Monthly Release Notes - February 2016
|Automate||Bytware||CCSS||Document Management (RJS)|
Stand Guard Anti-Virus for AIX
Updated McAfee Scan Engine 5800.
Enhancements to PDF format to improve exploit detection capabilities.
Improved unpacking of .NET, VBA, Shockwave Flash and generic unpacking improvements to detect more threats.
Performance optimizations of initialization and scanning.
Ability to run real-time scans interactively.
Use your favorite scheduler to run system scans and download DAT file updates. CRON is no longer required.
Simplified User Interface for enhanced user experience.
Updated the FWD function to Tivoli using FTP so that Tivoli can now receive the messages through that protocol.
- Updated the process for clearing the MMAUDJRN message queue so that MMM0189 messages are generated.
Changed the processing of the MMRNM (Rename System) command to include MMCONTROL and MMSYST data areas.
- Resolved an issue where changes to automated responses were not applied to remote systems.
Updated the Maintenance module to allow proper processing of the exclamation mark character (!). This also fixed an issue with entering the exclamation mark as a prefix for value lists.
- Enhanced Shift Maintenance to prevent multiple timespans from being configured with an identical sequence number.
Resolved an issue where MMAUDJRN messages were not deleted when the user attempted to delete them from the Maintenance module.
- Updated the Audit Journal so that the message filters work properly.
Added TLS support for outgoing email. While SSL encryption was already supported, this release adds support for TLS.
- Enhanced the product licensing.
Incremental release to match the QMessage Monitor release.
Enhanced the Disk Summary, History Summary, Detailed History windows so that like elements on different systems are displayed using the same color.
Added two new options—Last Used and Last Changed—for sorting the list in the Disk Usage Inquiry panel (MONDISKINQ).
Added a new definition so that you now can monitor for the number of processor cores being used. This is an alternative to existing data types that express CPU usage as a percent of dedicated CPU and in CPW used.
Updated the MONDMQSM job so it runs efficiently on large configurations (CPU does not continue to increase).
Added the ability to exclude specific files from the Real Time Disk collection process.
Enhanced disk collection so it won’t fail in limited-lock mode under certain conditions.
Enhanced the product licensing.
- Added the ability to control the email attachment name at the Source level, as well as the Destination.
- Added new keyword @SPOOLDATE that'll use a spool file's date as the replacement value.
- Changed the logging of locked files to a Warning type instead of an Error type to reduce unnecessary logging.
- Fixed issue with "Move on Error" so that RDX files also get moved correctly.
- New web-based signature capture to sign forms quickly and efficiently
- Modernized the user interface
- Simplified redundant web pages
- Fully tested and compatible with all major web browsers
- Simplified and enhanced the installation process
- Improved integration with WebDocs
- Saving an existing form stored in WebDocs now updates the matching index keys in addition to creating a new document version
- Temporary files are managed and cleaned up more appropriately
- Keys 11 through 30 are supported with WebDocs document check-ins
- Implemented standard HelpSystems cross-platform licensing. Existing customers please contact support for information and assistance prior to upgrading.
Domains can be used to segment a GoAnywhere installation into multiple security zones where authorized users can only work with the items and files belonging to their assigned Domains. This allows an organization to share a single installation of GoAnywhere MFT with multiple divisions or departments while maintaining separation of administrative access. Domains features include:
- Specific admin users and groups can be authorized to one or more Domains.
- Domains can be locked into specific folders on the file system. This prevents admin users from accessing files/folders outside of their assigned Domains.
- Admin users can quickly switch between their assigned Domains.
- Items can be moved between assigned Domains, such as Users, Groups, Project and Resources.
By default, each GoAnywhere installation will be provided with two Domains at no charge. Additional Domains can be purchased as needed.Contact your account manager for pricing and additional details.
