New in ZXTM 4.2

ZXTM 4.2 was released on July 5th 2007. This article describes some of the more important new features and improvements in this release.

Forward Proxy Mode

With Forward Proxy Mode, you can use ZXTM's inspection, rewriting and traffic management features on traffic outbound to the Internet (or any other network), instead of inbound to known servers.

The simplest example is using ZXTM as an HTTP caching proxy at the edge of the corporate network (a replacement for Squid or other forward proxies). Not only can ZXTM then cache requests made by the companies users, but the administrator can use TrafficScript to enforce policies on those requests. For example, bandwidth management could be used to reserve bandwith for requests going to the company's head office application servers and critical external web services (such as outsourced web-based CRM systems).

ZXTM can also operate as a transparent forward proxy (for most protocols). In this configuration, outgoing traffic is routed through it, and protocols can selectively be chosen for inspection, routing and management. In this way access to certain external resources can be controlled, monitored and managed, using any of the tools available through TrafficScript.

Note that the forward proxy feature is not available in ZXTM LB.

Improved Content Caching

4.2 has seen several improvements to ZXTM's content caching feature. Performance on multi-CPU and multi-core servers has been significantly improved. The UI has been reworked to make browsing of the contents of the cache easier. A search facility allows particular sections of the cache to be reviewed easily, and parts of the cache (down to individual pages) can now be invalidated from the UI.

The SOAP API has also been extended to allow browsing, searching and cache invalidation to performed from external programs. This makes it straightforward to integrate ZXTM with a content management system (CMS), for example, so that when pages are updated in the CMS they are automatically dropped from ZXTM's cache.

Support for nCipher NetHSM

4.2 introduces support for the nCipher NetHSM, enabling secure, FIPS 140-2 level 3 compliant, storage for SSL keys as part of corporate Public Key Infrastructure (PKI). With this combined solution, SSL private keys are stored on the NetHSM, instead of the ZXTM server, ensuring they cannot be stolen even in the unlikely event that the ZXTM server is compromised. Using a NetHSM instead of a dedicated hardware security module has the advantage that you can also use it to securely manage other cryptographic keys, such as those for your encrypted filesystems.

Combining ZXTM with NetHSM will enable online retailers to demonstrate compliance with the Payment Card Industry Data Security Standard (PCI DSS).

J2EE Session Persistence

Customers wanting to use ZXTM in front of J2EE application servers such as JBoss, BEA Weblogic or IBM Websphere can enable session persistence with a per-virtual server tick box. This turns on both cookie-based and URL-rewriting persistence, and eliminates the need to manually set up TrafficScript rules to enable persistence.

System statistics available via Activity Graphs and SNMP

ZXTM now tracks a number of system statistics including CPU usage, memory usage, raw network bandwidth by network interface. These are available both in the activity graphs and via SNMP.

802.3ad Link Trunking/Aggregation/Bonding

Network interfaces on ZXTM appliances can now be bonded together, for high availability and increased bandwidth, using 802.3ad link aggregation. To enable this feature, since enter the same IP address for two or more network interfaces from the networking page. Note that the switch ports to which ZXTM is connected must be configured for 802.3ad aggregation.

More Details

These are just a few of the changes introduced in ZXTM 4.2. Please see the ZXTM 4.2 Release Notes for the exhaustive list of improvements and bug fixes, including SOAP API improvements, TrafficScript enhancements, support for the SSL acceleration capabilities of Sun's Niagara processors amongst others.

How to upgrade

See the release announcement for upgrade instructions.

Julian [Zeus Dev Team] 05 July 2007  Permalink  
Leave a comment ...
Your email address will not be displayed.
Your URL will be displayed.
This public messageboard is not a forum for technical support. To report technical support problems, please contact our dedicated Support team using the instructions at the bottom of this page.
Options:
 
(Line breaks become <br />)
(Set cookies for name, email & url)
Download Free ZXTM Desktop Edition

News and Articles

Other Resources



www.zeus.com

powered by
b2evolution
About this site. The ZXTM KnowledgeHub service is provided without warranty, and articles and comments may not reflect the views of Zeus Technology. For technical support queries, please contact Zeus Technical Support. Disclaimer and Privacy statement.