►
From YouTube: Support Release Review Party - 12.3
Description
APAC Support team go through the new features in 12.3, sharing knowledge for the wider Support team
C
C
Okay,
so
design
management.
What
we
have
done
now
is
that
we've
allowed
anyone
to
upload
images
to
this
new
tab.
We
have
in
issue
discussions
so
discussion
and
that's
designed
here,
and
so
you
can
add
design.
So
one
thing
I
notice
is
that
it
is
a
drag
and
drop,
so
you
do
have
to
click
on
this
button
and
I'll
just
join
this
okay
right.
C
So
now,
I
have
an
image
up
here
and
notice.
That
is
saying
showing
the
test
version
so
and
here
as
well,
this
is
fun
was
added
in
chalk
country.
You
can
see,
there's
a
little
icon
on
top
right,
this
green
one,
so
this
is
basically
showing
that
this
file
was
added
in
this
version.
So
let
me
just
do
a
quick
overview
of
the
original
introduced
features.
So
if
you
click
on
this
image,
you
can
start
discussions
on
this
image.
So,
for
example,
I
can
click
on
this
and
say
like
nice
advertisement.
C
C
E
C
C
C
C
We
prepare
this
before
right,
so
I'll
add
an
added
design
with
the
same
file
name.
We
can
see
that
this
one
has
the
style
in
it
right,
so
you
can
see
it
now.
This
is
modified.
So
let
me
just
refresh
to
carry
of
any
snail
state
there
you
go
yeah,
so
you
can
see
that
this
is
modified
in
this
version,
and
this
is
in
version
3.
So
every
time
I
go
to
file.
D
C
It
creates
a
new
version
and
this
modified
icon
only
appears
if
you
upload
an
updated
file
with
the
exact
same
filename.
So
this
is
a
major
caveat,
I
think
for
most
designers
workflow
and
if
you
look
at
the
released
of
the
review
release,
outline
I
do
kind
of
put
that
good
luck.
If
you
offer,
if
your
version
controls,
you
know
just
renaming
files
and
adding
like
the
latest
copy,
you
know
what
varies
to
the
end
of
the
flower.
I
think
that's
all
of
us
to
when
we
are
working
on
stuff,
with
no
version
control,
yep.
D
C
C
B
C
E
C
E
B
G
D
C
B
B
C
Yeah,
it's
not
just
a
so
I'm
just
noticing
that
you
know
these
comments
here.
They
don't
actually
indicate
which
version
they
were
made
on
and
they
don't
actually
go
away
and
there's
no
way
to
resolve
them.
So
they're
kind
of
just
stuck
here
yeah,
even
though
something
may
have
changed,
and
it's
no
longer
relevant.
D
D
So
to
enable
this
feature,
so
it's
not
enabled
by
default
to
enable
it
one
is
to
go
to
rails,
console
and
run
this
command
and
to
check
that
it's
enabled
you
can
run
this
commit
so
I've
I've
installed
it
so
I've
enabled
it
on
my
test
instance,
which
give
up
12.3
and
I
had
to
reinstall
ingress
to
do
it
so
and
note
so
it
maybe
it
could
happen
that
our
customers
will
face
it.
So
if
you
have
a
Jupiter
hub
installed,
then
it
won't
be
possible
to
Union
store
English.
D
D
So
basically,
basically
we're
just
telling
the
logs,
so
there
is
additional
log,
create
an
awkward
file
created
within
English
controller
and
it
contains
some
firewall
information.
So
let
me
just
open
English
page
I
mean
like
a
default
page,
and
we
will
see
that
yeah.
It's
expected
that
it
gives
just
a
default
back-end
message
and
in
the
walk
we
can
see
that
there
are
some
additional
records,
show
I.
D
C
D
D
E
F
D
D
Yeah,
it's
it's
something
like
this,
but
I'm,
not
sure.
If
it's
possible
to
configure
it
somehow
I
mean
right
now,
as
Raymond
mentioned
looks
like
it's
just
for
monitoring,
because
yeah.
If
you
check
the
get
the
release
page,
it
says
that
future
releases
will
expand
its
capabilities
to
block
malicious
traffic,
create
and
manage
firewall
rules
yeah.
But
for
now
it's
like
for
monitoring
and
reporting
like
security
concerns,
for
example.
A
It's
a
biggie
with
where
the
web
application
firewalls
that's
how
it
starts,
because
what
you
want
to
do
is
once
you've
deployed
you
interrogate
the
data
that's
entering
and
exiting
for
the
application
that
you've
got
it
enabled
for
so
that
you
can
then
start
to
create
the
policies
that
are
going
to
be
needed,
whether
that's
going
to
be
a
blacklist
or
whitelist.
Depending
on
how
secure
you
want
it
to
be.