GoFast File Transfer Acceleration Protocol
The GoFast file transfer acceleration protocol was added, which uses multiple UDP channels to accelerate the movement of files between servers. This feature includes a new GoFast Server module for receiving accelerated file transfers and a new GoFast Task and Resource for initiating the transfers from within your Projects. GoFast features include:
- Uses standard SSL/TLS encryption to protect the control channel between the client and server.
- Optional Zlib compression is available for file compression.
- Strong AES encryption with up to 256 bit keys is available to protect data in transit.
- File checksums support for integrity verification.
- Generates full audit trails of all files transferred
Please note that GoFast is an optional licensed module. Contact your account manager for pricing and additional details.
Two-Factor (RADIUS) authentication
Added the RADIUS protocol to provide Two-Factor Authentication using popular token based services such as RSA SecurID, key fobs, or desktop and mobile apps.
- Uses the standard RADIUS protocol which provides integration into RSA SecurID as well as other token based authentication services.
- Can implement as a primary Login Method or as a secondary authentication type for a user.
SMS Text Messaging
- The SMS service providers of Clickatell, Twilio and Plivo are supported, which can be configured at the global level.
- A Project can send a SMS Text message to a phone number through one of those service providers using the new SMS Task.
SNMP (Simple Network Management Protocol)
- A new Resource and Project Task was added for sending traps to an SNMP server.
- Provided support for SNMP versions 1 and 2.
Amazon S3 Buckets and WebDAV Servers
- Amazon S3 Buckets and WebDAV servers can be predefined as reusable Resources.
- Web Users can be configured with virtual folders that point to Amazon S3 Buckets and WebDAV resources.
- Amazon S3 Buckets and WebDAV resources can be accessed from Projects for uploading and downloading files as part of an automated process.
Global Administration Log and Change History
New auditing and change control is now available for all major features in GoAnywhere MFT. This provides administrators and auditors a view of admin user activity within the product as well as the ability to restore Projects to a previous revision.
- Change History is provided for product changes including Global Settings, GoDrive Settings, Secure Mail, etc...
- Admin activity is also audited for changes to Web Users and Web User Groups, Resource, Triggers and Monitors.
- Removed log entries to global log for add/edit/delete: Resources, Scheduled, Monitors, Web Users, Web Groups, Triggers, Global Settings, Security Settings, Web User Settings, GoDrive Settings and Secure Mail settings.
- Project revisions are now saved when changes are made, and any project can be restored to a previous version.
UI Change Detection
All configuration pages for major components have been updated to include a change detection feature which will prompt users to save any new changes before leaving the configuration page. This change detection feature was added to the following pages:
- Secure Mail and GoDrive Settings
- Web User and Admin Security Settings
- Global Settings
- Triggers, Monitors, Schedules and Resources
- Web User and Web User Groups
Enhanced Job Log Viewer
Job logs are now updated to isolate exceptions from the normal logging.
- Job logs are cleaner and easier to read by writing stack traces to separate files.
- Exceptions can easily be viewed from the new log selector.
- Exporting the Job Logs will now download a ZIP file containing all related Job Log files.
- All exceptions are now logged, even when the exception is handled using an Error Module.
- Added the ability to configure an auto-delete policy for Web User files older than a specified number of days.
- Added the ability to search files and folders by name in Secure Folders.
- Added new commands to the GACMD API to support deleting Triggers, Monitors, Web User Groups, Resources and Schedules.
- Added a popup dialog to select an SSL fingerprint from the keystore when adding and editing a Web User account.
- Added the ability to configure specific column headings for the Write CSV task.
- Added the ability to format individual column headings in the Write Excel Task.
- Added support for using Binary Transfer Encoding when sending messages using the AS2 task.
- Enhanced the performance of file access from Secure Folders by optimizing the way files are resolved.
- Added the Download as ZIP feature in the File Manager to allow downloading multiple files and folders.
- Added a new Delete Web User Wizard to remove or reassign files owned by the Web User.
- Added a Monitor type to be able to scan for files that are created or modified.
