Revised Release Notes for CAGWS 90 - CA Technologies
{{search ? 'Close':'Search'}}

CA Gateway Security r9.0 Release Notes

 

1.0 Welcome

 

2.0 Operating System Support

 

3.0 Database Support

 

4.0 System Requirements
4.1 Recommended Hardware, One Computer
4.2 Minimum Hardware, Multiple Computers

 

5.0 New Features in CA Gateway Security
5.1 Enhanced Protocol Support
5.2 Event and Report Integration with CA Total Defense r12
5.3 NTLM v2 Support
5.4 Updated Scanning Engines
5.5 Previous Enhancements and Updates

 

6.0 Features Removed from CA Gateway Security

 

7.0 Known Issues
7.1 Unable to Open Log Viewer Help
7.2 Cannot Browse Using Mozilla Firefox

 

8.0 International Support

 

9.0 Documentation
9.1 Documentation Update

 

10.0 Contact Technical Support

 

11.0 Third-Party Acknowledgements, Copyrights, License
11.1 RSA Data Security Inc. MD5 Message Digest Algorithm
11.2 Regex++ Library from the Boost Organization
11.3 IBM ICU 1.8.1 Library and Later
11.4 libetpki_openssl_crypto.dll

 


1.0 Welcome

CA Gateway Security r9.0 is a new and enhanced feature release that also includes cumulative fixes.

This document describes system requirements and supported platforms for CA Gateway Security r9.0, as well as information about the product that was not available prior to the publication of the included documentation set. This document also explains known issues that you may encounter using CA Gateway Security and describes solutions and workarounds for those issues.


2.0 Operating System Support

CA Gateway Security r9.0 supports the following 32-bit operating systems:

  • Microsoft Windows 7

    Note: The CA Gateway Security Central Reporter component is not supported on this platform.

  • Microsoft Windows Vista

    The CA Gateway Security Outlook Plug-in Desktop Option is the only component supported on Microsoft Windows Vista. No other components are supported on Windows Vista.

  • Microsoft Windows 2008

    Note: The CA Gateway Security Central Reporter component is not supported on this platform.

  • Microsoft Windows 2003 Server (Standard or Enterprise Edition), SP1, SP2

    You must have .Net framework 2.0 (or above) configured as the root framework for the ASP.net.

  • Microsoft Windows XP Professional SP1, SP2, SP3

    Important! Because CA Gateway Security supports IIS 6.0 and above, and Windows XP uses IIS 5.1, the Quarantine Manager server is no longer supported on Windows XP

  • Microsoft Windows 2000 SP4

    Important! Because CA Gateway Security supports IIS 6.0 and above, and Windows 2000 uses IIS 5.0, the Quarantine Manager server is no longer supported on Windows 2000.

3.0 Database Support

CA Gateway Security r9.0 supports the 32-bit versions of the following databases:

  • Microsoft SQL Server 2005

  • Microsoft SQL Server 2005 Express Edition

  • Microsoft SQL Server 2008

  • Microsoft SQL Server 2008 Express Edition

  • Microsoft SQL Server 2008 r2

Note: Microsoft SQL Server is recommended for Enterprise installations. You should install and configure Microsoft SQL before you install CA Gateway Security 9.0. See the CA Gateway Security Implementation Guide for details.


4.0 System Requirements

You can install CA Gateway Security on a single, dedicated computer or you can distribute CA Gateway Security components across multiple computers. The CA Gateway Security Implementation Guide details the specific hardware requirements for each scenario.

4.1 Recommended Hardware, One Computer

The following are the recommended hardware requirements to install all CA Gateway Security components on a dedicated computer:

  • Platform: 2.8 GHz Dual Processor Intel Xeon Server

  • Memory: 4 GB RAM

  • Disk Size: 73 GB ULTRA Wide SCSI hard drive

  • Media: CD-ROM

  • Network Interface: One standard network interface card (NIC)

Note: When all CA Gateway Security components are installed on the same machine, we recommend that you deploy CA Gateway Security on Windows 2003 Server.