A
I
just
copied
a
link
from
Cloud
Player,
which
does
a
pretty
good
job
of
explaining
what
a
web
is
and
the
differences
between
that
and
hardware
based
solutions
and
and
use
for
it
I'm.
Assuming
that
we
can
make
go
down
and
make
our
version
as
feature-rich
as
some
of
the
other
cloud-based
web
offerings
that
are
out
there.
A
D
F
D
F
B
Yeah
just
to
add
one
more
thing
to
this,
because
it's
a
surface
application
firewall,
so
another
common
function
in
web
application
firewalls
is
to
basically
look
at
malicious
payloads
that
are
coming
in,
which
are
designed
to
kind
of
trigger
vulnerabilities
in
web
applications.
So
we're
talking
about
like
SQL
injection
stuff
and
other
such
things,
which
can
manipulate
parts
and
content
in
general,
so
I
think
it
was
at
Anton
that
we
saw
a
ticket
where
a
customer
instance
was
being
bombarded
with
such
traffic.
B
So
you
know
they
were
just
trying
out
various
things
in
order
to
call
some
PHP
scripts
that
would
be
commonly
available
on
common
PHP,
open
source
applications.
You
know
bulletin
boards
and
blogs,
and
these
kind
of
things
so
with
the
Web
Application
Firewall
in
case
you
can
easily
block
all
of
those
things
and
sean
has
just
put
in
a
link
from
Aspen.
They
have
a
top
10
web
application
vulnerabilities
list,
which
is
kind
of
illustrative
to
go
through
as
well
thanks
Sean.
E
Question
regarding
this,
because
I
saw
their
question
often
coming
army,
it
is
possible
for
any
malicious
traffic
coming
self-managed
instance.
So
can
can't
that
be
blocked
on
the
application
I.
We
are
definitely
talking
it
at
the
application
level,
but
can
we
block
it
prior?
It
is
written
to
our
application
like
on
nginx
level
itself
or
on
our
network.
Is
it
possible.
D
E
E
I'm,
so
sorry,
so
what
I'm
saying
is
like
whenever
these
DDoS
kind
of
attack
happens?
Can
we
simply
stop
prior?
It
isn't
into
our
application,
like
at
the
server
level
itself
on
the
network
level
itself?
Is
it
like,
or
should
it
first
reach
our
application,
and
then
we
didn't
detect
it's
a
DDoS
and
then
block
it.
It.
D
A
So
this
is
the
other
things
all
like
it.
Not
all
the
doses
are
the
same,
so
it
depends
on
the
methodology
that's
being
used
by
the
attacker
to
actually
launch
the
attack
if
it
is
something
like
a
ping
DDoS,
it's
it's
relatively
easy
to
know,
root.
Long
specific
are
key,
so
that's
coming
through,
but
if
it's
more
distributed
than
that,
it
starts
to
get
a
little
bit
more
complicated
and
the
answer:
is
you
really?
If
you
care
about
security,
you
need
to
be
secure,
different
levels.
A
So
another
way
of
thinking
about
it
is
that
a
web
is
higher
up
the
OSI
layer.
So
it's
not
going
to
be
interrogating
individual
packets
that
are
actually
transitioning
across
and
it's
looking
at
what's
actually
happening
at
the
transport
layer
at
HTTP.
So
that's
where
it
then
investigates
the
payload
to
then
look
at
things
like
cross
site,
scripting,
sequel
injection.
That
type
of
thing
you
absolutely
can
for
other
types
of
attacks
have
a
a
different
approach,
which
would
probably
be
hardware
level
and
there's
various
methods
of
doing
it.
A
Something
like
CloudFlare
is
probably
closest
to
what
we
would
see
and
play
with
ourselves,
because
that's
web-based-
and
it's
aimed
very
much
at
the
portion
of
your
environment-
that's
actually
serving
traffic,
not
necessarily
the
infrastructure
that
serving
traffic.
So
there
is
that
distinction
between
what's
happening
at
the
infrastructure
level,
what's
happening
at
the
application
level.
I
know
it
doesn't
directly
answer
your
question,
but
that's
because,
with
anything
security
related,
it
really
depends
on
what
exposure
you're
trying
to
mitigate
yourself
against
and
the
way
you've
actually
deployed
your
own
infrastructure
as
well.
E
That's
for
it,
so
I
was
just
thinking
like
we
always
allow
the
traffic
at
least
I
cannot
point
out
any
specific
infrastructure,
but
we
generally
allow
all
the
traffic
to
reach
the
application
and
then
application
to
identify
what
kind
of
either
attack
or
if
it's
a
too
many
requests
or
IP
blocks
for
something
kind
of
thing
we
implement.
So
can
it
be
done
prior
to
application
level
or
yeah,
but
yeah
absolutely.
A
The
answer
is
yes,
it
can
be
like
good
again,
but
that's
gonna
be
at
so.
