Release Notes R&SWeb Application Firewall 6.5.5 (EN) - Rohde & Schwarz

 
Release Notes R&SWeb Application Firewall 6.5.5 (EN) - Rohde & Schwarz
Release Notes
R&S®Web Application Firewall 6.5.5 (EN)

© 2020 Rohde & Schwarz GmbH & Co. KG
Rohde & Schwarz Cybersecurity SAS
Parc Tertiaire de Meudon
9-11 Rue Jeanne Braconnier
92366 Meudon
FRANCE
TEL: +33 1 46 20 96 00
FAX: +33 1 46 20 96 02
E-mail: info-fr.cybersecurity@rohde-schwarz.com
Internet: http://www.rohde-schwarz.com/cybersecurity
R&S® is a registered trademark of Rohde & Schwarz GmbH & Co. KG. Trade names are trademarks of the owners.
Release Notes R&SWeb Application Firewall 6.5.5 (EN) - Rohde & Schwarz
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

Table of Contents
1 Major Enhancements ........................................................................................................................... 4
1     Cloud Automation for Google Cloud Platform ........................................................................................................ 4
2     System improvement and optimization.................................................................................................................. 4
3     JSON API Response time ...................................................................................................................................... 5
4     Workflow enhancement ......................................................................................................................................... 5
1        External Redis datastore.................................................................................................................................... 5
2        DataStore Redis command ................................................................................................................................ 6

2 Minor Enhancement ............................................................................................................................. 8
1     Ability to choose a static scoringlist ...................................................................................................................... 8
2     User scoring computation node provides user score result.................................................................................... 8
3     Security exceptions view improvement.................................................................................................................. 8
4     System improvements........................................................................................................................................... 9
1        SSH connection cryptography changes ............................................................................................................. 9
2        Components upgrade ........................................................................................................................................ 9
5     JSON API New endpoints ...................................................................................................................................... 9
1        Management of Certificates Bundles................................................................................................................. 9
6     Behavior changes................................................................................................................................................ 10

3 Bug Fixes.............................................................................................................................................11
4 Known Issues......................................................................................................................................13
1     Security............................................................................................................................................................... 13
2     Sitemap............................................................................................................................................................... 13
3     WAM ................................................................................................................................................................... 13
4     Migration from rWeb ........................................................................................................................................... 14
5     Monitoring........................................................................................................................................................... 14
6     Configuration ...................................................................................................................................................... 14

5 Appendix .............................................................................................................................................15
1     Installation and Update........................................................................................................................................ 15
1        Notes before update........................................................................................................................................ 15
2        Kibana customization ...................................................................................................................................... 15
3        Configuration Backup ...................................................................................................................................... 15
4        Installation procedure...................................................................................................................................... 15
5        Update procedure............................................................................................................................................ 16
6        Uninstall procedure ......................................................................................................................................... 17

                                                                                                                                                                              2
Release Notes R&SWeb Application Firewall 6.5.5 (EN) - Rohde & Schwarz
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

This document details changes introduced by the 6.5.5 version for the R&S®Web Application Firewall.
This is an update of the 6.5 LTS version (Long Term Support).
Revision number: 37be352-b13898
Release date: 18 February 2020
For more information about LTS/LVS concept, please read the page: Product Life Cycle1

1 https://my.appsec.rohde-schwarz.com/cycle-produits.php

                                                                                                      3
Release Notes R&SWeb Application Firewall 6.5.5 (EN) - Rohde & Schwarz
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

1 Major Enhancements

1 Cloud Automation For Google Cloud Platform
Following the integration with Amazon Web Services2 (6.5.3) and Microsoft Azure3 (6.5.4), this release adds Google
Cloud Platform4 compatibility. It enables accelerated WAF deployment via Terraform template whereby new instances
of R&S®Web Application Firewall are automatically created as and when required. R&S®Web Application Firewall
automatically scales with the size of the workloads in the GCP: it scales up to handle peaks of traffic, and back down
when traffic returns back to normal. The user can benefit from virtually unlimited scalability without realizing the extra
work.
This feature translates to the new capability to mix license types: "Bring Your Own Licenses" (BYOL) available
permanently to handle the usual traffic demand and "Pay-as-you-go" (PAYG) instances created by GCP virtual machines
to handle peak loads. It guarantees the most cost-effective solution as new WAF instances are launched automatically
only when they are needed but are also terminated when they are not. To avoid exceeding the defined budget by auto-
scaling cloud WAF instances, the administrator is able to limit the maximum spend by defining a threshold.