4.2 Minimum Hardware, Multiple Computers

If you choose a distributed installation, install the following components on individual computers:

  • SMTP Content Manager

  • HTTP/FTP Content Manager

  • Central Reporter, Quarantine Manager, and Manager Console (install on same computer)

The following are the minimum hardware requirements for each component installed on individual computers:

  • SMTP Content Manager

  • Platform: Pentium D 2.8 GHz CPU

  • Memory: Minimum of 1.0 GB RAM

  • Disk Size: 30 GB free disk space

  • Media: DVD-ROM

  • Domain Name Services: Domain Name services

  • Network Interface: One standard network interface card (NIC)
  •  

  • HTTP/FTP Content Manager

       

  • Platform: Pentium D 2.8 GHz CPU

  • Memory: Minimum of 2.0 GB RAM

  • Disk Size: 30 GB free disk space

  • Media: DVD-ROM

  • Domain Name Services: Domain Name services

  • Network Interface: One standard NIC

  • Central Reporter, Quarantine Manager, and Manager Console (installed on same computer)

       

  • Platform: Pentium D 2.8 GHz CPU

  • Memory: Minimum of 1.0 GB RAM

  • Disk Size: 30 GB free disk space

  • Media: DVD-ROM

  • Domain Name Services: Domain Name services (used by the Quarantine Manager)

  • Network Interface: One standard NIC

5.0 New Features in CA Gateway Security

CA Gateway Security provides high performance secure content management, to address email security and confidential data protection needs.

CA Gateway Security r9.0 includes the following new features:

5.1 Enhanced Protocol Support

To improve the security of SMTP communication, CA Gateway Security r9.0 has added Transport Layer Security (TLS) functionality.

TLS functionality provides encryption and authentication protection, to confirm the identity of peer SMTP mail servers and to ensure that SMTP communication is protected against eavesdropping.

5.2 Event and Report Integration with CA Total Defense r12

CA Gateway Security r9.0 events and reports are now fully integrated with CA Total Defense r12. You can use the CA Total Defense r12 Management Console to view CA Gateway Security events in the Event Viewer and to generate SMTP and HTTP reports from the Reports page.

However, you must continue to use the CA Gateway Security Manager Console to define CA Gateway Security policies.

5.3 NTLM v2 Support

CA Gateway Security r9.0 now supports proxy pass-through for NTLM v2 authentication requests. NTLM v2 is the default authentication type for HTTP clients using Microsoft's NTLM authentication hosted on Windows 2008 R2 or Windows 7.

5.4 Updated Scanning Engines

The following scanning engines have been updated to ensure that CA Gateway Security uses the latest available versions to provide complete content scanning and detection:

  • Anti-Malware Engine

  • Spam Engine

  • URL Filtering Engine

5.5 Previous Enhancements and Updates

CA Gateway Security has been updated to include all previously-released software enhancements, new features, and updates, to make installation and operation of CA Gateway Security as easy and efficient as possible.


6.0 Features Removed from CA Gateway Security

The following features have been removed from this version of CA Gateway Security:

  • Support for the Role-Based User Manager module (Embedded IAM)

  • Support for CA iGateway. The web-based Self-Administration Quarantine Manager can be installed and run on Microsoft IIS6.0 (and above) web servers.

7.0 Known Issues

The following sections provide information about issues known to exist in this release.

7.1 Unable to Open Log Viewer Help

You may be unable to open the CA Gateway Security SW3 Log Viewer help system (SW3Viever.exe) on either Windows 7 or Windows 2008.

This help system requires the Windows Help (WinHlp32.exe) program, which is no longer installed by default on Windows 2008 and Windows 7.

To resolve this issue, you must download and install the Windows Help program for your operating system. See the following Microsoft knowledge document for information about downloading and installing the appropriate Windows Help program to allow you to open the SW3 viewer help:

http://support.microsoft.com/kb/917607

7.2 Cannot Browse Using Mozilla Firefox

You cannot browse Internet or Intranet sites from an CA Gateway Security host using a Mozilla Firefox web browser when Firefox uses CA Gateway Security as a proxy and CA Gateway Security is configured to request NTLM authentications.


8.0 International Support

An internationalized product is an English product that runs correctly on local language versions of the required operating system and required third-party products, and supports local language data for input and output. Internationalized products also support the ability to specify local language conventions for date, time, currency and number formats.

A translated product (sometimes referred to as a localized product) is an internationalized product that includes local language support for the product's user interface, online help and other documentation, as well as local language default settings for date, time, currency, and number formats.

In addition to the English release of this product, CA Technologies supports only those languages listed in the following table.

Language Internationalized Translated
Brazilian-Portuguese Yes Yes
Chinese (Simplified) No No
Chinese (Traditional) No No
French Yes Yes
German Yes Yes
Italian Yes Yes
Japanese Yes Yes
Korean No No
Spanish Yes Yes

Note: If you run the product in a language environment not listed in the table, you may experience problems.