- Added the ability for authorized Admin Users to view a Web User's GoDrive file system.
- Added icons for popular file types in Secure Folders.
- Added a connection and read timeout to the global SMTP configuration and the SMTP Resource and Tasks. The default timeout was updated from infinite to 5 minutes.
- Added a new Copy File action to Triggers.
- Enhanced the styling of certain Dashboard Gadgets that were excessively large when no data was available to display.
- Enhanced the Active Transfers page to display active transfers on all nodes in the cluster.
- Enhanced the process of attaching files to a Secure Mail message to display the progress footer by default, instead of the progress dialog.
- Added better validation for actions performed from the progress footer.
- Added validation to prevent users from accessing GoAnywhere without browser cookies enabled. These users will not be redirected to an error page that informs them that cookies are required.
- Enhanced the error message displayed when the target folder does not exist when creating a Monitor.
- Enhanced the 404 log message to show the proper client IP address when the client is connected through GoAnywhere Gateway.
- Added validation when scheduling a project to ensure that the project exists before saving the Schedule.
- Added a checkbox to the GoDrive Settings Device Policy to enable/disable the Notify Additional Email Addresses.
- Added default focus to the first editable field when adding or editing a Monitor.
- Updated resource types to be sorted alphabetically in the tree.
- Removed the default Web User template from LDAP managed login methods. A specific Web User template must now be selected for new LDAP managed login methods.
- Updated the default cluster heartbeat to 5 minutes. This helps address cluster issues caused by one of the nodes 'freezing' for a period of time.
- Upgraded the Netty API from 3.2.4 to 3.10.4. Netty is used for GoAnywhere Gateway communication and the new GoFast file transfer acceleration module.
- Updated styling of the File Chooser dialogs to better handle directory listings that require scrollbars, such as long file names.
- Enhanced Admin Users to allow the selection of unique Login Methods per individual Admin User.
- Updated the project folder tree to show the appropriate opened folder icon when the folder is expanded.
- Updated the Activity Report to automatically refresh the search when a different protocol is selected.
- Updated the new Web User account email templates to include the URL to the Web Client.
- Updated the logging for GoDrive devices logins to properly log an Account Just Disabled event when an account is disabled due to failed device logins.
- Removed the explicit override of the socket buffer size set by the FTP/S Tasks for new installs. This delegates to the operating system to determine the best socket buffer size.
- Removed the explicit override of the socket buffer size set by the SFTP Server for new installs. This delegates to the operating system to determine the best socket buffer size.
- Removed the SAML configuration validation for Name ID format and Attribute Name format.
- Updated the Secure Mail Compose page to no longer show the download limit configuration when no files are attached to the package.
- Update the Close RowSet Task to mark the RowSet variable field as required.
- Upgraded the ZIP capabilities of GoAnywhere to fix an issue with extracting some password protected ZIP files.
- Updated the Secure Mail purge process to only log whether or not messages are being purged when there are messages to be purged.
- Upgraded the deployJava.js program, used to launch the Web Client Applet, to the latest version.
- Relocated the buttons to enable/disable Monitors, Triggers and Schedules. These operations, formerly permitted to Job Manager and Trigger Manager roles, now require a Product Administrator to configure.
- Updated the 'Cancel' button to 'Done' on the Web User SSH Keys screen
- Updated the validation on AS2 tasks and resources to allow configuration of the signature algorithm regardless of whether or not the message is signed.
- Updated the alert email for GoAnywhere Gateway changes to no longer prepend a slash (/) on the controller address and port.
- Replaced the J2SSH library that was used for SSH key creation and management.
- Upgraded Apache MINA from 2.0.7 to 2.0.9. This library is used by the FTP and FTPS servers.
- Upgraded the Jcifs library from 1.3.17 to 1.3.18. This library is used for SMB Network share access to external file systems.
- Upgraded the Commons Pool library from 1.5.4 to 1.6.0. This library is used for backend database connection pooling.
