Release Notes 8.2.0
Platform
New Features
- Analytics Dashboard
- A new widget – ‘Issues resolved over the past week’
- Enhance the ‘Device Health by Vendor’ widget to show the number of devices per vendor
- Retire the “Devices per Vendor” widget (information is now presented in the ‘Device Health by Vendor’ widget
- Device Connection State – A new widget to show the number of devices connected, suspended, not responding, and failed to communicate
- Ability to clone a custom report
- Credential sets are applied in order, from /32 to /0, and a new issue to verify that the relevant users are used to connect to the devices.
- Support CMD-Click on the MAC to start a new tab for drill-down purposes
Improvements
- Enhance the online upgrade process to route the pip upgrade through service.indeni-ops.com. Prior to this, pip uses the OS-level proxy setting causing pip upgrade failure
- On the dashboard, count issues relating to the list of active devices only. In other words, filter out issues relating to suspended devices
Bug Fixes
- DEVOPS-575 Upgraded flyway utility to the latest release
- DEVOPS-576 Fixed the “Failed to update apt-cache” issue
New Products
- BlueCat Address Manager
- BlueCat DNS/DHCP server
Knowledge
New Features
- New Auto-Detect Elements for Check Point:
- Alert if ID collectors not sending updates
- Alert when HTTP login denied logged
- New Auto Detect Elements for Palo Alto Networks NGFW
- Alert when routes are changed
- Separate the ‘High CPU usage per core(s)’ alert for the management and data plane
- PANW Chassis – track line card status
- Monitoring zombie process(es)
- Added 6 CVE’s
- CVE-2023-0004 PAN-OS: Local File Deletion Vulnerability
- CVE-2023-0005 PAN-OS: Exposure of Sensitive Information Vulnerability
- CVE-2023-0007 PAN-OS: Stored Cross-Site Scripting (XSS) Vulnerability in the Panorama Web Interface
- CVE-2023-0008 PAN-OS: Local File Disclosure Vulnerability in the PAN-OS Web Interface
- CVE-2023-0010 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in Captive Portal Authentication
- CVE-2023-38046 PAN-OS: Read System Files and Resources During Configuration Commit
Improvement
- Check Point – add a human readable description field to the “License expiration nearing” alert
Bug Fixes
- IKP-4700 fixed typo in asg-route-novsx script
- IKP-4795 fixed the parser error on missing management data
- IKP-4798 ‘(Non Virtual) Management service down’ – fixed the false positive issues due to ‘cpstat’ output changes
- IKP-4799 fixed the type error: string indices must be integers
- IKP-4803 fixed the empty name field issues for fwmultik_stat_monitoring-vsx
- IKP-4810 ‘Certificate authority not accessible’ – fixed the false positive issue due to ‘hping’ failing to use the correct interface
- IKP-4852 fixed the false positive issue caused by the XML API change from <fail-cond> to <failure-condition>