Cipafilter is proud to announce version 8.8 of our device firmware. Our major priorities for this version related to SSL decryption and authentication, two subjects on which we have received tremendous feedback from our customers. However, as always, improvements have been made in a number of areas.
SSL decryption by group and decryption exceptions
SSL decryption is the best — and sometimes only — way to filter the increasingly secure Web. However, many customers have found it to be a complicated investment. Cipafilter 8.8 improves the flexibility and ease of deployment of SSL decryption in two related ways: First, it is now possible to apply SSL decryption on a per-group basis. This allows organizations to selectively exempt particular groups (such as teachers or application servers) from decryption. In addition, decryption can be applied or exempted for each group on a per Web site basis, allowing you to decrypt only what you want.
Multiple authentication directory services
Previous firmware versions supported only a single authentication directory service, which could be a limitation for larger and more complex environments. With Cipafilter 8.8, we now support any number of authentication back-ends. User log-in attempts will be passed to each service in turn until either one succeeds or they all fail. We continue to support all of the back-end options from previous firmware: Microsoft Active Directory, Apple Open Directory, Novell eDirectory, Google OAuth, and Cipafilter User Manager.
Integration with wireless devices via RADIUS accounting
With the new E-Rate focus on wireless systems, we have added the ability for Cipafilter to integrate with wireless APs such as those provided by Ruckus and Aruba. Cipafilter can be configured to receive authentication events from supported APs via RADIUS accounting, providing a seamless authentication experience for your wireless users.
Context-sensitive games detection (beta)
Some of the most common customer feedback we receive relates to students being able to access browser games and related Web sites, which are difficult to block with blacklists as new ones appear daily. In Cipafilter 8.8, we have extended the same technology we use for pornography detection to also detect games. This feature greatly increases the accuracy of games blocking, nearly eliminating this source of distraction and wasted bandwidth from your network. The games detection technology is currently considered a beta feature, as we are continuing to refine our algorithm, but we are making it available to customers today in order to address this widespread issue.
Customer SSH access
As a managed product, Cipafilter's goal is to provide all necessary administration tools via the Web management interface. However, some customers, particularly larger ones, may have more advanced needs — in Cipafilter 8.8, SSH access is now available for those customers.
Cipafilter 8.8 is faster than ever, with performance and reliability enhanced across the board — particularly in the areas of logging and reporting.
- Improved Status page
- Improved DHCP Server page
- Improved Authentication Tools page
- Customer contract details shown on the Web management interface
- New customization options for the filter reject page
- Buttons for auto-populating and testing authentication settings
- Validation of list entries on the Group Permissions page
- Client host names listed in e-mail reports and notifications
- Captive portal applies the correct fall-back group in all cases
- General feedback and usability improvements on the Web management interface
Request an upgrade
Due to the expected high volume of requests, we will be rolling out upgrades in waves to ensure that everything goes as smoothly as possible. Contact Cipafilter Support today to request a firmware upgrade date and take advantage of these new features.