See documentation5

2 System Improvement And Optimization
Our engineers have optimized the way that the R&S®Web Application Firewall version 6.5.5 write/handle/build and
replicate configuration files into a cluster. The result, you will gain time when Applying new configuration. This time
improvement depends of your configuration (Reverse proxies and/or the number of applications, the use of XML Bundles
or certificates Bundles, the number of workflows, how many metrics are enabled, etc.). The best-case scenario provides
an Apply time reduction of up to 70%.
Going forward the performances optimization will be integrated into each release.

Below are current examples of different configurations in R&S®Web Application Firewall version 6.5.5.

                                                                                         %decrease          %decrease
                                                  5.5.15(s)    6.5.4(s)     6.5.5(s)     5.5.15             6.5.4
 Empty configuration + apply all (restart)        33           51           45           -36%               6%

 First apply all #1 (restart)                     481          313          110          77%                65%

 Apply all #2 (restart)                           480          435          123          74%                72%

 Apply all #3 (reload)                            420          370          109          74%                70%

 1 RP + 48 tunnels (restart)                      72           75           30           58%                60%

2 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Amazon+Web+Services
3 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Microsoft+Azure
4 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Google+Cloud+Platform
5 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Google+Cloud+Platform

  Major enhancements
                                                                                                                             4
Release Notes R&SWeb Application Firewall 6.5.5 (EN) - Rohde & Schwarz
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

                                                                                        %decrease          %decrease
                                                 5.5.15(s)      6.5.4(s)     6.5.5(s)   5.5.15             6.5.4
 1 RP + 48 tunnels (reload)                      72             74           28         61%                62%

 1 RP + 1 tunnel SSL with PKI (restart)          70             82           30         57%                63%

 1 RP + 1 tunnel SSL with PKI (reload)           67             85           27         59%                68%

 1 RP + 1 tunnel SSL without PKI (restart)       78             101          29         63%                71%

 1 RP + 1 tunnel SSL without PKI (reload)        78             95           29         63%                69%

 1 RP + 1 tunnel HTTP (restart)                  67             86           29         56%                66%

 1 RP + 1 tunnel HTTP (reload)                   68             87           27         60%                69%

 125 RP + 1167 tunnels SSL with and without      402            339          87         78%                74%
 PKI (restart)

 125 RP + 1167 tunnels SSL with and without      347            294          91         73%                69%
 PKI (reload)

 103 RP + 838 tunnels HTTP (restart)             331            275          86         74%                69%

 103 RP + 838 tunnels HTTP (reload)              300            233          76         74%                67%

Because all configurations are different, we hope you will benefit from a significant improvement on your product. If not,
we suggest you to send us your configuration for an analysis to continue to find optimization paths.

3 JSON API Response Time
We have received some feedback regarding the response time of the JSON API. We have taken into account the fact that
this API response could be long depending on your configuration. To continue the work made on the core product, the
R&S®Web Application Firewall version 6.5.5 JSON API has been refactored to improve the response time. A part of this
improvement is due to the Core optimization, but the API design has been improved as well. Below is an example on the
most complete endpoint (number of sub requests linked to the tunnels to print) GET /tunnels.

                                                             6.5.4(s)      6.5.5(s)       % decrease
 GET /wafapi/tunnels                                         14.015        7.049          49,7%
 1 reverse Proxy + 800 tunnels

4 Workflow Enhancement

1 External Redis datastore
The R&S®Web Application Firewall version 6.5.5 allows you to create a new datastore type: External Redis.
You will be able to define your external server Redis to handle data inside your workflows.

