Novell Doc: Novell Access Manager 3.1 SP2 Installation Guide

1.4 SSL VPN Enhancements

Authentication Hardening: You can enable authentication hardening in Enterprise mode to provide protection against active attacks. Authentication hardening uses a keyed Hash Message Authentication Code (HMAC) to sign and verify packets. Packets are examined by a stateless filter and dropped if the HMAC signature does not match. For more information, see Configuring the IP Address, Port, and Network Address Translation (NAT) in the Novell Access Manager 3.1 SP2 SSL VPN Server Guide.
Client Cleanup Options: The administrator can now control the Logout options that are displayed to the end users. The administrator can also configure client cleanup options and select whether the SSL VPN users are allowed to override the settings. For more information, see Configuring Client Policies in the Novell Access Manager 3.1 SP2 SSL VPN Server Guide.
Client Integrity Check for MD5 Checksum: The MD5 checksum value of an absolute file can now be verified during the client integrity check. With this change, you can now use the filename as well as the MD5 checksum value of the file to verify the client integrity. For more information, see Configuring Policies to Check the Integrity of the Client Machine in the Novell Access Manager 3.1 SP2 SSL VPN Server Guide.
Translating the Port on the ESP-Enabled SSL VPN: The ESP-enabled SSL VPN now provides an option to translate the listening port (8080 or 8443) to a standard listening port (80 or 443). For more information, see Configuring Authentication for the ESP-Enabled Novell SSL VPN in the Novell Access Manager 3.1 SP2 SSL VPN Server Guide.
SLES 11 Support: You can now install the SSL VPN server on SUSE Linux Enterprise Server (SLES) 11.
Support for New Client Operating Systems: The following new operating systems are now supported by the SSL VPN client.
- Windows 7 32-bit and 64-bit clients
- Macintosh 10.6 Snow Leopard clients
- Kiosk mode is now supported on SLED 11 64-bit clients
For more information, see Section 3.7.1, Windows Client Limitations and give reference to sslvpnclient help overview->1.2.3->Windows requirements section
IP Range Support in Traffic Policies: You can configure a traffic rule to allow or deny access to multiple destinations. In the previous releases of Access Manager, you could configure only a single traffic rule to allow or deny access to one destination IP or network. For more information, see Configuring Traffic Policies in the Novell Access Manager 3.1 SP2 SSL VPN Server Guide.