Skip to content

Release Notes

Release notes for the December 1, 2024 update

Update Version 4.1.202411291557

New Features

Added continuous traffic monitoring option.

The continuous traffic monitoring option allows the software to consume logs from native firewall component to ensure permanent collection of network traffic from the endpoints.

The option enables comprehensive view on the network traffic for the further analysis, asset and traffic classification, and design of microsegmentation policies.

Added the option to create a new network service using the visual network traffic chart.

The option improves visualization of the network flow charts by simplifying adding names to port numbers.

Security

  • Updated logging framework to the latest version.

  • Updated database layer component to the latest version.

  • Updated data processor component to the latest version.

Bug Fixes

  • Fixed the issue with creating duplicated entries when collecting duplicate data from the endpoints.

  • Fixed the issue with detecting protocol information when collecting connections from Windows endpoints.

  • Fixed the issue with collecting too many connection entries by ignoring the source port of IP connection merging multiple detected connections into a single connection with connection count.

  • Fixed the issue with connection report built for individual asset displaying only asset related data.

  • Fixed the issue with missing connections on the connections summary network flow for containers.

  • Fixed the issue with displaying correct name for the renames asset on the network traffic visualization chart.

Release notes for the update November 24, 2024

Update Version 4.1.202411221139

New Features

Added the option to import assets from AWS EC2 Service.

AWS import option allows to load assets into the asset database from AWS EC2 Service while applying intelligent tagging rules to classify the imported assets and to apply microsegmentation policies.

The import function simplifies system adoption by reusing existing network infrastructure and collected data to start system activities.

Added intelligent service resolution to the network flow visualization.

Intelligent service resolution improves readability of network flow visualizations by expressing them in the terminology of service names instead of the port numbers.

Intelligent service resolution uses services configured in the management section of the application. For the services not defined in the management section the intelligent service resolution uses well known port numbers.

The visual network flow diagram displays both service name and a port number in the popup dialogue that appears for the network device node on the chart.

Security

  • Updated API documentation component to the latest version.

Extensions

  • Added the option to open an asset view screen displaying asset metadata, fields and tags by selecting the asset node on the network flow chart.

  • Added the option to collect Time Zone from Linux and Windows endpoints.

  • Added the option to display time zone on the asset status report.

Bug Fixes

  • Fixed the issue with rescheduling periodic jobs after changing time interval.

  • Fixed the issue with missing asset information for some of the connection endpoints on the network flow chart.

  • Fixed the issue with executing batch and handler scripts with Shell components returning no exit code or timing out.

  • Added trace logging message to log shell script to execute for troubleshooting purposes.

Release notes for the update November 17, 2024

Update Version 4.1.202411151844

New Features

Added the option to import assets from VMWare vSphere.

VMWare import option allows to load assets into the asset database from VMWare vSphere deployment while applying intelligent tagging rules to classify the imported assets and to apply microsegmentation policies.

The import function simplifies system adoption by reusing existing network infrastructure and collected data to start system activities.

Added intelligent asset resolution to the network flow visualization charts.

Intelligent asset resolution function significantly improves readability of network flow visualizations by expressing them in the terminology of asset or host names in addition to IP addresses.

Security

  • Updated WEB Container to the latest version 11.0.1.

  • Updated client-side WEB Application framework to the latest version.

  • Updated database access layer to the latest version.

  • Updated application task scheduler component to the last version.

Extensions

  • Added the screen to display application nodes and the processes that run on them. In addition to visualizing the details of background processes run by the node, the screen shows the architecture of multi-node High Availability deployments.

  • Added the option to configure VMWare vSphere connection using vCenter REST API.

Bug Fixes

  • Fixed the issue with displaying overloaded network flow chart on the asset connections screen replacing it with the summary connections chart.

  • Fixed the issue with displaying asset on the event log report for the events of adding, updating or removing asset members.

Release notes for the update November 10, 2024

Update Version 4.1.202411081953

New Features

Added scheduled jobs execution scalability option for High Availability deployments using shared backend database.

High availability (HA) deployment using shared backend database allows attaching multiple tenants hosted by different servers to the same backend database. All tenants in the HA deployment share the same Key Ring to ensure decryption of encrypted content by any node in the deployment.