  Major enhancements
                                                                                                                        5
Release Notes R&SWeb Application Firewall 6.5.5 (EN) - Rohde & Schwarz
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

See documentation6

2 DataStore Redis command
This node complete the "External Redis Datastore". You will be able to use the existing nodes "DataStore GET7" and
"DataStore SET8" and now this new node "DataStore Redis Command9" which allow you to write custom Redis
commands that you can forge with the workflow attributes.

This feature allows you to share data between all yours boxes or clusters or products. We think that this is a powerful
new way to develop advanced features or real time mechanisms into your workflows. Keeping in mind that this is a
developer –oriented functionality, you have to be aware how it will forge your Redis commands to prevent any injections.
You can complete this feature by using the existing SHM datastore to create a local cache mechanism if needed.

6 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Redis+datastore
7 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Datastore+Get
8 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Datastore+Set
9 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Datastore+Redis+Command

  Major enhancements
                                                                                                                      6
Release Notes R&SWeb Application Firewall 6.5.5 (EN) - Rohde & Schwarz
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

Furthermore, Redis has been designed for use within a trusted private network, and does not support SSL encrypted
connections (https://redis.io/topics/security).

      Some Redis command can block the workflow this is why some of them are forbidden, you will be warned in
       the node or during runtime apply.
       Please consult the documentation page before trying this node.

See documentation10

10 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Datastore+Redis+Command

  Major enhancements
                                                                                                                    7
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

2 Minor Enhancement

1 Ability To Choose A Static Scoringlist
The R&S®Web Application Firewall version 6.5.5 provides a new default static scoring list. To allow users to update their
configuration to the newest static scoring list, we have implemented a static list selector. It will become easier to update
your configuration.
See documentation Scoringlist Update11 and See documentation Scoringlist Configuration12.

2 User Scoring Computation Node Provides User Score Result
We return the result of the computation in the workflow to allow the user to create a conditional decision node on the
value of this score to reinforce if needed some endpoints or add incremental security checks.
The default parameter name is "usersec.score" but you can customize it directly in the node.

See documentation13

3 Security Exceptions View Improvement
Columns displayed are now the name, the hostname, the path and the description.
Exception name have been reduced, it is now the event reason (no more hostname in the name)
Cosmetic improvement: disabled rules are now in grey.
See documentation14

11 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Static+Scoringlist+update
12 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Scoringlist+Configurations
13 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/User+Scoring+Computation
14 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Security+Exception+Configurations

  Minor enhancement
                                                                                                                          8
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

4 System Improvements

1 SSH connection cryptography changes
We decided to enhance SSH connection to the WAF by authorizing only strong key algorithms and ciphers. You may
encounter connection issues if you are using non-up-to-date SSH tools.

2 Components upgrade
    • Update Apache httpd to 2.4.41
    • Upgrade libpcre to 8.43 from 8.32 (system)
    • Update NodeJS to 8.16.2 from 8.16.1

5 JSON API New Endpoints

   Warning: we have fixed two parameter's names which are now using the camelcase nomenclature.
      The old parameters name will be compatible until the 6.5.7 version, but then removed. Please verify
      your scripts and change the parameter's name as described below:
      reverseproxy (deprecated)-> reverseProxy (new)
      enableAia (deprecated) -> enableAIA (new)

1 Management of Certificates Bundles
          /certificatesbundles/ (GET/POST/PATH/PUT/DELETE)
          Get one or more certificates bundles informations, create a new bundle, update the bundle name, or delete
          your certificate bundle
          /certificatesbundles/ca (GET/POST/DELETE)
          Get one or more certificate authority, upload a new one or delete an existing one in the certificate bundle
          /certificatesbundles/ca/export/ (GET)
          Download a certificate authority file
          /certificatesbundles/crl (GET/POST/DELETE)
          Get one or more Certificate Revocation List, upload a new one or delete an existing one in the certificate
          bundle
          /certificatesbundles/crl/export (GET)
          Download a certificate Revocation List file
          /certificatesbundles/ocsp (GET/POST/DELETE)
          Get one or more Certificate OCSP, upload a new one or delete an existing one in the certificate bundle
          /certificatesbundles/ocsp/export (GET)
          Download a certificate OCSP file

