by any means without the prior written authorization of Trustwave. While every precaution has been taken in the preparation of this document, Trustwave assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
While the authors have used their best efforts in preparing this document, they make no representation or warranties with respect to the accuracy or completeness of the contents of this document and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the author nor Trustwave shall be liable for any loss of profit or any commercial damages, including but not limited to direct, indirect, special, incidental, consequential, or other damages.
Trustwave and the Trustwave logo are trademarks of Trustwave. Such trademarks shall not be used, copied, or disseminated in any manner without the prior written permission of Trustwave.
Trustwave helps businesses fight cybercrime, protect data and reduce security risk. With cloud and managed security services, integrated technologies and a team of security experts, ethical hackers and researchers, Trustwave enables businesses to transform the way they manage their information security and compliance programs. More than three million businesses are enrolled in the Trustwave TrustKeeper® cloud platform, through which Trustwave delivers automated, efficient and cost-effective threat, vulnerability and compliance management. Trustwave is headquartered in Chicago, with customers in 96 countries. For more information about Trustwave, visit https://www.trustwave.com.