Upgrade your XYGATE Software!
You regularly upgrade your software, right? (wink) Around the same time every year, we at XYPRO notice an increase in upgrade-related questions coming into our technical support group. The good news about that is it is an indication that our clients have a plan to upgrade at least annually and that is great news! Planning by setting aside time is important. It is also important to prepare in advance and XYPRO would like to help.
Everyone should periodically review installed versions of the XYGATE modules running in production. XYPRO is strongly committed to its ongoing and evolutionary process of software development and improvement.
XYPRO releases software updates for many reasons: to address security vulnerabilities, patches, fixes, architecture improvements, general security improvements and new features. If you receive your software support directly from XYPRO, you can upgrade your entire XYGATE suite in one easy session by using XYGATE Master Installer (XMI) or update each component individually through manual procedures that are documented step-by-step in each XYGATE reference manual.
If you are a XYGATE customer via HPE, you will need to obtain this new release from HPE. The SOFTDOC will be available through SCOUT, the Reference Manual will be available through HPE’s documentation site. Please contact your HPE representative for more information.
XYPRO is committed to protecting our customers’ NonStop systems. Information about security vulnerabilities and how they have been addressed (by XYGATE module) can be found here:
Some of the security updates made available in the XYGATE suite include:
POODLE and POODLE (2)
- Padding checks have been added to XYGATETR (v1.85) to prevent against CVE-2014-8730 (POODLE 2) which is similar to the POODLE attack on SSLv3.
- Due to the security implications of the POODLE vulnerability (CVE-2014-3566) we’ve disabled usage of SSL v3.0 in XYGATEUA (v1.95) and XYGATETR (v1.85).
Deprecation of weak CIPHERS and TLS 1.2 Support
- Added support of new cipher suites that are available in TLS 1.2 and the deprecation of weaker cipher suites in our host products that support SSL encryption, such as XYGATEHE (v 3.10) and XYGATETR (v1.85). For additional details check with our XYPRO Support team.
- Host SSL products against CVE-2014-0224, which could allow a man-in-the-middle attack.
- XYGATETR (v 1.85) now rejects an out-of-order ChangeCipherSpec (CCS) message with an “unexpected_message” alert.
- XYGATETR (v1.85) will now reject weak ciphers to protect systems against the CVE-2015-0204 (FREAK) vulnerability.
- XYGATEHE 3.10 now audits the established TLS parameters for FTP client proxy mode.
Other XYGATE Software Updates:
- A New keyword, PAN_MASK, is introduced in this release to mask PAN data in the XAC audit log and the monitor file.
- Modified to use a HASH value instead of mask for sensitive data
- OpenSSL upgraded to 1.0.1r
- Discontinued support of SHA-1 cipher suites.
- XHE has been changed to generate the 2048-bit key certificates using the SHA-2 hashing algorithm.
- Auto-generated Password selection added
- Added support of new cipher suites available in TLS 1.2
The best way to prepare for an upgrade is to plan ahead.
- Check the current shipping version
- Refer to softdocs for dependencies
- Make sure you have the latest documentation available
- Verify your XYPRO.com account and profile
- Sign up for product notifications
- Check the Customer Portal
XYPRO’s Customer Support Portal – the Fastest Way to the Information You Want!
From opening and managing cases, to browsing knowledgebase articles, to obtaining software and documentation updates, the portal is geared to empower you, our customer, with the very same tools our own agents use to answer your support questions.
For easy visibility to your XYPRO Support cases please log into our Customer Care Center .
- Create, update, and track your own support cases on demand.
• Save time by tracking and reporting on all your support cases; current and past.
• The Knowledgebase offers technical tips and solutions, 24 hours a day 7 days a week.
Going to Boot Camp?
If you’re going to the HPE Technical Bootcamp 2016, please come visit the XYPRO Booth and ask for me if you would like to discuss XYGATE product upgrades or any other Support related issues.
Upgrading Your Own Software? We’d Love to Help!
As specialists in HPE Integrity NonStop server software since 1983, XYPRO provides the tools to achieve security compliance in a NonStop environment. XYPRO also has an experienced Professional Services group whose mission is not only to service the XYPRO suite of products, but to make security administration as painless, efficient and robust as possible. From project management for our products and services to training and support, our aim is to ensure your operational readiness and improve your security profile. Partnering with XYPRO Professional Services guarantees the products are effective, efficient and fully implemented.
Do you have any questions? Please visit the Customer Support Portal or submit them via email to firstname.lastname@example.org.
To login to our Customer Support Portal preform the following steps:
Login or Register for your XYPRO account using our Customer Care Center
Once you have successfully logged into the Customer Care Center you will be taken to a welcome screen, on the left hand side you will see a blue button for Customer Portal, your login credentials will be required again to gain access to the Portal.
Email email@example.com for any further assistance.