9.0 Documentation

Updated guides for this product are available from Customer Support.

The documentation for this product is as follows:

Guide Name File Name
CA Gateway Security Release Notes r9.0 RN-XX.html (for example, RN-EN.html)
CA Gateway Security Administration Guide r9.0 AG.pdf
CA Gateway Security Implementation Guide r9.0 IG.pdf

To view PDF files, you must download and install the Adobe Reader from the Adobe website if it is not already installed on your computer.

Release Numbers on Documentation

The release number on the title page of a document might not correspond to the current product release number; however, all documentation delivered with the product, regardless of release number on the title page, will support your use of the current product release. The release number changes only when a significant portion of a document changes to support a new or updated product release. If no substantive changes are made to a document, the release number does not change. For example, a document for r11 may still be valid for r11.1 or even r12. Documentation bookshelves always reflect the current product release number.

Occasionally, we must update documentation outside of a new or updated release. To indicate a minor change to the documentation that does not invalidate it for any releases that it supports, we update the edition number on the cover page. First editions do not have an edition number.

9.1 Documentation Update

This section of the Release Notes contains an update to the documentation that was not available at the time of language translations or the final English publication date.

Document Affected

  • CA Gateway Security Implementation Guide r9.0

    Section: Upgrade from Previous Releases

Correction

Substitute the following text for the entire contents of the topic:

When you upgrade from earlier releases of CA Gateway Security, use the BackupRestore utility to back up existing data from the earlier release and import this data into the current release of CA Gateway Security.

To upgrade your installation

  1. Contact Support and request the indicated BackupRestore utility:

  2. RO32348.caz (when upgrading from CAGS 8.1 to CAGS 9.0)

  3. RO32347.caz (when upgrading from CAGS 8.0 to CAGS 9.0)

  4. Extract the contents of the CAZ file into a folder (for example, CAGS_backup_restore).

    Important: Do not use the CAGateway SecurityBin or CAeTrust SCMBin folder.

  5. Navigate to the folder, open RO32347.txt or RO32348.txt, and follow the instructions inside the file.

  6. From the Start Menu, select the Run command and enter:
    BackupRestore -b
    
    to back up your existing data.

  7. Click OK.

    A success message appears when the backup process completes. The BackupRestore.exe utility creates a CA Gateway Security Backup folder.

    Alternative: You can back up your database when you uninstall CA Gateway Security r8.x. During the uninstallation process, when you are prompted to back up the database, select Yes.

  8. Uninstall the earlier version of CA Gateway Security from your computer.

  9. Use one of the following methods to restore and import the data backed up from earlier versions into CA Gateway Security:

    Important: The BackupRestore utility and all of the other binaries enclosed in the CAZ file are for backup use only and must never be copied to the existing 8.x Bin folder or to the freshly installed 9.0 version.

  10. During the Control Center installation

    During the CA Gateway Security installation, if the installer finds data backed up from the earlier version of CA Gateway Security, you are prompted to restore this data. If you answer yes, the installer runs the BackupRestore utility to restore the data.

    This restore operation should be done only on the CA Gateway Security server running the Control Center. If there are multiple CA Gateway Security computers, only the Control Center should be upgraded. CA Gateway Security distributes the restored databases later to all CA Gateway Security engines.

  11. Manually

    After the installation is complete, you can run the BackupRestore utility located in the CAGateway SecurityBin folder with the parameter -r to restore your backed up data. Confirm that the Manager Console is not running when you perform the restore. The utility is located in the Bin folder in the directory in which you installed CA Gateway Security. The utility displays a success message when the restore completes successfully.

    Note: You can only restore your data on the same computer on which you performed the backup of your data from the earlier version of CA Gateway Security.

Important: Use only the BackupRestore.exe file located in the CAGateway SecurityBin folder of your new CA Gateway Security 9.0 installation to restore the backed-up data. Do not use the RO32347.caz or RO32348.caz binaries.


10.0 Contact Technical Support

For your convenience, CA provides one site where you can access the information you need for your Home Office, Small Business, and Enterprise CA products. At http://support.ca.com, you can access the following:

  • Online and telephone contact information for technical assistance and customer services

  • Information about user communities and forums

  • Product and documentation downloads

  • CA Support policies and guidelines

  • Other helpful resources appropriate for your product

11.0 Third-Party Acknowledgements, Copyrights, License

Portions of this product include software developed by third-party software providers.

