Release Notes 7.3.0

See below for the detailed notes for 7.3. Customers head over to the Indeni Forum within Indeni Crowd to join the conversation around these capabilities. Need the latest build? Download Indeni.


New Features

Cluster Switchover Aggregate Policy – aggregating multiple issues into a related event. Instead of alerting per metric, generate one alert for a group of metrics associated with a cluster switchover event.

Auto-Triage Enhancements

  • Ability to re-run an Auto-Triage Element.
  • Support for issue item – When a new issue item is added to the parent issue, the ATE will automatically run for all the issue items.
  • View the history of all the runs and for all the issue items.

Local Passwords Policy

  • Enforce password upon initial login.
  • Option to generate password automatically.
  • Password must meet complexity requirements policy – minimal password lengith, use of number and special character.
  • Enforce password history policy to limit how often an old password can be reused.
  • Maximum password age policy to ensure regular changing of passwords.
  • Lock users out after a number of incorrect passwords.
  • Send email notification prior to password expiry.
  • Audit log for password changes.

ServiceNow Enhancements

  • Enable ServiceNow integration from the UI.

Notification Behavior for Archived issues – When an issue is archived, the system will halt email notifications relating to the issue, but the system will continue to send updates to ServiceNow, Syslog and SNMP.

API Enhancement – Implemented API call filters to support:

  • Issues created before / after
  • Issues updated before / after
  • Issues Severity
  • Issues Category
  • Filter by devices
  • Filter by labels
  • Filter for devices added before / after
  • Filter by devices monitored / suspended
  • Filter by device vendor

Bug Fixes

  • FRONT-3663 Email notifications contain links to old issues framework
  • FRONT-3536 Roles – Actions does not allow User Assignment
  • FRONT-3509 Graph display is showing strange timeline
  • DEVOPS-512 Backup and cold standby are running at the same time causing problems to copy the backups to the standby
  • DEVOPS-408 Indeni Server memory allocation error
  • DEVOPS-432 Ubuntu 18 – missing latest security updates


New Features

  • Re-categorized (a list of rules re-categorized) and re-prioritized all the rules for improved alerting and reporting. See this list for details of all the changes.
    • Created a new rule category “Center for Internet Security Rule (CIS)”.
    • Changed the default severity for some rules from Error to Critical.
    • Changed the default severity from Error to Warning for many rules.
    • Moved some rules to the appropriate Rule Categories:
  • New Check Point Auto-Triage Elements:
    • RX packets overrun
  • New alerts for PAN CVEs
    • CVE-2020-2027 PAN-OS: Buffer overflow in authd authentication response
    • CVE-2020-2028 PAN-OS: OS command injection vulnerability in FIPS-CC mode certificate verification
    • CVE-2020-2029 PAN-OS: OS command injection vulnerability in management interface certificate generator
    • CVE-2020-2032 GlobalProtect App: File race condition vulnerability leads to local privilege escalation during upgrade
    • CVE-2020-2033 GlobalProtect App: Missing certificate validation vulnerability can disclose pre-logon authentication cookie

Bug Fixes

Check Point:

  • IKP-3384 ASG – throughput alert False Positive due to ethtool reporting the wrong interface speed
  • IKP-3964 VSX – Fixed VSW to collect relevant metrics only
  • IKP-4018 VSX – Fixed the “Nat Connection limit nearing” duplicate issues
  • IKP-4179 ATE – High CPU usage per core(s) – took into consideration the number of CPU cores
  • IKP-4250 61k – power supply and fan down for non existing components

Palo Alto Networks:

  • IKP-3278 PanOS Chassis devices not logging system environments for all chassis card slots
  • IKP-4013 “Device not logging high DP Load” triggered for Panorama
  • IKP-4353 panos-show-interface-rate – rx value returned for tx