Note: Ubuntu 18.04 is required for this release. See the migration guide to update to Ubuntu 18.04.
New and improved Issue Page
- Grouping issues by headline, devices, severity, status and Assignee.
- New filter Categories to view issues pertaining to the same “Rule Category”.
- New icons to illustrate if filters are applied and clear filters.
Dashboard – Drill down from widgets to get a detail view with respect to device estate, best practice and device health.
Auto-Triage – Visualize full workflow diagrams to understand the investigative steps and understand the decision tree for troubleshooting an issue.
Knowledge Explorer – Visualize Auto-Triage workflow diagrams for any issues.
Early-Symptom – defers external issue triggers to reduce the noise from transient or flapping issues.
- FRONT-3410 Knowledge explorer – Remediation steps – spelling mistake for remediation steps
- FRONT-3406 Knowledge explorer – Remediation steps – Text is written in one block instead of each number per line
- FRONT-3404 Knowledge explorer – Remediation steps – admin get 403 forbidden when opening remediation code in rule overview
- FRONT-3383 ATE – Running auto-triage via ADE tab in the overview page will not trigger the ATE
Important note: SNMP is mandatory for PAN-OS devices. Please follow the instructions here to enable SNMP on your Palo Alto Networks devices.
4 new ATEs for Check Point and Palo Alto Networks:
- Firewall logging locally
- Cluster member no longer active
- High ARP cache
Palo Alto Networks:
- Debug mode enabled
New Check Point CloudGuard ADE:
- Ensure CloudGuard Controller is running as a process on the management server
- Check connectivity between CloudGuard Controller and Public Cloud Data Center
- Check errors on Data Center scanner
- Check the connection between CloudGuard Controller and CloudGuard instances
- Check if Identity Awareness web API is running
- Check if CloudGuard Controller is updating CloudGuard instances
- Check for imported objects from Data Center
- IKP-3811 CHKP – Management service down (Non-Virtual) – FP on unexpected input
- IKP-3798 Cisco ASA – duplicate issue: “SSH version 1 is enabled” and “(Cisco ASA) SSH version 1 is enabled”
Palo Alto Networks:
- IKP-3684 PAN: Cluster Member No Longer Active triggers a false positive for an active or passive state
- IKP-3814 PAN – Management CPU is being reported as a constant value in panos 9
- IKP-3802 PAN: show-wildfire-status parser should have additional positive status