11.1 RSA Data Security Inc. MD5 Message Digest Algorithm

Terms and Conditions for the Use of RSA Data Security Inc. MD5 Message Digest Algorithm.

Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All rights reserved.

License to copy and use this software is granted provided that it is identified as the "RSA Data Security, Inc. MD5 Message-Digest Algorithm" in all material mentioning or referencing this software or this function.

License is also granted to make and use derivative works provided that such works are identified as "derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm" in all material mentioning or referencing the derived work.

RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind.

These notices and copyrights must be retained as specified in any copies of any part of the documentation and/or software.

11.2 Regex++ Library from the Boost Organization

Terms and Conditions for the Use of Regex++ library from the Boost organization.

Copyright (c) 1998-2000 Dr. John Maddock.

Permission to use, copy, modify, distribute and sell this software and its documentation for any purpose is hereby granted without fee, provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation.

Dr. John Maddock makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty.

Footnotes:

  1. Localized versions may translate the above notice into the native language of the version.

  2. The above notice applies to source code and documentation. Users who are distributing only binary forms need only indicate, somewhere in their documentation or in their help-about notice, that the product uses this library and that the copyright is Dr. John Maddock 1998-2000.

11.3 IBM ICU 1.8.1 Library and Later

Terms and Conditions for the use of IBM ICU 1.8.1 library and later.

Copyright (c) 1995-2003 International Business Machines Corporation and others.All rights reserved.

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, provided that the above copyright notice(s) and this permission notice appear in all copies of the Software and that both the above copyright notice(s) and this permission notice appear in supporting documentation.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

Except as contained in this notice, the name of a copyright holder shall not be used in advertising or otherwise to promote the sale, use or other dealings in this Software without prior written authorization of the copyright holder.

11.4 libetpki_openssl_crypto.dll

"This product includes OpenSSL 1.0.0d., the use of which is governed by the following terms:"

LICENSE ISSUES

==============

The OpenSSL toolkit stays under a dual license, i.e. both the conditions of the OpenSSL License and the original SSLeay license apply to the toolkit. See below for the actual license texts. Actually both licenses are BSD-style Open Source licenses. In case of any license issues related to OpenSSL please contact openssl-core@openssl.org.

OpenSSL License

---------------

===========================================================

Copyright (c) 1998-2008 The OpenSSL Project. All rights reserved.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.

  2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

  3. All advertising materials mentioning features or use of this software must display the following acknowledgment:

    "This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/)"

  4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to endorse or promote products derived from this software without prior written permission. For written permission, please contact openssl-core@openssl.org.

  5. Products derived from this software may not be called "OpenSSL" nor may "OpenSSL" appear in their names without prior written permission of the OpenSSL Project.

  6. Redistributions of any form whatsoever must retain the following acknowledgment:

"This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)"

THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS|&"&| AND ANY EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

=============================================================

This product includes cryptographic software written by Eric Young (eay@cryptsoft.com). This product includes software written by Tim Hudson (tjh@cryptsoft.com).

Original SSLeay License

-----------------------

Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)

All rights reserved.

This package is an SSL implementation written by Eric Young (eay@cryptsoft.com). The implementation was written so as to conform with Netscapes SSL.

This library is free for commercial and non-commercial use as long as the following conditions are aheared to. The following conditions apply to all code found in this distribution, be it the RC4, RSA, lhash, DES, etc., code; not just the SSL code. The SSL documentation included with this distribution is covered by the same copyright terms except that the holder is Tim Hudson (tjh@cryptsoft.com).

Copyright remains Eric Young's, and as such any Copyright notices in the code are not to be removed. If this package is used in a product, Eric Young should be given attribution as the author of the parts of the library used. This can be in the form of a textual message at program startup or in documentation (online or textual) provided with the package.

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

  1. Redistributions of source code must retain the copyright notice, this list of conditions and the following disclaimer.

  2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.

  3. All advertising materials mentioning features or use of this software must display the following acknowledgement:

    "This product includes cryptographic software written by Eric Young (eay@cryptsoft.com)"

    The word 'cryptographic' can be left out if the rouines from the library being used are not cryptographic related :-).

  4. If you include any Windows specific code (or a derivative thereof) from the apps directory (application code) you must include an acknowledgement:

    "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"

    THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS|&"&| AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

The licence and distribution terms for any publically available version or derivative of this code cannot be changed. i.e. this code cannot simply be copied and put under another distribution license [including the GNU Public Licence.]


Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing