Enhancements

Improvements have been made for the Hybrid Module of the Forcepoint Web Security.

Enhancement Description
DLP Policy Engine upgrade. Upgraded DLP Policy Engine to version 10.3 to support Oracle Linux 8.
CA tree upgrade. Upgraded CA tree to include the latest certificate authorities for the SWG 8.5.7 release.
Proxy component platform upgrade. Upgraded proxy components to support Oracle Linux 8, replacing deprecated Red Hat Enterprise Linux/CentOS Linux 7.
Web Security Engine (WSE) components platform upgrade. Upgraded WSE components to support Oracle Linux 8, replacing deprecated Red Hat Enterprise Linux/CentOS Linux 7.
Web Content Gateway (WCG) UI update to support TLSv1.3. Added support in the WCG UI to enable or disable TLSv1.3 under Configure > SSL > Decryption/Encryption, consistent with earlier TLS version controls.
WCG UI update to support custom TLS ciphersuite configuration. Updated the WCG UI to support user defined TLS 1.2 and TLS 1.3 ciphersuite strings via OpenSSL compliant text boxes and removed SSLv3 configuration support.
WCG TLS ciphersuite update for custom selection. Updated WCG to support freeform selection of TLS 1.2 and TLS 1.3 ciphersuites when set to Custom, updated records.config accordingly, and removed deprecated SSLv3 and TLS 1.1 support.
CCA upgrade to use Oracle Linux 8 RPM. Updated WCG to use the Oracle Linux 8 CCA RPM from Artifactory instead of the CentOS 7 version and removed CCA code from the SWG repository.
Support for SQL Always On. Added support for SQL Always On in the SWG 8.5.7 release.
SWG OpenSSL upgrade. Upgraded SWG OpenSSL to version 3.0 to support TLS 1.3, replacing version 1.1.1.
HTTP cache configuration removal from SNMP. Removed HTTP cache-related configuration settings that are safe to delete from the SNMP configuration.
HTTP cache feature removal. Removed the HTTP cache feature from WCG as it relies on outdated technology and is ineffective with modern encrypted internet traffic.
HTTP cache monitoring removal. Removed the cache monitoring page from the WCG UI Monitor tab following the removal of the HTTP cache feature.
HTTP cache configuration removal from WCG UI. Removed the cache configuration pages for pinning, partition, and hosting from WCG UI, while keeping RAM cache size and maximum object size configurable on the General page.
HTTP cache monitoring removal from WCG UI Configure tab. Removed the HTTP Scheduled Updates pages and section from the WCG UI Configure tab following the removal of the HTTP cache feature.
HTTP cache performance monitoring removal from WCG UI. Removed all HTTP cache performance charts from the Monitor > Performance sections in WCG UI.