Version 4.2.1 Release Notes

Upcoming Changes

Note Data leakage protection (DLP) will be removed in a future release. We recommend that you use the new application control feature instead. This feature provides better support for webmail apps and websites, and more granular control over webmail usage. Go to Group Policy > Application Control.


Version 4.2.1 includes:

  • Two new reports, Reports > Users > Sandstorm Users, and Reports > Policy & Content > Sandstorm Usage.
  • NSWA-841, NSWA-791 As SHA-1 certificates are phased out by major vendors, appliances that still use SHA-1 certificates can be switched to a more secure SHA-256 certificate using the Regenerate Certificate button. This can be found on the UI & Portal Certificate tab of Configuration > System > Certificates page.
  • NSWA-773 A new option, YouTube content restrictions has been added to the Configuration > Global Policy > General Options page. This is now the preferred way to limit YouTube content when viewing videos, as Google intends to discontinue YouTube for Schools.
  • NSWA-656 A new email notification has been added to alert administrators when Sophos Sandstorm is not available.
  • NSWA-492 In addition to reporting on downloads, Reports > Users > Top Bandwidth Users has added the option to report on uploads, or the combined upload/download total.

Resolved Issues

Work Order # Description
NSWA-470 SWA uses TLS 1.2 by default when making upstream connections. Most previous versions of TLS/SSL are supported, but if you encounter a site that does not work with the appliance because of an incompatible form of encryption, you can add it to the HTTPS scanning exemptions.
NSWA-360 When more than one Web Appliance is joined to a Management Appliance, reports that span an interval greater than one week have improved accuracy.
NSWA-742 WWW-Authenticate headers are now left intact to ensure reliable communication with clients.
NSWA-666 To prevent cropping of usernames, reports now use two lines to display long usernames.
NSWA-781 Intermediate certificates are now always sent to client browsers when using custom certificates.
NSWA-741 Clicking Proceed on warn pages now works with embedded YouTube videos.
NSWA-796 Changes to top level domain entries in the local site list (LSL) now propagate correctly.
NSWA-863 When user submissions are disabled, the appliance now correctly ignores attempts to submit requests. When user submissions are enabled, they now have improved validation.