- Upgraded the JSch library from 0.1.51 to 0.1.53. This library is used by the SSH, SCP, and SFTP tasks and resources.
- Updated the Security Audit Report to no longer consider it an error when Web Users that are not configured to disable within 90 days of activity if the web user is authenticating against an external login method. Since that external user management system may be disabling users with its own policies, this scenario will now be considered a warning.
- Updated the Security Audit Report to limit the number of web users to a maximum of 5 when multiple Web User's configurations do not meet specific requirements.
- Updated the Secure Mail notification emails to allow the message expiration date to be used in the email template.
- Fixed a memory leak caused by interrupting a ZIP operation.For example, if downloading multiple files from Secure Folders as a ZIP file, and the download was cancelled, the ZIP stream would remain active. This could cause the Active Transfers to remain indefinitely, which would prevent the JVM from terminating properly.
- Fixed an issue with Secure Mail replies that were showing html encoded text for certain characters such as ", ', <, > etc...
- Fixed an issue where the Resource description was missing from the file chooser.
- Fixed an issue with LDAP syncing where Web Users would be disabled if their home directory could not be created during the sync process.
- Fixed an issue where duplicate user preferences were stored for the Job File audit log search page.
- Fixed an issue with the Secure Mail download servlet which was redirecting to an invalid page when secure mail is disabled.
- Fixed an issue with the GoDrive device notification where 'registered' notifications were being sent to users when PIN validation fails.
- Fixed input field styling in the Languages section of the HTTPS Server Configuration page.
- Fixed an inaccurate label on the DB2/400 database table dpa_global_log.
- Fixed an issue where a non-recursive local/network share Monitor could incorrectly trigger a Project for a modified folder when configured to use a secondary snapshot. This Monitor will now only monitor files.
- Fixed a UI issue that was causing a warning to be written to the log file when adding or editing a Web User, and switching from a non-internal login method to the internal login method.
- Fixed an issue in GoDrive where the sticky header could get lost when performing actions with files and folders.
- Fixed an issue where the Global Index rebuild process could fail to re-initialized the index writer in certain cases.
- Fixed a rendering issue with the sticky header and menu in Secure Mail when viewing a large message that requires scrolling.
- Fixed a potential 'Unexpected error' that could occur when a Web User configured for a non-internal login method is switched to the internal login method and a password is not set for that Web User. Moving forward, if the Web User attempts to log in while in this state, the Web User will see 'Invalid username and/or password'.
- Fixed a potential NullPointerException when editing a Project from the Where Used search feature of Resources.
- Fixed an issue with the page footer that was not properly handling expiration dates in certain cases.
- Fixed an issue with the password fields in IE9 where using CTRL + Z wasn't working properly.
- Fixed an issue where the Web Client settings weren't properly refreshed when running in a clustered environment.
- Fixed an issue with the upload progress monitoring for Secure Folder and GoDrive where the footer could show 0 files are uploading in certain scenarios.
- Fixed the FTP File Chooser to accurately submit the dialog when hitting the Enter key when focus is on the File Name field.
- Fixed the Delete Project component confirmation dialog to properly submit the confirmation when pressing the Enter key.
- Fixed a potential NullPointerException that could occur when testing Secure Mail immediately after installing a license, but before restarting GoAnywhere.
- Fixed an issue where the selected sort order and number of rows per page isn't properly persisted on list pages after viewing details of a specific item.
- Fixed an issue with GoDrive files where a user's lock on a file is remained after the user's access to that file is revoked.
- Fixed the Active Sessions page to properly show the remote client IP information when the client connects. Prior to this release, the IP information was only rendered once the user logs in.
- Fixed an issue where a cluster shutdown notification could prevent the application from shutting down if problems occur when attempting to send the notification email.
- Fixed an issue with the Send Email task where error messages were not showing the resolved values for variables used in certain fields.
