Release Notes 7.0

Platform

New Features:

  • New early adopter feature – Auto Triage – Automatic in-depth analysis of issues, generating detailed triage information about issue causes and providing remediation steps towards rectifying the issue 
  • Support of Ubuntu 18.04
  • Assign Multiple Issues to a User – Select multiple issues from the Issue Page and assign them to any user in a single action
  • SNMP Support – SNMP v2, v3 is now supported for select devices. Add SNMP credentials from the Credential Screen
  • Added ability to chart NAT-Connections and NAT-Connections-Limit metrics on the same chart
  • Integration Look and Feel – New look and feel for the Integrations screen. Look for the LDAP Integration under the new Integration tab
  • LDAP Custom Group Assignment – Create and manage LDAP groups on Indeni through custom roles
  • Various security-related enhancements

Bug Fixes

  • FRONT-2692 – Fixed an issue where the server did not not accept restart commands
  • IS-4544 – Resolved an issue in which the collector service fails to recover due to “Failed to unmarshal response”
  • IS-4587 – Fixed an issue which causes Check Point SSH sessions to stall due to waiting for acknowledgment
  • IS-4605 – Resolved an issue in which the maximum number of open device calls was exceeded
  • FRONT-2692 – Resolved an issue in which the server stops and does not accept restart command

Knowledge

New Features:

Check Point

  • IKP-2511: Update EOS information to the latest
  • IKP-3086: QA Test against R80.30
  • IKP-2599: Enhanced policy last modified metric to be polled from all blades instead of single blade before
  • IKP-3079: Added check to identify if VMAC mode does not match requirements

Cisco ASA

  • IKP-1494: Added interrogation script
  • IKP-2822: Added CPU monitoring script and updated remediation steps
  • IKP-2823: Added memory monitoring script and updated remediation steps
  • IKP-2827: Added interface metrics
  • IKP-3122: Added check to identify if DNS servers configured do not match requirements
  • IKP-3123: Added check to identify if NTP servers configured do not match requirements
  • IKP-3124: Added check to identify if SSH v1 is enabled on the device
  • IKP-3125: Added check to identify certificate expiration
  • IKP-3126: Added check to identify license expiration
  • IKP-2828: Added check to identify if ISAKMP negotiations of the IPsec VPN tunnel have not been completed
  • IKP-3250: Added check to identify if there is no traffic passing through the IPsec VPN tunnel

F5

  • IKP-2578: Added check to identify if any VIPS are not configured with a pool
  • IKP-1908: Added check to identify issues with AAA identity server integration
  • IKP-2125: Added check to identify SNAT exhaustion
  • IKP-2570: Added check to identify iRule not been used

Fortinet

  • IKP-3019: Added check to identify if Uninterruptible Upgrade setting is disabled for HA configuration
  • IKP-3145: Added support to get log memory settings for VDOM
  • IKP-3144: Added support to get log disk settings for VDOM
  • IKP-2447: Added check to identify HA cluster monitor interface problem
  • IKP-2445: Added check to identify HA cluster heartbeat interface problem
  • IKP-2942: Added backup support for Fortinet firewalls
  • IKP-3018: Added check to identify hardware version mismatch across cluster members

Gigamon

  • IKP-2805: Added check to identify card failures

Palo Alto Networks

  • IKP-2941: QA test against PAN 8.x

Bug Fixes

Blue Coat Proxy SG

  • IKP-2933: ICAP connectivity issue shows irrelevant external rating service as alert item
  • IKP-3102: Fixed view-ssl script enters config mode without exiting which caused other commands to fail

Check Point

  • IKP-2971: Critical configuration files mismatch across cluster members false positive due to grep command failure
  • IKP-2955: Critical process(es) down (per VS) false positive on MDS/MDLS due to transient init status
  • IKP-3066: Excluded chkp-log-server-connected script from running on virtual systems
  • IKP-2964: Hardware element down false positive due to new output for command “show sysenv all” in R80.20
  • IKP-2923: Added support for new cluster states introduced in R80.20 
  • IKP-3021: Excluded R80.20SP, R76.40SP and R76.50SP from running command “”cphaprob list -v”
  • IKP-3023: Empty vs.name is returned for R76.50SP devices
  • IKP-3036: Supported new output for command “asg stat -v” in R80.20SP
  • IKP-3047: Added support parsing command “asg_route –dyn-route ospf” R80.20SP
  • IKP-3118: Fixed chkp-os-throughput-alert script failed to compile due to method refactor
  • IKP-3140: Expanded search for core dump files to include new locations
  • IKP-3141: Restricted certain scripts to run only on R80.30
  • IKP-3084: Excluded certain scripts from running on chassis
  • IKP-3083: Updated EOS dates
  • IKP-2906: Added back Firewall Logging Locally check
  • IKP-2856: Excluded install_jumbo_take script from running on R80.20 and later
  • IKP-477: Updated High Threshold of Five Minute Load Average alert to be based on the number of cores
  • IKP-2961: Fixed false positives related to Debug Mode Enabled alert

FireEye

  • IKP-2944: Updated device suspension to be based on average CPU usage across all cores

F5

  • IKP-2298: Fixed Blade(s) down alert triggering on blades that are unpopulated
  • IKP-3030: Fixed unknown status is causing Virtual Server Offline alert to trigger

Fortinet

  • IKP-2898: Excluded admin down ports from triggering Network Port(s) Down alert

Palo Alto Networks

  • IKP-2900: Restricted show system environmental to only run against hardware firewalls
  • IKP-2650: Fixed devices with OS “PA-VM” were been identified as chassis
  • IKP-3028: Fixed files were not been identified consistently which caused large number for alert items in Core Dump Files Found alert
  • IKP-3029: Fixed Critical Process Down alert wasn’t getting triggered properly due to a wrong tag used
  • IKP-3098: User-ID Agent(s) Down alert takes longer to resolve due to invalid regex match on command output
  • IKP-3234: Fixed Critical Process(es) Down alert triggering on processes that do not exist on certain devices
  • IKP-3226: Limited interfaces monitoring to hardware interface to reduce the amount of API calls to the device
  • IKP-3220: Increase script polling intervals to reduce the frequency of API calls to the device
  • IKP-3284: Excluded three show system state related scripts from running due to file descriptor leak issue on certain PAN OS versions
  • IKP-3072: Updated parser for “show wildfire status” command due to output change in 8.x