KEMP Technologies LoadMaster Firmware 7.1-34.1 VMware Download

Posted at April 24, 2024 by PCI-DB Team

KEMP Technologies LoadMaster Firmware 7.1-34.1 VMware Description

Devices:

- LM-Exchange, LM-2200, LM-2600

NOTE:

As of 7.1.34.1, the VMware vCenter Operations (vCOPs) v5 LoadMaster plugin is no longer being maintained because VMware have ended their support of vCOPs v.5.8.1.
Upgrading an existing LoadMaster for Amazon Web Services (AWS) from a pre-7.1.34 firmware version to 7.1.34 and above will not work. This issue is caused by AWS de-emphasizing and eventually deprecating support for Para Virtual (PV) images. Therefore, all new LoadMaster versions will now support Hardware Virtual Machine (HVM) AMIs only. For help upgrading please contact KEMP Technical Support. 

New Features:

- Improvements made to the home page of the LoadMaster Web User Interface (WUI)
Additions have been made to the WUI home page, including health widgets for the system and Web Application Firewall (WAF).
- Template creation capabilities have been added
It is now possible to export Virtual Services as templates which can then be uploaded and reused.
- Domain Name System Security Extensions (DNSSEC) client support has been added
The LoadMaster is now capable of performing DNSSEC queries.
- Microsoft Azure Resource Manager (ARM) deployment is now supported
It is now possible to deploy the LoadMaster in ARM mode.
- The LoadMaster for Amazon Web Services (AWS) now supports Bring Your Own License (BYOL)
It is now possible to download a Free Edition of the LoadMaster for AWS, and then update it with a different license.
- Support has been added for RADIUS challenge/response
The LoadMaster now supports RADIUS challenge/response authentication.

Feature Enhancements

- Enhanced the “Permitted Groups” functionality in the Edge Security Pack (ESP) to work with client certificates.
- RSA-SecurID and LDAP dual factor authentication is now supported.
- Two Virtual Service application configuration templates have been published:
a) Dell Wyse vWorkspace
b) Adobe Connect
- CIt is now possible to configure “non-standard” web server responses as healthy.
- CImprovements made to Common Access Card (CAC) WUI authentication.
- CCentral SSL cipher set management has been added to the WUI and API.
- CIt is now possible to delete custom GEO locations.
- CCCImproved Virtual Service WAF statistics to better reflect WAF health.
- CWhen SSOMGR debug traces are enabled, the SSOMGR log file now gets compressed at midnight, as long as the file is not empty.
- It is now possible to license the LoadMaster via a HTTP(S) proxy during installation.C
- Added support for virtIO disksC for KVM LoadMasters.
- CCExtended region support has been added for LoadMasters in AWS.
- Added a new L7 configuration option which allows empty headers.
- Added a PowerShell API command to add a SubVS.
- Added a parameter for Subnet Originating Requests to the Virtual Service API commands.
- Added PowerShell API commands relating to health check aggregation and configurable health thresholds.C
- PowerShell and Java API commands have been added for adding custom locations to FQDNsC.
- Improvements made to the PowerShell API in relation to Virtual Services and SubVSs.
- RCeplaced the API parameters tcpfailover and cookieupdate with hal4update and hal7update, respectively.
- Updated OpenSSL to version 1.0.2h to mitigate against the CVE-2016-2107 vulnerability.
- Mitigated against CVE-2015-5621 vulnerability.

Issues Resolved

PD-7035
Increased the length of the redirect URL field.

PD-6644
Changed the VLAN interface ID to the actual VLAN number.

PD-6921
LDAPS is now capable of running in FIPS mode.

PD-6570
Improved WAF stability.

PD-7083
Improved RADIUS health checks.

PD-7064
Fixed an issue relating to content rule removal.

PD-6950
Fixed an issue which was causing the administrative certificate to be lost after reboot.

PD-6936
Fixed a license error which was occurring after certain upgrades.

PD-6931
Fixed the historical statistics page on nodes in a cluster.

PD-6916
Fully removed support for SSHv1.

PD-6870
Improved failed login attempt threshold enforcement.

PD-6653
Improvements made to the WAF counter on the home page.

PD-6656
It is now possible to manipulate the host file from the LoadMaster by specifying the IP address and host FQDN for the entry.

PD-6468
Improved WAF performance.

PD-6412
Enhanced support for multi-domain forests within ESP.

PD-4666
Fixed error in SSO configuration logs regarding lost domain.

PD-7222
Enhanced WAF syslog support.

PD-6591
Improved Kerberos Constrained Delegation (KCD) service ticket handling.

PD-6549
Fixed an issue with deleting VLAN/VXLANs when in High Availability (HA) mode.

PD-6731
Fixed an issue which was causing the Real Server status to not display correctly when Enhanced Options was enabled.

PD-6657
Fixed an issue relating to Private/Public site preference with Proximity scheduling.

PD-6641
Fixed a display issue for sites using a built-in geographic location database.

PD-6626
Fixed geographic coordinate resolution of existing sites when switching to proximity selection.

