Fix: Vulnerability - Authenticated, XSS-Not Persistent [BNSEC-1239 / BNVS-4078]
Fix: Vulnerability - CSRF, HTTP Header Injection, XSS-Not Persistent [BNSEC-1144 / BNVS-4026]
Fix: Vulnerability - Click Jacking [BNSEC-509 / BNVS-4024]
Fix: Vulnerability - URL Redirection [BNSEC-727 / BNVS-3665]
Version 2.4.0.3:
Feature: Bookmark aliases are created automatically for new and existing resources
Fix: Server Agent service starts on Linux [BNVS-4244]
Fix: Improved ActiveSync session disconnection handling [BNVS-4243, BNVS-4263]
Fix: Prevent files that were in tmp directory from being deleted when they should not have been [BNVS-4188]
Fix: Enabled uploading of certificates with PKCS #8 private keys [BNVS-4235]
Fix: Account selection works correctly for Read Only mode Active Directory groups when using Internet Explorer [BNVS-4217]
Fix: My Resources filter displays correct selection [BNVS-4258]
Fix: Creating a new Certificate Authority is possible after deleting an existing one [BNVS-4233, BNVS-4255]
Fix: Ssladmin session information is displayed correctly on clustered systems [BNVS-4225]
Fix: Correction to AD password expiry message [BNVS-3591]
Fix: Improvements to Microsoft Sharepoint 2013 checkout discard in Microsoft Office 2007 and 2010 [BNVS-4184]
Version 2.4.0.2 Fixes:
Graphs
Graphs display correctly in Internet Explorer version 10 [BNVS-4030]
Web Forwards
Path based web forwards display large pages containing multi-byte characters accurately [BNVS-4196]
Web sites that switch between character encodings display extended chars (??, ??, etc.) correctly [BNVS-4102]
Launching a Host File Redirect Tunneled Web Forward in Windows 7 closes the Command prompt window [BNVS-4101]
Sharepoint 2010 documents can be edited [BNVS-4132]
IPsec/PPTP
Timeout option added for IPsec/PPTP sessions [BNVS-4155]
When launching PPTP, if the connection already exists then a confirmation message is not displayed [BNVS-4194]
IPsec PSK can include all valid symbols [BNVS-4081, BNVS-4125]
Mapped Drives
Webdav Mapped Drives do not timeout due to inactivity [BNVS-4090]
Session timeout will disconnect Mapped Drives [BNVS-4128]
Office 2013 documents work with Mapped Drives [BNVS-3778]
Sessions
Password can be entered after session has been locked due to browser closure [BNVS-4144]
Server Agent
The ADVANCED > Server Agents page refreshes correctly when an agent is enabled or disabled in Internet Explorer version 10
[BNVS-4119]
Zip file containing the server agent client contains the correct version [BNVS-4120]
Server Agent service starts on Linux [BNVS-4244]
Other
Improved notifications message handling under heavy load [BNVS-4058]
NAC antivirus checking detects status of multiple installed AV products [BNVS-4099]
Network Connector routes can be added in Mac OS X [BNVS-4100]
Authentication schemes and NAC exceptions consider policy time restrictions [BNVS-3455]
/32 CIDR notation is handled correctly by IP authentication [BNVS-3818]
Deployment
The Barracuda SSL VPN is typically deployed in the following configurations:
Direct Access DMZ Deployment – Behind the firewall, with direct access to all intranet resources.
Multilayer Firewall DMZ Deployment – In a DMZ between the external and internal firewall. Additional ports have to be opened on the
internal firewall to access internal resources.
Isolated Deployment – The Barracuda SSL VPN is reachable from the Internet. All resources connect via Server Agents which initiate
the connection from inside the networks. No ports have to be opened.