See below for the detailed notes for 7.12.0. Need the latest build? Download Indeni.

Platform

New Features

• New Grafana dashboard
  • Composite dashboards with a summary of multiple devices and vendors
  • Device compliance dashboard for Palo Alto Networks NGFW (a reference implementation to solicit feedback)
• API enhancement – add device name to API requests in support of the Grafana composite dashboards
• Indeni license count enforcement – new pop-up windows to notify you of the overage and expiration 

Important: License count will be enforced with a license overdraft feature. This feature allows an additional 10% of extra licenses beyond the purchased quantity to prevent service disruption. Once the count is over the 10% additional allowance, the system will not function.

Improvements

• IS-5141 Upgrade to the latest Apache SSHD package in order to support updated SSL ciphers
• IS-5151 Reduce Akka thread count in order to improve resource usage
• IS-5158 Indeni Collector – stagger the interrogation of all devices upon start

Bug Fixes

• IS-5159 Automation – memory exhaustion when trying to process a large number of alert items
• IS-5162 Parser – docker crashes on missing ‘jq’ command
• IS-5166 Device Suspend – failure to activate due to suppress_alerts_until is incorrectly defined as an integer
• IS-5168 Fixed links in issue descriptions that reference LinkedIn profiles

Front

Bug Fixes

• FRONT-3790 Cannot filter users in the Audit page
• FRONT-3791 Compliance issue – rule configuration is displaying list as ‘NaN’

Knowledge

New Features

• New Auto Detect Elements for Check Point
  • Track log rate
  • Alert if Identity server status is disconnected
  • Alert if Identity server events is 0
  • Alert if the timezone configured does not match the requirement
  • Alert if the SNMP community string does not match the requirement
  • Alert if Management servers configured does not match the requirement
  • Check for Role-based Administration errors in /var/log/messages
  • Ensure CPU core load-balancing for VSX firewalls (sk169352)
• New metrics for Check Point
  • Display top talkers in Device Info
• ATE enhancement
  • Add an additional diagnostic step to the “High CPU usage” alert – If a CPU core is associated with a specific interface or a VS, identify if the problem is caused by a high traffic load. If yes, identify top talkers
• New Auto Detect Element for FortiGate
  • FortiOS/FortiProxy critical CVE – Authentication bypass on the administrative interface
• New Auto Detect Elements for Palo Alto Networks NGFW
  • Alert if the SNMP community string does not match the requirement
  • Alert if SNMP trap receiver servers configured do not match the requirement
  • Alert if Management servers configured does not match the requirement
  • Added multiple checks for CVE of severity CRITICAL or HIGH in 2022
• Change severity to INFO for CVE’s that are classified as MEDIUM or LOW severity for Palo Alto Networks NGFW

Bug Fixes

• IKP-4601 PANW – convert the ‘cross vendor member no longer active’ ATE from SSH to RestAPI
• IKP-4667 CHKP – handle split lines for Required Interfaces
• IKP-4677 Linux interrogation – F5 devices incorrectly identified with os.name=centos
• IKP-4679 FortiGate – fix the DNS lookup failure(s) false positive on command failure
• IKP-4680 Remove all references to CIS benchmark
• IKP-4685 PANW – remove the port from the BGP IP resulting in a large number of items
• IKP-4686 PANW – fix the panos_url_credential_theft parser error
• IKP-4687 PANW – fix the panos_anti_spyware_info_low_severity parser error
• IKP-4692 BlueCoat – HTTP-stats command output changed
• IKP-4696 PANW – add status “Forwarding file” as one of the connection status to address the WildFire cloud status false positive issue
• IKP-4706 CHKP – adjust the interval for the “Certificate authority not accessible” alert