If
you've
got
an
edge
firewall,
you
can
have
it
performing
that
function
on
the
edge.
So
that
way,
you
can
have
a
much
less
restrictive
policy
in
place
for
any
of
your
internal
security
devices,
whether
it's
wet,
whether
it's
another
firewall.
Even
if
it's
a
load
balancer,
because
there
you
can
use
a
load
balancer
to
do
some
security
type
roles
as
well
in
a
network.
A
You
can
leave
those
fully
open
if
you're
happy
that
your
edge
firewall
has
is
restricting
that
type
of
traffic.
But
again
it
depends
because
the
more
complex
you
make
that
network
topology
the
more
difficult
it
is
to
actually
build
the
rest
of
your
network.
Behind
that
great
for
security,
not
always
great,
for
ease
of
use,
also
depends
on
who's.
Doing
who's
approaching
that,
like
the
approach
from
a
developer,
is
going
to
be
very
different
from
someone.
That's
a
cloud
engineer
and
that's
probably
going
to
be
quite
different
from
someone.
That's
a
database
engineer.
A
So
really
it's
a
combination
of
all.
All
of
those
things
understand
where
you
want
it.
The
other
thing
to
think
about
is
also
cost,
so
a
physical
device
is
expensive.
There's
also
all
the
licensing
that
you
need
to
put
on
top
of
it,
and
you
need
to
know
exactly
what
you're
doing
otherwise
you're
potentially
orphan
in
portions
of
your
network
of
or
not
allowing
legitimate
traffic
through.
A
That's
a
very
different
scenario
to
something
that
is
all
web-based
that
uses
policies
which
potentially
leads
your
entire
network
open,
but
is
very
much
focused
just
at
the
application,
but
that,
due
to
the
resources
where
that
device,
that
virtual
devices
is
located.
So
if
you're
deploying
a
wife
on
an
ec2
instance,
for
example,
because
you've
decided
you
don't
want
to
use
AWS
as
examples,
there
are
more
policies
and
the
more
restrictive
it
is.
A
The
more
processing
power
is
going
to
be
consumed
because
it
needs
to
run
through
those
policies
with
all
the
traffic
that's
coming
through
it,
so
you
potentially
have
a
cost
increase
there,
but
it
might
be
less
than
if
you
have
to
go
and
buy
physical
infrastructure
and
worry
about
the
network.
Topology
further
down
the
stack.
I
know
it's
not
directly
answering
your
question,
but
it
is
honestly
that
complicated
like
it
very
very
much
depends
on
your
needs
and
what
you
try
to
mitigate
against
cool.
D
H
Know
the
basic
idea
of
having
a
mod
security
in
place
is
the
different
growth
already
and
the
policies
that
comes
with
it
whenever
a
traffic
comes
in
or
whenever
a
process
or
HTTP
request
is
being
processed.
So
I
will
assume
that
we
might,
or
a
customer
might
trigger
a
false
positive
in
this
kind
of
scenarios.
And
it's
and
if
this
happens,
were
you
able
to
find
the
exact
config
file
for
this
rules
where
they're
actually.
H
A
D
This
this
part
is
installed
on
customers
kubernetes
cluster,
so
it
means
it's
not
related
to
the
github
instance
itself.
So
it
works
on
customers
to
Banaras
cluster,
so
I
I
guess
it
will
be
the
same
for
github.com
and
self-managed
instances.
I
mean
kubernetes.
Cluster
is
managed
by
customer
so
that
they.
A
That's
where
I
was
going
with
that
question.
I,
don't
think
this
relates
to
comm,
maybe
future
releases
as
the
capabilities
of
the
west
increases
and
they
start
to
look
at
moving
it
away
from
just
kubernetes
employments
and
actually
having
some
kind
of
a
bespoke
West
for
individual
projects
or
individual
ins
for
customers
on
comm.
But
for
now
yeah
comms
not
gonna
need
to
worry
about
it.
C
Look
at
that
from
so
I
follow
that
one
what
Arion
said
about
the
design
files
being
stored
in
LFS?
It
is
so
let
me
just
show
you
what's
going
on
here,
so
this
is
the
admin
area
of
Aquila
instance,
so
you
can
see
that
they,
they
are
our
vast
files.
It's
uploaded,
although
this
is
this
four
repository
is
basically
empty,
so
these
are
probably
the
image
files
and.
C
C
C
References
together
for
me,
the
wave,
so
if
you
look
at
the
path
in
Kittery
itself,
we
can
see
that
this
is
the
design
report,
so
what
they
did
is
they
just
appended
like
a
dot
design
to
the
rear
of
the
usual
code
repository?
So
this
is
how
we
are
storing
that
design
management
images
internally,
but
what
the
wiki
the
same
camera?
Yes,.