- Fixed an issue where failed GACMD commands would return INFO level messages instead of ERROR level messages.
- Alert Intelligence rules now have the ability to run an Action Schedule when an alert is closed.
- Alert Intelligence rules within a group can be resequenced by use of new option 38=Resequence.
- Authority Swapper now supports user lists which include select / omit users.
- The Authority Swapper file containing the screen captures for *SWAP Sessions is now encrypted.
- Authority Swapper automatically removes passwords in screen captures for *SWAP Sessions.
Custom Task Monitor
- Custom Task rules now have the ability to run an Action Schedule when an alert is closed.
- Custom Task rules within a group can be resequenced by use of new option 38=Resequence.
Document Management System
- A fix has been implemented so that the Set Archive Maximum Members (SETARCMBRS) command now applies the value to all archives.
- Work with Archived Spooled Files (F22=Print) additionally allows the emailing of a CSV of the displayed spooled file.
- HA-MX Monitor rules now have the ability to run an Action Schedule when an alert is closed.
- HA-MX Monitor rules within a group can be resequenced by use of new option 38=Resequence.
- MQ Manager rules now have the ability to run an Action Schedule when an alert is closed.
- MQ Manager rules within a group can be resequenced by use of new option 38=Resequence.
Record and Playback
- Record and Playback now recognizes formatted numbers as numeric rather than characters.
Exit Point Manager
- Exit Point Manager rules now have the ability to run an Action Schedule when an alert is closed.
- Exit Point Manager rules within a group can be re-sequenced by use of new option 38=Resequence.
- A new INHIBIT action which prevents repeating actions being triggered again for a period of time has been made available.
- New substitution variables &EXITOPCODE, &EXITFMT and &EXITPOINT have been made available
- Support has been added for Exit Points QIBM_QMH_REPLY_INQ, QIBM_QSO_ACCEPT, QIBM_QSO_CONNECT and QIBM_QSO_LISTEN.
- Exit Point Manager now supports user lists which include select / omit users.
Level 1 Message Management Suite
- Device, Job Log, Job Queue, Message Queue, Output Queue and TCP/IP rules now have the ability to run an Action Schedule when an alert is closed.
- Device, Job Log, Job Queue, Message Queue, Output Queue and TCP/IP rules within a group can be re-sequenced by use of new option 38=Resequence.
- Job Log, Job Queue, Message Queue and Output Queue rules now support the use of a user list instead of a single user profile.
- Job Queue *STS rules now display the number of jobs to be checked.
- A fix has been implemented to prevent the Job Queue Monitor from failing under a very specific circumstance.
- COMMAND actions include an iASP parameter to allow definition of which iASP should be used when the command is run.
- Work with User Lists supports the use of Select / Omit for individual user profiles.
- Option 8=Where Used has been added to Work with User Lists to allow the display of rules where the user list is deployed. Additionally, it is no longer possible to delete a user list that is in use.
- System default HMC/EMAILFORMAT has been added to define the format used for outbound emails sent using an external SMTP server.
- Send Text Message (SNDTXTMSG) allows a value of *ALERTED to send a message to all message devices that have already been sent a message for the specified alert.
- Create Email Address (CRTEMLADR) includes all the parameters available when creating the message device within Work with Email Addresses.
- System default HMC/SMTPSERVERRATE has been added to define the maximum number of emails that can be sent via an external SMTP server in the space of one minute.
- A communication script has been made available to allow the use of Multi-tech modems.
- Support has been added to allow the sending of messages to devices in a broadcast group that is already part of another broadcast group.
- Print Communications Log allows a value of *MSG in the Detail parameter. This includes the actual messages that have been sent and received.
- A fix has been implemented to clear the message review down to the number of days specified in system default HMM/LRMLOGLIFE.
- A fix has been implemented so that Message Queue Monitor alerts for messages received just after midnight.
- Output Queue *STS rules now display the number of spooled files to be checked.