  Minor enhancement
                                                                                                                        9
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

6 Behavior Changes

  
      Matches regexp in decision workflow node
      Before R&S®Web Application Firewall 6.5.5, when using "matches regexp" condition in the decision, the regexp
      had to match until this end of value string otherwise it will not match the value.
      Example:
           • regexp 'abc' will not match 'abcd' value
           • regexp 'abcd' or 'abc.*' will match 'abcd' value
      We decide to remove this behavior to avoid misunderstanding when regexp are valid (and tested with regexp
      tester tools). In version 6.5.5, the behavior will now be:
           • regexp 'abc' will match 'abcd' value
           • regexp 'abcd' or 'abc.*' will match 'abcd' value

                                                                                                                     10
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

3 Bug Fixes
Bug criticality indicators:

   : Serious,    : Moderate or with workaround,        : Low or cosmetic.

 Priorit
 y         Issue key          Summary
           WAF-2086           Apply blocked when adding IP to bonded VLAN

           WAF-2191           Apply network failure with HA Active Active

           WAF-1640           Cannot apply a Tunnel using an imported certificate with option "Enable Password Encryption"

           WAF-2051           Backup restoration failure when XML Bundle contains hidden files

           WAF-2147           CRL automatic update does not apply tunnels and lead to expired CRL

           WAF-1910           Primary IP address cannot be defined on more than one IP range on the same interface

           WAF-2032           Apply fails when a subWorkflow use a "Datastore" parameter

           WAF-2041           Bot Mitigation dashboard: error while loading details of "Logs by Bot Mitigation configuration"

           WAF-2420           High Availability AA/AP - VIPs are not mounted on bonding + VLAN environment

           WAF-2409           High Availability AA/AP - configuration file is not updated when all tunnels are disabled in a
                              reverse proxy

           WAF-2247           High Availability AA: Incomplete balancer configuration on secondary tunnels

           WAF-2009           High availability AP - invalid metrics status

           WAF-2045           High Availability AA - no realserver isolation per box

           WAF-2341           WAM Cookies are not retrieved when the PreAuthRequest answers 401

           WAF-1782           API keys doesn't map users roles

           WAF-2074           Elasticsearch is launch with 2GB memory when management box has more than 100Gb
                              memory

           WAF-1921           HTTP/2: server header from response cannot be removed

           WAF-2459           Non PCIDSS compliant TLS protocol (TLS V1.0) allowed on Administration port

           WAF-2478           Dependency Wizard button doesn't work for backup restoration

           WAF-1842           Kibana visualizations based on integer ranges are not working

           WAF-1860           Kibana: performance average metrics values are wrong

  Bug fixes
                                                                                                                               11
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

 Priorit
 y         Issue key   Summary
           WAF-2131    Managed-specific or management-specific metrics desactivation does not work anymore

           WAF-1543    Security Exception "Resolve" can block the GUI if the rule name is too long

           WAF-1907    WAF can be banned from the remote MYSQL server due to error requests

           WAF-1975    "Default Policy" & "Default Policy (strict)" are in Legacy resolve mode

           WAF-1410    Apply date never updated on non active objects (RP/Tunnels)

           WAF-543     Backend response time higher than Total response time because of multipart form-data
                       requests with chuncks

           WAF-2240    Custom GUI certificate is not updated after change twice

           WAF-2494    Matched exception rule details are not displayed anymore in Security logs

           WAF-2034    Dependences between URL mappings and load balancers are not represented

           WAF-2062    Elasticsearch field values are no more searchable (partKeyMatch, partValueMatch)

           WAF-2027    Monitoring needs an apply to activate analytics

           WAF-2140    OCSP verification wants to be done even if disabled

           WAF-2132    Regexp in decision node has to match until the end of string

           WAF-2223    Remote file systems passwords are not restored

           WAF-2217    Restoring a sitemap with a name that already exists breaks the restore process

           WAF-2177    Scheduled task backup set to 0 on maximum backup creates no backup file

           WAF-1345    Sitemap Validation event does not contain sitemap configuration name or uid

           WAF-2413    Tunnel monitoring options are not filled when using wizard

           WAF-1109    Workflow node forms keep values of disabled voluminous textarea fields

