Release Notes 8.0.0

Important: due to infrastructure changes in this release, we strongly recommend that you take a snapshot of your VM before the upgrade.

New Devices

  • Zscaler App Connector
  • Check Point Quantum Lightspeed appliances

Platform

New Features

  • Devices page refresh – Apply filters, resize columns & export device information in CSV/XLS format
  • Allow device rename
  • New graph for Palo Alto Networks NGFW to track the total throughput
  • New Connections Count graph that doesn’t show the connections count limit
  • Grafana dashboard for Zscaler App Connector
  • Server Components update
    • PostgreSQL 14
    • MongoDB 4.4
    • Python 3.0

Improvements

  • DEVOPS-564 Switch to Indeni-base version 8.0

Bug Fixes

  • FRONT-3807 Dashboard: Fixed “Available Storage space” display
  • FRONT-3810 Device Suspend – Clicking without selecting a time period suspends for a set time
  • FRONT-3811 Rule remediation – HTTP links in XML format are not displayed in the GUI
  • FRONT-3814 Devices Suspend – Clicking without selecting a time period pops-up “Suppressed x devices”
  • IS-5174 License pop-up is displaying the number of devices instead of the number of licenses in use
  • IS-5176 Stop connector actors before removal & fix major memory leaks
  • IS-5177 MultiSnapshotComoplianceCheckTemplateRule – does not apply meta_condition

Knowledge

New Features

  • New Auto Detect Elements for Check Point
    • Alert on kernel packet drops
    • VSX: Identify ARP table exhaustion
    • Monitor “ntpd” as a critical process
    • Logging servers configured do not match the requirement
    • Configured Web timeout too high
    • Missing Web timeouts configuration
    • Alert on microburst conditions
  • New Auto Detect Elements for Maestro
    • Track the CPU usage for each VSX instance
    • Alert on BGP peer down
    • Alert if Multi-Queue is disabled
  • New Auto-Detect Element for Cisco ASA
    • Hardware Element Down
  • New Auto-Detect Element for FortiGate
    • FortiOS critical CVE (FR-IR-22-398) – heap-based buffer overflow in sslvpnd
  • New Auto-Detect Elements for Palo Alto Networks NGFW
    • Monitoring GRE tunnels
    • Alert on an interface flapping in PANW aggregate
    • Monitoring VM memory cap
    • Monitor “ntpd” as a critical process
    • The Web Timeout configured does not match the requirement
    • Logging servers configured do not match the requirement
    • Configured Web timeout too high
    • Missing Web timeouts configuration
    • Alert on microburst conditions
  • New metrics for PANW:
    • Tracking IPv4 addresses for all the network interfaces
    • New total throughput metric
  • Improvements for PANW
    • Added new Knowledge articles to many remediation steps
    • Improved recommended remediations for many alerts
    • Fixed many broken links in remediations steps
    • Renamed rules to use generic names so alerts don’t appear to be related to Check Point devices
    • Restricted INDs from running on small appliances (PA-2xx & PA-4xx)
    • Changed the severity for the “Configured SSH timeout too high” alert from Error to Warning
  • Improvements for other devices
    • Blue Coat ProxySG: Changed the severity for the “Configured SSH timeout too high” alert from Error to Warning
    • Blue Coat ProxySG: Changed the severity for the “Configured Web Management (GUI) timeout is too high” alert from Error to Warning
    • CHKP: Changed the default global configuration for the “High CPU usage per core(S)” alert from 70% to 80%
    • CHKP: Changed the severity for the “Configured SSH timeout too high” alert from Error to Warning
    • CHKP: Disable the “kernel errors found in log files” alert by default
    • Maestro: Add a new “blades” tag for CPU metrics
    • FortiGate: Changed the severity for the “Authentication Bypass in Fortinet on Administrative interface” alert from Critical to warning

Bug Fixes

  • IKP-4713 CHKP: Fixed the “Bond/LACP slave interface down” possible false positive for “High Availability” mode
  • IKP-4714 Removed duplicate ind “interface-fake-tx-hang”
  • IKP-4715 CHKP: Fixed the description to reflect the metrics correctly
  • IKP-4717 Cisco ASA: Interfaces are reported as “Adaptive Security Appliance ‘xxx’ interface”
  • IKP-4718 Cisco ASA: Fixed the parsing error for cisco-asa-cert-expire-status
  • IKP-4721 CHKP Maestro: Added asg-cores-util.ind.yaml to “includes_resource_data:true”
  • IKP-4723 PANW: Fixed the panos_show_snmp_trap_community.py parsing error
  • IKP-4727 PANW: Restricted some INDs from running on small appliances (PA-2xx & PA-4xx)
  • IKP-4737 Limited the cross_vendor_log_servers_mismatch rule to non-VSX
  • IKP-4744 Fixed the panos_show_ntp.py parsing error

BlueCat acquires Indeni to boost its industry-leading DNS, DHCP and IP address management platform to help customers proactively assess network health and prevent outages.

Learn More