- The Output Queue Monitor has been made more efficient.
LEVEL 2 - SYSTEMS OPERATIONS SUITE (includes all Level 1 updates, plus the following)
- Audit Journal, Custom Journal, Distribution Queue, Restricted Tasks, Inactivity, Object, Performance and User rules now have the ability to run an Action Schedule when an alert is closed.
- Audit Journal, Custom Journal, Distribution Queue, Restricted Tasks, Inactivity, Object, Performance and User rules within a group can be re-sequenced by use of new option 38=Resequence.
- Audit Journal, Custom Journal, Inactivity, Performance and User rules now support the use of a user list instead of a single user profile.
- The Object Monitor now adds message CPE3025 - No such path or directory and HEM0255 - Path could not be accessed due to error CPE3025 to the Halcyon Message Log when QNTC related issues are detected.
LEVEL 3 - ADVANCED AUTOMATION SUITE (includes all Level 1 and 2 updates, plus the following)
- Spooled File Manager now recognizes formatted numbers as numeric rather than characters.
LEVEL 4 - OPERATIONS CENTER SUITE (includes all Level 1, 2 and 3 updates, plus the following)
- Within Advanced Job Scheduler, an attempt to Ad Hoc run a locked group now displays a warning message but allows an override and the running of the group.
- Rebranded to PowerTech (formerly known as SkyView's "Policy Minder Open").
- A new, modern user interface has been added.
Stand Guard Anti-Virus for AIX
- Updated McAfee Scan Engine 5800.
- Enhancements to PDF format to improve exploit detection capabilities.
- Improved unpacking of .NET, VBA, Shockwave Flash and generic unpacking improvements to detect more threats.
- Performance optimizations of initialization and scanning.
- Ability to run real-time scans interactively.
- Use your favorite scheduler to run system scans and download DAT file updates. CRON is no longer required.
- Simplified User Interface for enhanced user experience.
- Improved Stability.
- System value QPWDCHGBLK is no longer misspelled on the Edit Security Policy - Base Policy.
- Missing data caused by running 30 reports in a single batch assessment has been resolved.
- Assessment reports bundled into a zip file no longer error when trying to FTP to Windows.
- When system value reports are run in a group with non-system value reports, the report is no longer missing the color, required, and allowed values.
- Missing data from Authority Broker Event Reports after deleting the assessment has been resolved.
- Error messages have been improved to facilitate troubleshooting.
- An error preventing the ability to create a filter for T:ZC Access Type have been resolved.
- The process of removing reports from a Report Group and deleting Groups has been changed to prevent reports from being orphaned.
- Licensing improvements have been made for Capped / Shared Pool Processors.
- CM2POST spool files are now cleaned up after updating, and are not left on the system.
- System Value QAUTOVRT now allows a value of zero.
- The Authority Broker Event Report now produces the appropriate data when the journal entry sequence number is greater than 9,999,999,999.
- Now, when Network Security has written blank journal entries, those entries will not cause an error when viewed in Compliance Monitor.
- Automatic collections now pick up Network Security NR (rejects) data.
- Network Security journal data is now retrieved when using a journal other than QAUDJRN.
- Licensing improvements have been made for Capped / Shared Pool Processors.
- Work with Data and Time Overrides now saves data when using F6 to load the Day & Time Restrictions.
- When using an After Swap Exit Program on a Timed Switch Pair, it no longer executes before the swap is released.
- The screen captures process has been enhanced to include the Time Switch Command in the email body and PDF cover page. The ability to regenerate the cover page regardless of the existences of screen captures has also been added.
- Licensing changes have been made for Capped/Shared Pool Processors.
The following updates are included in this version:
- LOADXREF gives MCH0603 error in PARSESQL analyzing a complex *QMQRY.
- FNDSTR limit of 9,999 members has been increased.
- LOADXREF fails with MCH1210 and MCH3601 on SCANCLP