Word To Enterprises… Update Your Security Kit Regularly

Often times when I come to a company it is to bolster, revamp or help them re-evaluate their web security posture, with a focus on data exfiltration investigations and outbound web proxy is a great place to start. 90% of the time, when I finally gain access to the management console, I am greeted by an appalling SGOS 5.4 or 5.5 header across the top… This is sad because those versions of code were released 4-5 years ago, and have since been replaced by a much much richer SGOS code, with many more added features that companies should really be taking advantage of.

Reasons to upgrade to 5.5

1. Better ProxyAV Malware Threat handling
     works like WebFilter, but for Malware scanning policy so now we are
     getting a "best practices" malware policy constructed by bluecoat

2. VPM now includes a CPL Layer
     now you can see CPL within VPM and do not have to SSH to proxy)

Reasons to upgrade to 6.x

1. BlueCoats recommended long term release is 6.2
     Long Term Release (LTR): These releases are identified for customers who
     would like to qualify and remain with a release for an extended period of
     time. LTR’s are supported for a minimum of 3 years. Multiple releases have
     been designated as LTR – details are available here. The ones listed on
     the table above are recommended on a specific platform.

2. Enhanced controls for Application Control
     Allows granular control of certain applications and how they function
     Think Facebook uploading pictures, posting, etc... --> http://www.bluecoat.com/application-and-operation-controls

3. 6.x is a 64 bit OS and uses the CPU architecture of the device to its fullest.
     The following ProxySG appliance platforms can be upgraded to SGOS 6.x:
      32-bit platforms: SG210 (except for 210-5) and SG510
      64-bit platforms: SG300, SG600, SG810, SG900, SG8100, and SG9000

It is much easier to upgrade incrementally vs doing one forklift upgrade every few years. The latter option normally comes with its fair share of business continuity impacting issues, that are not taken lightly by Sr. Mgmt. So please, please, please – just upgrade your kit. Put together an upgrade procedures document, list out how long you wait after a revision/patch/release to upgrade, and adhere to this update schedule – as updated by vendor, of course.