Release Notes 8.1.0

Platform

New Features

  • New Analytics Dashboard
    • Issues At-A-Glance with a summary of issues organized by Rule Category and Severity
    • Heatmap to show the top 10 devices with the highest number of issues
    • The average and median number of issues per day per device, % of total issues from top 10 devices to help identify ‘problematic’ devices
  • A new ‘Connection Counts’ graph with a line to show the average number of connections

Improvements

Bug Fixes

  • FRONT-3827 Audit Log – display ‘Device Suspended’ activity
  • FRONT-3829 Rule Configuration – enforce the selection of devices/labels to new configurations
  • FRONT-3830 Device Page – added the ability to assign multiple devices to a label
  • FRONT-3832 Issue Export – corrected timestamps, added vendor/os-version/revalidation-date
  • FRONT-3833 Knowledge Explorer – avoid showing the same Automation Playbook repeatedly
  • FRONT-3835 Custom Report – avoid displaying empty new reports until the browser is refreshed
  • FRONT-3847 Knowledge Explorer – System rules – allow changes to be saved without device/label assignment

Knowledge

New Releases

  • Support for Check Point release R81.20
  • Support for Palo Alto Networks NGFW release 11.x

New Features

  • New Auto Detect Elements for Check Point GAiA
    • Alert if IPS is bypassed
    • Alert if Dynamic Balancing Status if ‘OFF”
    • Monitor the status of the Identity Awareness PDP Broker
    • Alert on Domain Objects with FQDN
  • Improvements for Check Point GAiA
    • CHKP Firewall: “repeated failed login attempts” – added support for a threshold (new default value of 5 instead of 1)
    • CHKP Firewall: “repeated failed login attempts” – added the source IP address to the reported user
    • CHKP MDS: ‘known devices’ query – changed the interval from 5 minutes to 60 minutes
  • New Auto-Detect Elements for Palo Alto Networks NGFW
    • Alert if the primary static route is not configured
    • Alert when the path-monitor is down
    • Alert if an interface in an aggregated link is flapping
  • New Auto-Detect Elements for Panorama
    • Alert if the commit is not scheduled
    • Alert if commit failed
    • Alert when Panorama fails to connect to Active Directory servers
    • Added HIGH severity CVE alert CVE-2022-0030 PAN-OS: Authentication Bypass in Web Interface
  • New metrics for Broadcom Blue Coat ProxySG
    • Alert if the total content analysis requests are low in a 15-minute window

Bug Fixes

  • IKP-4671 F5 devices are appearing as CentOS
  • IKP-4752 PANW – show_panorama-status.py support parsing of empty input
  • IKP-4761 Zscaler – HA rules are incorrectly showing up in Knowledge Explorer
  • IKP-4763 ASG – chkp-asg-cores-util support parsing of “NA” value
  • IKP-4775 ZS – fixed the port consumption and file description exhaustion rules to reflect Zscaler
  • IKP-4776 PANW – panos-show-system-resources-panos9 – fixed parsing error
  • IKP-4782 F5 – added support the new ‘ifconfig’ format
  • IKP-4790 CHKP – mdsstat – changed COLUMNS 150 to 170 in order to support long CMA names

BlueCat acquires Indeni to boost its industry-leading DNS, DHCP and IP address management platform to help customers proactively assess network health and prevent outages.