Monthly Release Notes - November 2020

Jump to:

Core Security


Visual Identity Suite (VIS)

Version 2.5.0

Nov 21, 2020

New Features
  • VIS Connection Client enables user to access their data on premises from the VIS instance running in the cloud, allowing VIS to connect to Core Access Assurance Suite (AAS). Using this feature, VIS Role Designer can publish role definitions directly to AAS for use.

  • VIS supports Single Sign On with SAML. Admin users now have more ability to manage authentication and authorization on VIS (create, enable, disable, and delete user access). VIS supports third party Identity Providers for Single Sign On authentication and authorization like Azure AD, Okta, Ping, ADFS, and more.
  • The VIS intelligence engine functions have been expanded and the Smart Roles presented to the user contain suggestions to modify existing roles, merge two existing roles, or expand existing roles with additional, proposed entitlements.
  • Application owners now can review which users have access to their applications with the new Users to Targets review cycle in Core Certify.
  • Role visibility has been enhanced in Core Certify with a new Roles panel that can be used to highlight the roles in the Certify matrix, allowing reviewers to examine specific roles and the associated users.
  • When evaluating users to entitlements, users now can view entitlements that are assigned to users outside of their roles with a Non-Role Assignments function.
  • A clear Roles function is included with the Roles panel in Core Certify and Role Designer to easily reset the matrix.
Enhancements
  • Direct access to the VIS login page for regular users. Users can skip the initial login page where they enter their organization name.
  • A default reviewer can be appointed for any type of review cycle to ensure none of the reviews are missed.
  • A Matrix view can be compacted to gather a current role selection into an easy-to-view field to see related access.
  • An option is available to exclude a specific role from Smart Role computations when creating a role.
  • VIS accepts template CSV files in compressed (.zip) format, allowing users with more than 50 MB of data to conveniently upload their file.

Other Fixes
  • CSV files used to import users’ data do not need case-sensitive column names.

Back to Top

 

Insite


Version 3.05

Nov 16, 2020

New Features
  • Advanced Searching feature is now available for PTAV.

Enhancements
  • Each asset or data series in a widget chart can now be individualized using monochromatic and polychromatic color scales.

Other Fixes
  • Changed the terms "whitelist" and "blacklist" to "allow" and "block".

  • Removed "Note" field from Password Self Help User Setup.

  • Fixed issue with column names overlapping on widget preview.

Components in Insite
Updates

Back to Top

 

Powertech


BoKS SSH Client for Windows

Version 8.0.1

Nov 11, 2020

NOTE: For system requirements including supported platforms, see the BoKS SSH Client for Windows 8.0 Administration Guide.
  • Fixed an issue where certificate authentication failed when performing certificate authentication and using the Bageant application to hold the certificate in memory. When doing certificate authentication from the first logged in BoKS server to a second (another) BoKS server you were not logged in due to a "signature algorithm not supported" error.

BoKS Reporting Manager

Version 8.0.0.3

Nov 3, 2020

  • CAS-0010219773 - 'unsafe-inline' excluded from Content-Security-Policy header.

  • The Content-Security-Policy header served by BoKS Reporting Services included the "script-src: 'unsafe-inline'" directive. The directive enables javascript that are inline included in the html page which otherwise is prevented. It is recommended not to use this directive and it is regarded as unsafe.

  • CAS-0010209467 - Issue with large temporary files

  • An improvement has been made to correct an issue with large temporary files on disk while importing. Temporary files will still be created in the tmp directory but the size will be smaller. The size of data stored in the database has been reduced. The effect of this is more efficient importing and a smaller database size on disk.

  • Update of dependencies.

Version 7.2.0.4

Nov 3, 2020

  • CAS-0010219773 - 'unsafe-inline' excluded from Content-Security-Policy header.

  • The Content-Security-Policy header served by BoKS Reporting Services included the "script-src: 'unsafe-inline'" directive. The directive enables javascript that are inline included in the html page which otherwise is prevented. It is recommended not to use this directive and it is regarded as unsafe.

