Share this article on:
have also been made to the administrative User Interface to make it more aesthetically pleasing.
Users will notice several changes to the layout of the administrative User Interface. The main navigation menu has been moved to the top of the page, and the menu system has been changed to allow users to view and navigate between all items in the section showing users exactly where they are in the product. In addition to making navigation easier, the changes will support future product updates.
Context-sensitive help is also displayed on the page, providing hints and tips while performing certain actions.
When viewing the filtering reporting sections, users will now be able to see the amount of time a user has spent browsing a particular domain.
Certificate management has been improved with the creation of a new certificate management page, making it easier for users to create, delete, import, and export certificates. Certificates are included for MITM for decrypting HTTPS sessions to enable content to be filtered, for user facing HTTPS services, and Global Proxy.
Establishing a single chain of trust on Smoothwall has been difficult as certificates were difficult to manage. In this version, Smoothwall has introduced the concept of a default Certificate Authority. Through the Certificate Management System, administrators can now set a Certificate Authority. This can be automatically generated or imported. Dynamic certificates can also be generated for all services to be trusted, with the certificates updated automatically as needed.
The automatically created CA means only one certificate needs to be exported for all clients to trust the Smoothwall. If a CA is imported from Active Directory, all clients that trust AD will trust the Smoothwall and no export will be necessary. If the hostname is changed, there will be no need to redistribute certificates.
Following update, all existing certificates will remain in place and no changes will be made. A new default CA will be created allowing customers to choose whether they want to move over to the new system.
The Edinburgh product update also sees IP spoofing made available in all Guardian authentication policies, which will expose the true client IP address. The option to enable spoofing is now shown for all authentication policies. With IP spoofing enabled, all traffic leaving the Guardian module contains the source IP address of the client attempting to connect to the Internet.
A disk space estimation is also included in the datastore settings page alerting users how much disk space is available and when space is likely to be used up and auto pruning will occur.
The Edinburgh update has seen improvements made to BYOD diagnostics, allowing BYOD devices to be added more easily. Tests are now performed to analyze BYOD logs to see if there are any problems that are preventing BYOD authentication from working.
A new installation page for the decrypt and inspect (MITM) certificate has also been added, allowing users to download and self-install the decrypt and inspect certificate for intercepting HTTPS traffic. This is especially useful for BYOD devices that cannot have the certificate pushed out via the sysadmin.