Jobs (DE)Terms of UsePrivacy PolicyImprint

Backups

In version 7.1-0.3 it was not possible to create or restore backups.

Minor bugfixes and improvements

F-Secure malfunction

On the afternoon of 2019-04-10 the F-Secure antivirus scanner stopped working due to missing access permissions to a new library file which was installed as part of the signature updates.

Minor bugfixes and improvements

Reboot required

When finished, the system will reboot automatically. Please do not reboot manually.

Update of the Linux kernel

The new kernel includes a few less critical security bugfixes.

Two-factor authentication for access to administration interface

To better secure the administration interface, one-time-passwords (OTPs) may be enabled. There are separate settings for direct access and for access via reverse proxy. If OTPs are mandatory, users without OTP can no longer login. If "optional" an OPT is only required for accounts with enabled OTPs.

S/MIME gateway extensions

While verifying signed emails, a certificate revocation list (CRL) lookup can be enabled now.
If authentication is not possible when signing outbound emails, the "From" header has to be trusted. Previously there was just a checkbox, which turned all local IPs into trusted senders. Now there's a dedicates address list.
Please check the list after the update: It should either be empty or contain only IPs of internal mailservers which authenticate its clients and enforce correct "From" headers. The list should not contain whole networks, in particular not IP group "INTRANET".

S/MIME gateway signatures in Outlook

Microsoft Outlook reported an invalid signature for multipart mails.

Better groupware integration

The mail server now automatically processes mails from the groupware like internal mails, i.e. relayint into the Internet is allowed and now anti-SPAM measures will apply. If internal clients have to authenticate themselves for sending mails, SMTP authentication will be turned on in the groupware automatically. Finally the S/MIME gateway now trusts the "From" headers of the groupware, so "Send as" will work now.
If you have added the groupware IP or network to the list of local IPs in the mailserver administration after installing the groupware, you can now revert this change.

Update of the IPsec server

The new release fixes problems with IKEv2 re-keying.

Option to disable WLAN IP isolation

Minor bugfixes and improvements

Improved protection of container runtime environment

Apps will be running in a sandbox environment and without using privileged processes now.
As an exception all installed apps will be removed during the update in order to make the necessary changes. You will have to re-install the apps after the update. Of course all application data will be preserved.

S/MIME gateway tags signed mails sent "on behalf of"

Many mail clients don't mark emails sent on behalf of someone else. This will mislead the recipient into thinking, the mail was signed by the person on whose behalf the mail was sent and not the person who actually sent the mail. To prevent fraud, the email address of the actual sender will be added to the subject now: [SENT BY <...@...>].

Conversion of opaque signed mails by S/MIME gateway

Many mail clients don't support opaque signed mails, so these mails will be displayed either incorrect or not at all. If the S/MIME gateway encounters an opaque signed mail after decryption, it will automatically convert it into a "conventional" detached signed mail.

Email synchronisation between cluster nodes

The contents of the mail folders on clusters with local mail domains will now be synchronized.

User synchronization from ActiveDirectory

In release 7.0-4.7 and 7.1-0.0 the synchronisation fails on most sites.

F-Secure Antivirus

Since 2019-02-05 the scanner erroneously reports "Scanner test failed" and "F-Secure Linux Security out of function". The scanner is tested by scanning an EICAR test file. The test fails as the scanner output format has changed.
Despite of the messages the scanner works as expected.

Minor bugfixes and improvements

Secure

DEFENDO forces a collection of best-of-breed security modules like firewall, VPN, proxies, virus scanner and anti spam system to interact for one purpose:
To be protected from all online threats and unwanted contents like malicious code, spam and hacker attacks.

Flexible

Each IT scenario is different. The DEFENDO product family will adapt precisely to your demands.
DEFENDO applies for simple internet connections of small companies, for headquarters / branch office WANs, as well as for complex multi-tiered firewall systems.

More good reasons

  • No backdoors
  • More than 15 years of Internet security experience
  • Award-winning product
  • Support by our development engineers
  • Reseller loyalty
  • Made in Germany