Views:

Support for Smart Bypass and Trust Certificate Options in HTTPS Security Policy

When configuring HTTPS security policies, you can enable or disable Smart Bypass and Trust Certificate options.

  • Smart Bypass: If enabled and the gateway is unable to decrypt SSL traffic on the first visit, on subsequent visits, the gateway will bypass decryption.

  • Trust Certificate: If enabled, the Cloud Edge gateway automatically trusts invalid server certificates when connecting to secured websites.

Support for Predictive Machine Learning in Malware Security Policy

Starting with Cloud Edge 6.0 SP1, when configuring Malware security profiles, you can enable Predictive Machine Learning, which provides advanced scanning for web traffic.

  • A new message type, Web Predictive Machine Learning, is provided to track detections by the Predictive Machine Learning scan.

    This message type is displayed in the Top Threat Detections widget.

  • A new user notification, Web Predictive Machine Learning, is provided to send to users when malware is detected by the Predictive Machine Learning scan.

  • Two new reports are provided:

    • Top N User Detected by Web Predictive Machine Learning

    • Top N Group Detected by Web Predictive Machine Learning

  • The new message type in the security log will be included as a statistic in the following reports:

    • Malware Spyware Detection Trend

    • Top N Users Detected by Malware

    • Top N Groups Detected by Malware

    • Top N Infected Malware File Detections

    • Infected Malware File Detections by Date

Enhancements to Account Security

The following enhancements have been made to account security:

  • Account lock feature enhancement

    Currently, if a user tries to log in with the incorrect password three successive times within an hour, the user must enter Captcha code to ensure that a real person is attempting to log in.

    With the account lock feature enhancement, if a user tries to log in with the incorrect password ten successive times within four hours, the account will be locked for four hours. If the count of failed log-in attempts does not reach ten after four hours from the first failed attempt, the count will be reset to zero. Also, the count will be reset to zero with a successful log in.

  • Enhanced password change security

    Under the Accounts Management screen, you cannot edit the account of the logged in user. You must go to the Change User Profile screen to edit the logged in user's profile. In this screen, you must supply the current password before you can change the password.

  • Enhanced password policy

    The password must be at least 8 characters and must contain at least one uppercase letter, one lowercase letter, and one number, and can optionally contain special characters.

Support for Gateway HA Groups

You can configure two registered gateways as an HA Group to provide high availability access. If one gateway is down, then the other gateway will take over and ensure that the network traffic is not down. An HA Group can increase network traffic efficiency in addition to providing redundancy when a fatal error is encountered.

High Availability Status Widget

Adds the new widget High Availability Status to monitor status of HA Groups.

Parent topic: Introduction to Cloud Edge