Release Notes 7.12.0
See below for the detailed notes for 7.12.0. Need the latest build? Download Indeni.
Platform
New Features
- New Grafana dashboard
- Composite dashboards with a summary of multiple devices and vendors
- Device compliance dashboard for Palo Alto Networks NGFW (a reference implementation to solicit feedback)
- API enhancement – add device name to API requests in support of the Grafana composite dashboards
- Indeni license count enforcement – new pop-up windows to notify you of the overage and expiration
Important: License count will be enforced with a license overdraft feature. This feature allows an additional 10% of extra licenses beyond the purchased quantity to prevent service disruption. Once the count is over the 10% additional allowance, the system will not function.
Improvements
- IS-5141 Upgrade to the latest Apache SSHD package in order to support updated SSL ciphers
- IS-5151 Reduce Akka thread count in order to improve resource usage
- IS-5158 Indeni Collector – stagger the interrogation of all devices upon start
Bug Fixes
- IS-5159 Automation – memory exhaustion when trying to process a large number of alert items
- IS-5162 Parser – docker crashes on missing ‘jq’ command
- IS-5166 Device Suspend – failure to activate due to suppress_alerts_until is incorrectly defined as an integer
- IS-5168 Fixed links in issue descriptions that reference LinkedIn profiles
Front
Bug Fixes
- FRONT-3790 Cannot filter users in the Audit page
- FRONT-3791 Compliance issue – rule configuration is displaying list as ‘NaN’
Knowledge
New Features
- New Auto Detect Elements for Check Point
- Track log rate
- Alert if Identity server status is disconnected
- Alert if Identity server events is 0
- Alert if the timezone configured does not match the requirement
- Alert if the SNMP community string does not match the requirement
- Alert if Management servers configured does not match the requirement
- Check for Role-based Administration errors in /var/log/messages
- Ensure CPU core load-balancing for VSX firewalls (sk169352)
- New metrics for Check Point
- Display top talkers in Device Info
- ATE enhancement
- Add an additional diagnostic step to the “High CPU usage” alert – If a CPU core is associated with a specific interface or a VS, identify if the problem is caused by a high traffic load. If yes, identify top talkers
- New Auto Detect Element for FortiGate
- FortiOS/FortiProxy critical CVE – Authentication bypass on the administrative interface
- New Auto Detect Elements for Palo Alto Networks NGFW
- Alert if the SNMP community string does not match the requirement
- Alert if SNMP trap receiver servers configured do not match the requirement
- Alert if Management servers configured does not match the requirement
- Added multiple checks for CVE of severity CRITICAL or HIGH in 2022
- Change severity to INFO for CVE’s that are classified as MEDIUM or LOW severity for Palo Alto Networks NGFW
Bug Fixes
- IKP-4601 PANW – convert the ‘cross vendor member no longer active’ ATE from SSH to RestAPI
- IKP-4667 CHKP – handle split lines for Required Interfaces
- IKP-4677 Linux interrogation – F5 devices incorrectly identified with os.name=centos
- IKP-4679 FortiGate – fix the DNS lookup failure(s) false positive on command failure
- IKP-4680 Remove all references to CIS benchmark
- IKP-4685 PANW – remove the port from the BGP IP resulting in a large number of items
- IKP-4686 PANW – fix the panos_url_credential_theft parser error
- IKP-4687 PANW – fix the panos_anti_spyware_info_low_severity parser error
- IKP-4692 BlueCoat – HTTP-stats command output changed
- IKP-4696 PANW – add status “Forwarding file” as one of the connection status to address the WildFire cloud status false positive issue
- IKP-4706 CHKP – adjust the interval for the “Certificate authority not accessible” alert