           WAF-2030    Kibana "R&S - Application Monitoring" dashboard displays an error when no security logs

           WAF-1731    SWF User Tracking - Score computation From ICX doesn't increase the score when no attacks

  Bug fixes
                                                                                                                 12
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

4 Known Issues

1 Security
 Issue key       Summary

 WAF-184         Security exception doesn't work if there is no workflow context condition

 WAF-694         BWSESSID cookie allows extra characters at the end of the value

 WAF-707         ICX does not ignore attachments or some application/* content-types

 WAF-1400        JSON error on replay when custom pattern is added to exception

 WAF-1830        Resolve of sitemap validation's events from security logs doesn't work as expected

2 Sitemap
 Issue key       Summary

 WAF-1620        Data types are not updated when you import new swagger file in sitemap

 WAF-2006        Allow to use regexp in the "Name" parameter settings of a sitemap

3 WAM
 Issue key       Summary

 WAF-503         WAM: some hashes don't work for SMS gateway

 WAF-706         SAML Pack: NotBefore/NotAfter malfunction

 WAF-715         WAM Application Access with NTLMv2 strips Proxy-Authorization

 WAF-1113        Cannot connect LDAPS active directory with LDAP nodes

 WAF-1139        Connected users view is not refreshed as expected

 WAF-1436        Data Sign fails reading key for Signature

 WAF-1681        Parsing failed with one special character in the Internal Store / Credentials / Password

  Known issues
                                                                                                            13
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

4 Migration From RWeb
 Issue key       Summary

 WAF-624         EAccessUriTrans multipart-form-data & auto-file-upload are not available in Blacklist engine

5 Monitoring
 Issue key       Summary

 WAF-1273        Metrics 'monitored', 'graphed', 'consolidated' attributes are not backed-up/restored

 WAF-1290        Scheduled task: Report generation inconsistency between timeframe and execution frequency

6 Configuration
 Issue key       Summary

 WAF-401         Security Exception Rules edition: In "Workflow Context", the value disappears when typing text into
                 the value field and changing to "matches regexp"

 WAF-522         Workflow revalidation issue with invalid subworkflows

 WAF-637         WAF allows secure cookie through clear communication channel

 WAF-1165        MAC address is not updated on network card replacement

 WAF-1174        Second load balancer member is lost after importing load balancer configuration

 WAF-1175        BWROUTEID not automatically set when importing LB with auto route option

 WAF-1434        Scheduling task for exporting and deleting security log can consume too much memory in extreme
                 conditions and end up being interrupted by the system

 WAF-1622        Security logs: error during import on large file

 WAF-1640        Cannot apply a Tunnel using an imported certificate with option "Enable Password Encryption"

 WAF-1682        WAM: inconsistent error message when trying to modify an internal datastore replicate

 WAF-1927        Backuped Remote filesystem cannot be removed from configuration (Internal Error on GUI)

  Known issues
                                                                                                                       14
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

5 Appendix

1 Installation And Update

1 Notes before update
Migrating to R&S®Web Application Firewall

If you have chosen to migrate from i-Suite 5.5 or rWeb to R&S®Web Application Firewall 6.5, we invite you to read the
Migration to R&S®Web Application Firewall15 section, especially the Behavior change16 part that can require manual
modification.
Read previous release notes
If the update jumps more than one version (6.5.0 to 6.5.4 for example), we recommend you to read previous release
notes to see changes.
For more details see: R&S®Web Application Firewall Release notes17

2 Kibana customization
Custom dashboards, visualization and searches in Kibana have to be exported before the upgrade. As we improve
dashboards and visualizations through versions, the entire Kibana configuration is erased by the new version after the
upgrade.
Configuration can be exported in the Management > Saved Objects menu. Exported configurations can be restored after
the upgrade. For more details see Logs visualization with Kibana18.

3 Configuration Backup
Before installing this version, backup any work that is in progress. Go to Management > Backups panel and backup all the
configurations then download the backup file.
In case of a virtualization environment, you may also stop the virtual appliance and create a backup (snapshot) of your
appliances.

