RSS Feed
Latest Updates
Jun
20
Shell Control Box 4.3.1 has been released
Posted by Gergely Csordás on 2016 June 20 10:36

Dear Customer,

A new maintenance version of Shell Control Box (4 F3) has been released.

Version 4 F3 has extended support time and will be supported for 6 months after SCB 5LTS is released.

 

SCB 4.3.1 contains improvements and new features, including:

  • A new plugin type (AA) to customize authentication in RDP, SSH and Telnet protocols
  • Resolving hostnames to IP addresses on the UI
  • New Azure Marketplace image with Azure File Storage (Samba share) support


Notes

The Audit Player (AP) indexing functionality is deprecated and will be removed from the next feature release (4F4). The Audit Player will still be available and supported for offline playback of audit trails.


Feature highlights

  • With the AA plugin you can enhance the authentication possibilities during inband gateway authentication in the RDP, SSH and Telnet protocols. Such plugins can be useful in various scenarios, for example, two-factor authentication, one-time password authentication, and in cases when extra user input is needed.
  • Hostnames can be used in IP address fields on the UI. In this case, hostnames are automatically resolved to IP addresses.
  • In Azure Marketplace, SCB comes with a 100Gb disk image, and Azure File Storage (Samba share) is supported for backup and archive purposes.


This release contains many security and bugfixes compared to 4.3.0.

The release contains corrections of the following issues:

SCB-8735 Inband destination selection DNS resolving timeout
SCB-8733 SCB boot takes hours if the connection database is large
SCB-8695 SCB sends email notifications about errors before completing the Welcome Wizard
SCB-8694 Certain cron jobs fail when run before the Welcome Wizard is completed
SCB-8606 SCB boots slowly because of a database upgrade check
SCB-8513 Raid logs are split into several lines instead of a single line
SCB-8500 AA plugin does not work with Terminal Services Gateway
SCB-8440 On hardwares with hardware RAID, the debug bundle can be incomplete and contain previous RAID information
SCB-8357 No search results on the Search page, 'Archive error; Invalid backup policy given;' error message logged
SCB-8284 Indexing and replaying X11 audit trails fails with the error: "X11GCDriver processing copygc: the tile pixmap's depth must be equal to the gccontext's depth".
SCB-7980 If the PostgreSQL database is not available during a system restore, SCB sends unnecessary alerts
SCB-7939 Changing the log verbosity raises errors if a related service (for example, SSH traffic) is disabled
SCB-7899 Empty report causes SCB to send email alerts repeatedly
SCB-7811 LuceneCTL, that is required by some core features of SCB (e.g. Search) had a wrong return value indicating the operation was successful. Now it returns a non-zero value.
SCB-7717 Reliable ICA sessions using the CGP protocol can leak resources
SCB-7647 Popup for disable indexing appears only once
SCB-7521 X11, local and remote port forward channels are rejected if the exact list of allowed addresses is not set
SCB-7506 Overly long HTTP request method crashes the proxy
SCB-7495 Malformed HTTP header crashes the proxy
SCB-7447 When using Software RAID monitoring, SCB sends weekly false alarms
SCB-7437 Invalid VNC bits-per-pixel setting causes proxy crash
SCB-7421 RDP RemoteApp sessions distributed on multiple session hosts do not work with Windows 2012R2
SCB-7417 Malformed VNC string packets causes proxy crash
SCB-7107 Some TN3270 audit trails are not indexed
SCB-7101 Malformed RDP packet causes 100% CPU usage
SCB-7067 The 'Clear all filters' button does not work on the AAA > Accounting page
SCB-7005 Possible Cross Site Scripting on web UI with certificates containing HTML
SCB-7004 Possible denial of service or code execution via specially crafted Ticket ID prompt
SCB-6667 Indexing certain ICA audit trails consumes the memory and crashes the indexerworker process
SCB-6536 Permission Query database save (pq_save_db) cron job runs out of memory
SCB-6400 On the Search page, the "Channel type" text field does not do anything

For the current CVE fixes, see https://www.balabit.com/downloads/files/scb/4.3.1/fixed-cves.txt

 

For all other details, see the following documents:

What is new in Shell Control Box 4.3,
available at https://www.balabit.com/sites/default/files/documents/scb-4.3-guides/en/scb-guide-whatsnew/html/index.html

How to upgrade to BalaBit Shell Control Box 4.3,
available at https://www.balabit.com/sites/default/files/documents/scb-4.3-guides/en/scb-guide-upgrade/html/index.html

Balabit Shell Control Box 4.3 Administrator Guide,
available at https://www.balabit.com/sites/default/files/documents/scb-4.3-guides/en/scb-guide-admin/html/index.html 

 

Download


The firmwares and other files of Shell Control Box are available at: https://www.balabit.com/network-security/scb/download/shell-control-box/ 

 

Best Regards,

BalaBit Support Team


Read more »



Mar
3
Support packages and Service Level Objective
Posted by Bonnyai Emese on 2016 March 03 15:17

Dear Customers,

 

I would like to inform you that Service Level Objectives (SLOs) belonging to the different support packages were modified in our General Terms and Conditions as well.

SLOs are counted when the status of a technical case is active namely Balabit Support Team works on it.

 

Please, find more description about SLOs on our website:

https://www.balabit.com/support/packages

 

Kind regards,

 

Emese Bonnyai

Balabit Support


Read more »



Feb
25
Balabit Support General Terms and Conditions
Posted by Bonnyai Emese on 2016 February 25 10:57

Dear Customers!