HA deployments using shared backend database improves system reliability and performance.

HA deployment improves the system stability by providing an actively running application portal GUI for system configuration and monitoring as well as continuous jobs execution in case of one of the application node malfunction or maintenance. In addition to this, HA deployment allows to scale the jobs execution by distributing remote Shell, PowerShell or Groovy jobs between several servers to allow more simultaneous jobs execution, parsing of the results and saving the dataset to the database.

Added support for product licensing.

Product licensing enables fine tuning the product features to the customer needs following the specific project requirements. Licensing options include the product expiration date, the number of assets under management as well as the number of tenant activations.

Each tenant in the deployment including peer nodes in the distributed deployments require the activation using either unique or multi-tenant activation code. A non-activated tenant works as a free trial edition with full functionality for 7 days after initialization of the tenant.

Security

  • Updated XML security component to the latest version.

  • Updated client-side WEB Application framework to the latest version.

  • Updated Oracle RDBMS driver version to the latest version.

  • Updated application scripting language Groovy to the latest version.

Bug Fixes

  • Fixed the issue with low vertical space in the Checkbox display when viewing assets.

  • Fixed the issue with displaying secured Date field.

  • Fixed the issue with saving an asset with a Date field with a default value Today

  • Fixed the issue with displaying default date for the Date field on the asset type field editing screen.

  • Fixed the issue with saving an asset with the Date field that has default date value.

  • Fixed the issue with displaying Date field on the asset editing form.

  • Fixed the issue with re-validating the asset editing form after uploading a file to mark the required File field non-empty

  • Fixed the issue with the secured File field displays an unclear information on the asset editing screen.

  • Fixed the issue with displaying a secret value of the secure Taxonomy field on the asset view screen.

  • Fixed the issue with editing the asset with the secure Address field.

  • Fixed the issue with indicating that the Address field is required on the asset editing screen and to allow to save the asset in case the required asset field is not defined.

  • Fixed the issue with not functioning mass lock and mass unlock users buttons in the local directory.

  • Fixed the issue with the helper option displaying entry placeholder text for String, Address and Text field types.

  • Fixed the issue with redundant help option for File, Number, Taxonomy field types.

Release notes for the update November 3, 2024

Update Version 4.1.202410311711

New Features

Added the option to backup and to restore tenant data.

The backup and restore function could be used to save the copy of the assets, configurations, integrations, policies and reports from the tenant to recover from the deployment failures, to move the tenant to different deployment or to different back end database, or to build an integration solution that uses data managed by the tenant.

Backup and restore function include the following capabilities:

  • Full backup extracts data from the tenant spaces and subspaces.

  • Incremental backup extracts data created or modified since the defined cut-off date.

  • The option to create tenants from the saved backup file.

  • The option to restore incremental backup file into the existing tenant. The tenant level restore process preserves data existing in the tenant and adds the data from the incremental backup.

  • Backup extracts the data from the tenant database into the portable object-level JSON format with encrypted secured fields and keys.

  • The restore process allows to restore data into the different database as compared to the database of the original tenant.

Security

  • Updated HTTP communication component to the latest version.

  • Updated API data processor component to the latest version.

Bug Fixes

  • Fixed the issue with only single-valued not-checkbox fields might be selected as secured fields.

  • Fixed the issue with the availability of the required option for a checkbox field

  • Added an indicator for a checkbox field in an off position on the asset view screens.

  • Fixed the issue with blanked errors on the browser console when navigating asset database.

  • Fixed the issue with saving default field values while not changing any other field on the asset edit form.

  • Fixed the issue with saving an asset with valid values in the required multi-valued fields.

  • Fixed the issue with the ability to save the asset in the inconsistent state using keyboard shortcut.

  • Fixed the issue with the ability to save an asset with an empty required field using the application API without the GUI.

  • Fixed the issue with displaying Hidden option on the type field editing screen.

  • Fixed the issue with deleting the expanded asset on the asset list screen generated an error.

  • Fixed the issue with saving assets with required choice fields that have default values.

  • Fixed the issue with saving assets that include required hidden fields.

Release notes for the update October 27, 2024

Update Version 4.1.202410251810

Security

  • Updated server side execution framework to the latest version LTS 21.0.5+11.

  • Updated client side framework to the latest version 18.2.9 / 18.2.10.