4 Installation procedure
For new users, we recommend to read our Get started19 guide to install the product.
Follow the steps hereunder to install this version of R&S®Web Application Firewall:
    1. Download The ISO File And The Administration Interface From The Customer Area At: https://my.appsec.rohde-
       schwarz.com/
    2. Install The Product On An Appliance, Virtual Machine Or In A Cloud Provider. The Installation Is Described In The I
       nstalling from ISO20 Page

15 https://documentation.appsec.rohde-schwarz.com/pages/viewpage.action?pageId=17273165
16 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Behavior+change
17 https://documentation.appsec.rohde-schwarz.com/pages/viewpage.action?pageId=4028652
18 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Logs+visualization+with+Kibana
19 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Get+started
20 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Installing+the+WAF+from+the+ISO

  Appendix
                                                                                                                        15
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

   3. Log Into The TUI (Text User Interface) And Set The Role: Management Or Managed (For More Details See The
      Initializing the Management and Managed mode21 Page)
   4. Repeat Stages 2 And 3 For Each Managed Appliance, If There Are Any
   5. Install And Connect To The Administration Interface (For More Details See The Installing the Administration
      Interface22 Page)
      It Will Be Asked To Temporary Or Permanently Accept The Certificate From The Management Appliance (For
      More Details See The Connection certificates23 Page)
   6. If There Are Any, Add Managed Appliances To The Cluster. Go To Setup > Boxes > Add
   7. Create Request On https://my.appsec.rohde-schwarz.com/ To Retrieve The License. The Serial Number (Service
      Tag) Of The Appliance Will Be Needed (It Can Be Found In Setup > Boxes > Licenses, Select A Box And Click View).
      For More Details, See The Request and assign a WAF license24 Page
   8. Upload License(S) In The Setup > Boxes > Licenses Panel
   9. Perform An Apply Of All Configurations To Verify That All Boxes Are Responding Well
  10. If any backup from 5.x or 6.x, you can restore them in the Management > Backups panel
  11. Then perform an apply (with Cold Restart selected) on all the configurations

5 Update procedure
The following steps describe how to update the product from a version 6.5.X (inferior to the new version) by using the
RSE system.
System requirements: The cluster has to be in 6.5.0 version or upper. To update in the 6.5.0 version, see Release Notes
6.5.025.

   Warning, an interruption of service will occurred. The selected Box will reboot.
       If the update is done on a 6.5.0 version, WAF administrators and dashell user will have to update
       their password on the first connection. We highly recommend to perform this step for each user.

      Automatic snapshot
       A snapshot of the configuration is automatically created before the upgrade.

    1. Download The RSE File And The Administration Interface From Your Customer Area At: https://my.appsec.rohde-
       schwarz.com/
    2. Install The New Administration Interface And Connect To The Product (For More Details See The Installing the
       Administration Interface26 Page)
    3. Go To Management > Backups Panel And Backup All The Configurations Then Download The Backup File. In
       Case Of A Virtualization Environment, You May Also Stop The Virtual Appliance And Create A Backup (Snapshot)
       Of Your Appliances
    4. Optional. Go To Management > Snapshots And Add A Manual Snapshot Corresponding To The Current Cluster
       Configuration Then Download The Snapshot File
    5. Go To Management > System Updates And Upload The RSE File
    6. Select The Management Box And Click Install
       The Management Box Must Be Updated First, Before Updating Managed Boxes
    7. Read and confirm the readme
    8. The installation process will automatically restart the Box and the user will be disconnected from the
       administration interface
    9. Wait for the Box to restart

21 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/
  Initializing+the+Management+and+Managed+mode
22 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Installing+the+Administration+Interface
23 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Connection+certificates
24 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Request+and+assign+a+WAF+license
25 https://documentation.appsec.rohde-schwarz.com/display/WAF650EN/Release+Notes+6.5.0
26 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Installing+the+Administration+Interface

  Appendix
                                                                                                                         16
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

   10. (Only For Upgrades From R&S®Web Application Firewall 6.5.0) Reconnect On GUI And TUI Then Change The
       Password To Match New Password Policy. It Is Recommended To Also Change The TUI Password For Dashell
       User At This Time.
   11. Repeat stages 5, 6, 7 and 8 for each managed Box, if any
   12. Perform an Apply (with Cold Restart selected) on all the configurations
At the next connection after the update, it will be asked to temporary or permanently accept the certificate from the
Management appliance (for more details see the Connection certificates27 page)

6 Uninstall procedure
In order to roll-back to the previous installed version:
     1. Go To Management > System Updates

    2. Start by uninstalling Managed boxes. Select a managed Box and click Uninstall. The Box will reboot
       automatically.