 

Our General Terms and Conditions document has taken effect since 15th Feb, 2016.

 

Let me draw your attention to some of the changes you will meet while submitting a support case:

  • severity level Minor Impact has changed to Normal Impact
  • business hours changed to 8:00 - 17:00 (CET/CEST) on the Business Days
  • new item: Extended Business Hours (from 08:00 to 20:00 (CET/CEST) on Business Days)
  • Maximum number of contact people from partner removed

The GTC is available at: https://my.balabit.com/documents/support

 

Kind regards,

 

Emese Bonnyai

Balabit Support

 


Read more »



Jan
15
BalaBit Support General Terms and Conditions update
Posted by Kálmán Kővári on 2016 January 15 17:23

Dear Customers!

 

Our General Terms and Conditions document update has been released.

The new GTC is in effect from 15th Feb, 2016.

 

The changes since the previous release are listed below.

The new GTC is available at: https://my.balabit.com/documents/support

 

Kind regards,

BalaBit Support

 

Changes of BalaBit Support General Terms and Conditions between the version on 23/04/14 and the current one:

 

Date: Thu Jan 7 20:59:15 2016 +0100

Legal review results merged into GTC:

  • minor rephrasings of definitions
  • general phrasing update
  • removed section 'Miscellaneous provisions'
     

Date: Tue Nov 24 17:54:11 2015 +0100

added holidays in 2016

Date: Wed Sep 16 10:24:42 2015 +0200

added Blindspotter support package.

Date: Mon Feb 16 15:58:58 2015 +0100

Hungarian holidays in 2014 table has been removed.

Date: Mon Feb 16 14:13:18 2015 +0100

  • Every appearence of 'Support Agreement' has been changed to
    'Support Service Agreement'
  • The definition of customer have been referred to electronic licence key
    rather then balabit licence key.
  • The definition of EULA has been moved to its alphabetical place.
  • The definition of Maximum engineer hours has been refactored
  • The definition of Partner has been extended with distributor and reseller.
  • The patch expression has been changed in the definition of Workaround
  • The by-pass expression has been changed in the definition of Workaround
  • Every Engineering Release and Workaround have been capitalized,
    because these are definitions
  • In the other service limitations table Maximum Engineer Hours
    has been changed to Maximum Engineer Hours of non-charged engineer hours.
  • A typo has been fixed in Escalation process
  • In hardware replacement session the 'non defective' clause was missing,
    this has been fixed. In the same sentence some semantical modifications
    has been made.
  • In the section of limitation of liability the second session which
    referred to the '314. of Act IV of 1959 on the civil code of hungary'
    has been removed.
  • The notices section has been expanded with email
  • In the governing law section the reference for Act IV of 1959
    has been changed to Act V of 2013
  • In modifications of GTC section the withdrawal part has been removed.
  • In modifications of GTC section from the clause 'immediately upon 30 days'
    the immediately has been deleted.
  • In version policy appendix the word: customer has been changed to partner.

Date: Wed Nov 19 10:51:22 2014 +0100

rephrasing of the chapter 7. 'Request handling process'

Date: Thu Nov 13 11:26:18 2014 +0100

1. Definitions:

  • firm changed to Balabit Europe Ltd. further reffered to as BalaBit
  • business hours changed to 8:00 - 17:00
  • new item: Extended Business Hours
  • L1, L2, L3 Support removed
  • severity levels: Minor Impact changed to Normal Impact

2. Technical Support definitions and prerequisites

  • minor changes in paragraph 5.
  • Hardware replacement paragraph 8 only refers to Section 9.

4. Service Level Objectives

  • removed Work Effort column
  • Communication frequancy changed to Status Update Frequency with footer
  • Changed SLO for ExtSU S1 and S3
  • Maximum number of contact people from partner removed

7. Incident handling process

  • clarified "work in progress"

8. Escalation procedure

  • minor changes in escalation handling (paragraph 3)
  • deleted para 6.

9. Hardware replacement

  • minor changes in para 2.

Appendix A:

  • added Hungarian work days and vacations for year 2015.

Appendix C:

  • Headline changed.

Date: Wed Oct 1 09:59:46 2014 +0200

fixed hardware replacement structure

Date: Wed Oct 1 09:10:04 2014 +0200

Added advanced replacement

Date: Wed Apr 23 16:18:55 2014 +0200

changed the company name in accordance with the ongoing legal changes


Read more »



Sep
15
syslog-ng Store Box 3 LTS End of Support
Posted by Gergely Csordás on 2015 September 15 10:27

In accordance with our version policy, support for syslog-ng Store Box
3 LTS ends on 30th September, 2015

Updates, security fixes, and technical support of syslog-ng Store Box
3 LTS will be discontinued from this date.

You are recommended to upgrade to syslog-ng Store Box 4 LTS before the
support of the above versions ends.

In order to upgrade to syslog-ng Store Box 4 LTS, follow the
instructions of the "How to upgrade to syslog-ng Store Box 4 LTS" guide:

https://www.balabit.com/documents/ssb-4.0-guides/en/ssb-guide-upgrade/pdf/ssb-guide-upgrade.pdf

If you need help performing the upgrade, please contact BalaBit support.

Best Regards,

BalaBit


Read more »