October 7, 2021

To:         Symantec Secure Web Gateway Customers

From:    SGOS and Advanced Secure Gateway Product Teams

Subject:  General Availability Announcement for SGOS and Advanced Secure Gateway

On behalf of Broadcom, we appreciate your business and the opportunity to provide you with high-quality, innovative software and services.  As part of our ongoing commitment to customer success, we regularly release updated versions of our products. Today, we are pleased to announce that SGOS and Advanced Secure Gateway version 7.3.6.1 are now available, supporting the following new features:

ProxySG Admin Console 1.2.3.1

You can perform the following tasks in this release of the ProxySG Admin Console (SGAC):

• Manage HTTP, HTTPS, SSH, SNMP, and Telnet services for administrative access to the ProxySG appliance.
• Configure SOCKS gateways and gateway groups for forwarding.
• Manage the appliance's SSL client profile.
• Offload processing of SSL/TLS traffic to a configured SSLV device.
• Add existing Online Certificate Status Protocol (OCSP) OCSP responders to perform real-time certificate revocation
  checks and send responses to the appliance.

In addition, forwarding host lists have been renamed to forwarding groups.

More information:

• SGOS Administration (Admin Console Edition)

VPM Object to Enable/Disable Parallel Connectivity

The content policy language (CPL) to enable or disable parallel connectivity using RFC8305 (Happy Eyeballs algorithm) was added in version 7.3.4. This release adds new Enable Parallel Connect and Disable Parallel Connect static Action objects to the Web Visual Policy Manager (VPM). The algorithm can improve user experience when requesting specified URL domains by allowing parallel connections, which avert delays that might occur with serial connection attempts. To enable or disable parallel connections globally, use the #(config)parallel-connect {enable | disable} CLI command, introduced in version 7.3.4.1.

More information:

• Web Visual Policy Manager Reference

New Default Port for Web Isolation Service

Starting in this release, the default port for the Web Isolation Service is 443 instead of 8080. If you currently use the default web isolation service hostname and port, upgrading will change the port from 8080 to 443. If you then downgrade to version 7.3.5 or earlier, the configuration retains the port 443 setting. If you configured a custom web isolation service, issuing the # (config isolation) service cloud command in version 7.3.6 reverts the service to default settings, including the new default port.

More information:

• Command Line Interface Reference
• KB article 201609

Review and Terminate Active Sessions and Connections

To help with troubleshooting, a new # active-sessions CLI command allows you to display a list of active inbound ADN connections, bypassed connections, or proxied sessions. You can also terminate multiple connections or longrunning sessions, which may be faster than terminating sessions from the Management Console.

In addition, a new # show active-sessions command displays overall session statistics including active, terminating, and errored sessions.

More information:

• Command Line Interface Reference

Determine Host ISG for ProxySG Applications

A new # show isg-host CLI command allows you to determine if the current appliance is running as an application on Integrated Secure Gateway (ISG). If it is an application running on ISG, the command displays ISG host information. Otherwise, the CLI indicates that the system is not running on ISG.

More information:

• Command Line Interface Reference

To download this release and review Release Notes, visit the Symantec Enterprise Security portal at https://support.broadcom.com/security. A MyBroadcom login is required. See https://knowledge.broadcom.com/external/article/151364/download-the-latest-version-of-symantec.html for details.

If you have any questions or require assistance, please contact Broadcom Customer Care online at https://www.broadcom.com/support/software/contact where you can submit an online request using the Customer Care web form: https://ca-broadcom.wolkenservicedesk.com/web-form?_ga=2.205828371.1432263889.1590607313-713014253.1588711301 .  You can also call Broadcom Customer Care at +1-800-225-5224 in North America or see https://www.broadcom.com/support/software/contact for the local number in your country. 

Should you need any assistance, our Broadcom Services experts can help.  For more information on Broadcom Services and how you can leverage our experience, please visit https://www.broadcom.com/support/ca/services-support/ca-services.

Your success is very important to us, and we look forward to continuing our successful partnership with you.

To review Broadcom Support lifecycle policies, please review the Broadcom Support Policy and Terms located at: https://support.broadcom.com/.  

Thank you again for your business.