           Warning, an interruption of service will occur. The selected Box will reboot.
    3. Repeat Stage 2 For All Managed Boxes Of The Cluster.
    4. Below 6.5.1 version: while uninstalling a Managed box to a version below 6.5.1, SSL certificates between
       Management and Managed won't be recognized any more and you will have to use the functionality "Setup >
       Global Settings > Disable SSL check peer" to allow to the synchronization of Managed box version on the

27 https://documentation.appsec.rohde-schwarz.com/display/WAF655EN/Connection+certificates

  Appendix
                                                                                                                        17
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

      Management box (this make take up to one minute).

   5. Repeat stage 2 for the Management Box. You may have to refresh the System Updates View after uninstalling
      managed boxes.

          The uninstall process will automatically restart the Box and the user will be disconnected
             from the administration interface

   6. Wait for the Box to restart then log into the Management Box with the administration interface corresponding to
      the version.

  Appendix
                                                                                                                   18
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

   7. Restore The Latest Snapshot Or Backup Corresponding To The Version.

  Appendix
                                                                            19
R&S®Web Application Firewall 6.5.5 (EN) – Release Notes

    8. Perform An Apply (With Cold Restart Selected) On All The Configurations

You can also restore previous snapshots in case of a virtualization environment.

   Administration password
       The new user password is still needed after uninstalling the RSE. The old password is set back only
       after restoring the snapshot done before the upgrade and performing an Apply of the cluster.

  Appendix
                                                                                                             20
About Rohde & Schwarz Cybersecurity
 Rohde & Schwarz Cybersecurity is a leading IT security company that protects digital assets of companies and
 public institutions around the world against cyberattacks. The IT security expert provides innovative data
 protection solutions for cloud environments, advanced security for websites, web applications and web services
 as well as network encryption, desktop and mobile security. To prevent cyberattacks proactively, the trusted
 security solutions are developed according to the security-by-design approach.

About Rohde & Schwarz
 Rohde & Schwarz is a leading supplier of solutions in the fields of test and measurement, broadcast and media,
 aerospace | defense | security and networks and cybersecurity. The technology group's innovative
 communications, information and security products help industry and government customers ensure a safer and
 connected world. On June 30, 2019, Rohde & Schwarz had about 12,100 employees. The independent group
 achieved a net revenue of EUR 2.14 billion in the 2018/2019 fiscal year (July to June). The company is
 headquartered in Munich, Germany, and has subsidiaries in more than 70 countries, with regional hubs in Asia
 and America.

 R&S® is a registered trademark of Rohde & Schwarz GmbH & Co.KG.

 Appendix
                                                                                                                  21
Germany                                                            France
Rohde & Schwarz Cybersecurity GmbH                                 Rohde & Schwarz Cybersecurity SAS
Mühldorfstraße 15                                                  Parc Tertiaire de Meudon
81671 München                                                      9-11 Rue Jeanne Braconnier
                                                                   92366 Meudon

TEL: +49(0)30 65 884 – 222                                         TEL: +33 1 46 20 96 00
FAX: +49(0)30 65 884 – 223                                         FAX: +33 1 46 20 96 02

Contact: info-fr.cybersecurity@rohde-schwarz.com
https://www.rohde-schwarz.com/cybersecurity

                               Release Notes - Copyright 2020 by Rohde & Schwarz GmbH & Co. KG. All Rights Reserved.
               R&S® is a registered trademark of Rohde & Schwarz GmbH & Co. KG. Trade names are trademarks of the owners.
You can also read