PD-6607
Fixed an issue when using KCD OWA and file attachments with SharePoint and Exchange.

PD-6760
Enhanced the POST health check to handle special characters in the POSTDATA.

PD-6734
Improved synchronization with SharePoint One Drive when using ESP form-based authentication and KCD.

PD-6669
Fixed an issue with legacy licensing on the free Virtual LoadMaster.

PD-6548
Resolved an issue which was causing high CPU usage when additional services were added.

PD-6459
Fixed incorrect CPU statistics.

PD-6329
Added missing Java and PowerShell API commands relating to the Packet Routing Filter.

PD-6215
Added API commands to allow public IP addresses to be treated as private on GEO.

PD-6214
Added an API command to limit the number of concurrent logon sessions.

PD-6617
Added an API command which lists all installed certificates.

PD-6864
Added a parameter for Quality of Service to the API.

PD-6958
The System Center plugin can now reach the LoadMaster API.

PD-6928
Fixed an issue with the API command to enable non-local Real Servers.

PD-6365
Added a missing PowerShell API parameter value for “Username only” in the Set-SSODomain command.

PD-7067
Added an API parameter to set Basic Authentication.

PD-7049
Improved error handling for the ErrorUrl RESTful API parameter.

PD-7020
Fixed an API issue relating to using the Transparent parameter with the Sorry Server parameter.

PD-6978
Added the RSIndex parameter to the PowerShell and Java API.

PD-6860
Fixed error handling in the API for the alternate address parameter.

PD-6841
The API now correctly reflects the Virtual Service status.

PD-6602
Fixed the API response for the command to get the administrative certificate.

PD-6600
Improved an API display issue relating to the MatchRules section of Real Server output.

PD-6595
Improved error handling when disabling ACLControl via the API.

PD-6481
Fixed an API issue in the LoadMaster for Azure when adding/modifying Virtual Services.

PD-6213
Cipher set management added to the Java API.

PD-6195
Added PowerShell and Java API commands relating to managing the black and white list.

PD-6846
Added the VSIndex parameter to the Set-VirtualService command in the PowerShell API.

PD-6843
Fixed an issue with the Get-NetworkOptions PowerShell API command.

PD-6655
Improved error handling for the API list commands.

PD-6601
Improved the HTTP status code in the RESTful API command to set the local cert.

PD-6599
Improved the GetSDNController Java API command.

PD-6598
Improved the AddSDNController and ModSDNController Java API commands.

PD-6587
Fixed the response of the New-RealServer PowerShell API command.

PD-6480
Improved the PowerShell API command Set_AWSHAOption.

Known Issues

PD-7173
Pre-authorization excluded directories do not work as expected with KCD.

PD-7127
The SSOMGR is not purging the Kerberos cache cleanly.

PD-7099
It is not always possible to create a SubVS within a Log Insight Virtual Service in the LoadMaster WUI.

PD-7157
There is an issue with using file attachments in SharePoint when using WAF and KCD.

PD-7121
OCSP responses containing multiple certificates are not processed correctly.

PD-7056
There is an issue relating to black list IP addresses in Virtual Services.

PD-7047
There is an issue with Name Server (DNS) protocol health checking.

PD-7226
There is an issue uploading some templates which contain long comments.

PD-7023
The output and error handling of the Get-Rule API command is not ideal.

PD-7016
The IncludeQuery API parameter cannot be set.

PD-6930
The IPv6 support in the API is incomplete.

PD-7225
The listcustomlocation API command shows custom locations that have not been added.

PD-7128
The persist parameter does not appear in the API command showvs output when the persistence mode is set to Source IP Address.

PD-7021
There is a discrepancy between the length of the Add Header to Request field between the WUI and API.

PD-7014
There is an issue removing extra ports when using the PowerShell API.

About Device Firmware:

Applying a newer firmware version than the one already installed on your unit can bring various enhancements, include workarounds for diverse problems encountered by the device, and improve or add newly developed features.

On the other hand, downgrading the firmware version can recover the device’s functionality in the event of a software update either turning up faulty or causing the unit’s overall performance to drop. However, bear in mind that applying an older firmware isn’t recommended and might not always be possible.

When it comes to the update steps, due to the large variety of devices and numerous ways for installing a new firmware, it is recommended that you carefully read and understand the upgrade steps, and consider applying a different firmware only when you have familiarized yourself with the update method.

As the installation process is most of the times quite risky, this step should be taken by users that have the ability to successfully complete the update; regular users may initiate it at their own risk. Moreover, it’s best that this task be performed in a steady power environment such as the one ensured by a UPS unit.

Therefore, if you consider applying this release, hit the download button, take into account all the aforementioned aspects, and update the device’s firmware. Also make sure you constantly check with our website to ensure that you don’t miss a single new release.

  It is highly recommended to always use the most recent driver version available.

Try to set a system restore point before installing a device driver. This will help if you installed an incorrect or mismatched driver. Problems can arise when your hardware device is too old or not supported any longer.

Related KEMP Technologies Drivers