  • Updated context help rendering component to the last version.

  • Updated HTTP Transport component to the latest version.

  • Updated client side dependency and build components to the latest version.

Extensions

  • Added the option to filter job report by job status field.

  • Improved the multi-asset port based connection report by adding support for connection aggregation by high-number outbound port. The result displays a single chart node for multiple outbound connections from the same host to the same inbound port on different devices. The change simplified the chart by reducing a number of data points insignificant for the network analysis.

  • Improved the multi-asset connections report by including localhost connections.

  • Renamed multi-asset connections report.

Bug Fixes

  • Fixed the issue with the duplicate Edit, Delete and Execute actions on the task list element expansion deprecated in favor of drop down menu.

  • Fixed the issue with default run at or schedule time on the edit task screen set to the next day.

  • Fixed the issue with unnecessary run at time for interactive or event driven tasks.

  • Fixed the issue with deleting a tenant deletes tenant keys.

  • Fixed the issue with base tenant dashboard displaying asset summary chart.

  • Fixed the issue with the ability to create a tenant without providing all required parameters.

Release notes for the update October 20, 2024

Update Version 4.1.202410181909

New Features

Added multi-asset connection report.

New multi-asset connection summary report option allows to build the list of connection report along with the inter-asset connection chart for the assets located in the selected container and its sub-containers.

Connection report and graphical chart allow to analyze network traffic between multiple assets to help to design microsegmentation policies and visually analyze connection patters in the logically grouped parts of the network.

Security

  • Updated Duo Security connector to the last version.

  • Updated MySQL driver to the latest version.

Extensions

  • Added the option to check the server IP address match the configured Management Server network location when enforcing asset policies to prevent blocking the server from accessing the asset endpoint in case the server moved to another network after deployment.

Bug Fixes

  • Fixed the issue with restoring asset version that have no custom fields.

  • Fixed the issue with the error feedback message on the MFA requirement configuration form.

  • Fixed the issue with the Duo Security MFA redirecting back to the application page.

  • Fixed the issue with displaying backend directory display name on the list of SAML configuration.

Release notes for the update October 13, 2024

Update Version 4.1.202410111255

New Features

Added Search Center option

Search Center allows users to find assets in the Asset Database by name, description, field value or tag value. Search Center also allows users to find assets by the taxonomy term selected from the terms list or type-ahead term selection.

Search Center is a useful tool to find assets in the large container hierarchy as well as to help to design policy selectors to identify target and source assets.

Security

  • Updated WEB Container to the latest version 11.0.0.

  • Updated ssh communication component to the latest version.

  • Updated client side dependencies to the latest versions.

  • Removed obsolete client side dependencies.

  • Updated REST API component to the latest version.

  • Fixed the issue with non-FIPS compliant library used for some of the dependent components.

Extensions

  • Added the option to search assets by the text field values.

  • Added the option to search assets by the tag values including term hierarchy.

  • Added the option to search terms by full term path typed or pasted into the term type-ahead search control.

Bug Fixes

  • Fixed the issue with the option to select the same term multiple times in the term picker control and on the intelligent tagging rule configuration.

  • Fixed the issue with preventing to disable the Management Policy for the assets with enabled Policy Enforcement mechanism. Note that Management Policy allows the application server to access asset endpoints after enabling firewall enforcement.

  • Fixed the issue with the automatic asset state refresh after Enforce Policies and Restore Original actions.

Release notes for the update October 6, 2024

Update Version 4.1.202410041613

New Features

Added Delegated Execution option for scripts through distributed network of application nodes.

The option allows to delegate execution of scripts on the asset endpoints to the external application deployment (or a tenant) through the secure network protocol to manage assets located in remote isolated networks unreachable from the main deployment.

Delegated Execution option allows system owners to build the mesh of peer nodes to provide access to assets located in isolated datacenters and cloud virtual networks while maintaining the single control plane for configuration, operations and reporting.

The option is useful for the deployments seeking to manage multiple distributed networks as well as for MSPs managing networks of several independent clients.

The option includes the following features:

  • A Peer Node is configured using the node URL that includes tenant and space information and the API authentication token created for a Service account on the peer node.

  • Delegated peer nodes are configured on the asset or on the container level inheriting down the container hierarchy with the options to enhance or to disable peer node connection on the child assets.

  • A main node load balances multiple configured peer nodes to distribute the load of the script execution.

  • A single peer node executing delegated scripts might serve multiple main nodes.

  • The peer node that executes the script on the asset endpoint on behalf of the main node creates and event log record about details of the execution including the Node Signature of the main node delegating the execution.

  • Node Signature field in the job report indicates the node that executed the script.

Added ID Generator Field Type

Added ID generator field type that generated new GUID when creating an asset with the option to refresh the field value when editing the field.

To add an ID Generator field to an asset type, use String field with the $GUID as a default value.

Security

  • Updated REST API data parsing infrastructure component to the latest version.

  • Updated logging infrastructure component to the latest version.

  • Updated OpenAPI REST API documentation generator to the latest version.

Extensions

  • Added the option to filter asset firewall rules report by Backup rules.

  • Added Save and Promote button on the asset creation and editing screens to promote the asset to the major version right after saving.

  • Added a warning message about the asset is in the draft state when applying policies to the asset or when enforcing the asset policies from asset view or asset list screens.

Bug Fixes

  • Fixed the issue with deleting request selectors disabled in the child assets.

  • Fixed the issue with displaying only scripts that could be executed interactively on the asset view screen removing the scripts that could only be executed as a part of a handler.

  • Fixed the issue with Windows Firewall Management scripts allow to continue the process after failing to delete missing rule from the endpoint.

  • Fixed the issue with switching to policy enforcement action deleting firewall rules created for standard ports when they are not managed by policies.

  • Fixed the issue with preserving duplicate rules when reading Windows firewall rules provisioned by the application with different keys.

  • Fixed the issue with failing new version detection during the application update on Windows platforms for certain application versions.

  • Fixed the issue with the context help description of the Space Management Manager role.

  • Fixed the issue with unused Space Management Manager role.

  • Fixed the issue with Space Manager role labeling.

Release notes for the update September 29, 2024

Update Version 4.1.202409271713

New Features

Added the option to require approvals of the user requests to access select application functions.

The Request Approval option is useful to implement dual control (four-eyes), peer review principles for critical functions or configuration options, fine grained security for field-, operation-, and time- based access, preventive yet flexible permissions mechanism, and strong auditing with reporting requests reasons.

The Request Approval option includes the following features:

  • Automatic or interactive approvals including multiple consecutive approval levels as well as a select number of alternative authorizers from a group. Selection of authorizers from various integrated user directories such as MS Active Directory, Entra ID, LDAP-based directory, or local directory)

  • Function restriction.

  • User or group based approval requirements for the principals from various integrated user directories.

  • Time of the day, day of the week or day of the month based approval requirements.

  • Alternative approval forms selection when submitting action requests for approval.

  • Inheritance of the approval requirements down the container hierarchy with the option to override or to enhance the parent-level configuration.

  • My Requests report to display action requests made by the current user. The screen allows request owners to review the requests including request approval process as well as to complete approved requests before their expiration time, and to delete active requests that are not yet approved by any authorizer.

  • Approver List report to display action requests the current user can approve. The screen allows authorizers to review the request including request approval process as well as to approve or to reject an active request while providing a reason for the rejection.

  • Action Request report to display all action requests made in the current space a space auditor can review. The screen allows auditors and administrators to review the request including request approval process as well as to complete approved requests before their expiration time.

Added the option to require approval process for the following space-level operations

  • Manage Space Permissions.

  • Manage Microsegmentation Policy.

Added the option to require approval process for the following asset-level operations

  • Request Service Access.

  • Manage Asset Permissions.

  • Manage Asset.

Security

  • Updated REST API browser GUI to the latest version 5.17.14

  • Updated CSV processor to the last version.

  • Updated client-side dependency components to the latest versions.

Bug Fixes

  • Fixed the issue with a user with a non-global role accessing asset database.

  • Fixed the issue with the locked installation directory during application update on Windows computers.

  • Fixed the issue with the red color of the error messages on the context help dialogue

  • Fixed the issue with the wrong position of the refresh button on the jobs report screen.

  • Fixed the issue with context help text description for the alias configuration management.

  • Fixed the issue with the color of a custom checkbox field on the edit asset screen.