  • CAS-0010209467 - Issue with large temporary files

  • An improvement has been made to correct an issue with large temporary files on disk while importing. Temporary files will still be created in the tmp directory but the size will be smaller. The size of data stored in the database has been reduced. The effect of this is more efficient importing and a smaller database size on disk.

  • Update of dependencies.

Powertech Antivirus

Version 5.4.1

Nov 16, 2020

New Features
  • On-Access scanning is now supported on endpoints running RedHat Enterprise Linux 6.
  • Powertech Antivirus now allows you to generate reports that include consolidated, filterable scanning statistics for On-Access and On-Demand scans.
    • Reports can be generated manually as needed, or scheduled to run automatically at predetermined intervals.
    • Reports can be viewed in the HelpSystems Insite web browser interface, or distributed to recipients as PDF attachments.
    • Report processes are recorded in Powertech Antivirus' Activity List.
Enhancements
  • The minimum "DAT Update Frequency" interval has been reduced from thirty minutes to five minutes.
  • Virus definitions (DAT files) can now be acquired from McAfee's HTTPS server.
  • The process for managing and dealing with TLS certificate renewal has been improved. (TLS certificates are used for secure communication with Kafka and for secure access to the Postgres database.)
Other Fixes
  • A vulnerability to a linked-directory DOS exploit has been resolved.
  • Powertech Antivirus now responds appropriately when an attempt is made to save a Configuration whose name already exists.
  • License files named either "license" or "license.xml" are now accepted.
  • Delayed shutdown of avsvc now results in the service being stopped after 20 seconds to cope with servers that have become unresponsive.
  • The Use HTTP server toggle switch is no longer (erroneously) available when the main DAT File Repository toggle is set to Off.
  • An issue causing a UI anomaly on the Add Notification button when saving a Notification has been resolved.

Powertech Multi-Factor Authentication

Version 1.5

Nov 16, 2020

New Features
  • Improved Failover. Powertech MFA's failover capabilities, which provide redundancy and continued authentication service in the case of server failure, have been redesigned with improvements for greater ease-of use, visibility, integrity, and security:
    • A dashboard now indicates the current health and status of Powertech MFA's environment, including the status of each connected system's Authentication Manager, Database Server, and Messaging Service.
    • Failover can be triggered manually from within the Insite console to accommodate server maintenance.
    • Failover events are logged in the system event log.
    • Administrators can be notified of failover events automatically via email.
    • Failover events are now communicated over a secure port using SSL encryption using Powertech MFA's message broker (ActiveMQ).
  • Enhanced Product Security. Security has been improved with the addition intrusion detection, notification, and lockdown capabilities, as well as internal security enhancements.
    • Powertech MFA administrators can automatically disable user accounts that repeatedly fail to authenticate successfully.
    • Inactive user accounts can be automatically disabled after a predetermined number of days.
    • Users are now prompted to enter a one-time password from one of their registered devices upon User Portal login or, alternatively, an emergency one-time password provided by their administrator.
    • Security for endpoint requests sent from HelpSystems Insite to Powertech MFA's Authentication Manager has been improved.
    • On Windows, Tomcat's server.xml is now only readable by the Windows administrator, and the Tomcat service is now configured to Run as Administrator.
    • On Linux, Tomcat's server.xml is now only readable by root, and the Tomcat service is configured to run as root.
    • The API key used to make Firebase calls is now encrypted and has been moved into the Powertech MFA database.
  • Expanded Exit Point Support. Authentication is now supported for the following additional exit points:
    • DDM/DRDA Server
    • Database Svr-Initiation
    • File Server
    • Remote Command
    • Retrieve command exit programs
    • TCP Signon Server
  • Authentication Suppression. Unwanted exit point authentication requests can now be eliminated using Authentication Suppression. Once a user has authenticated once for a specific request via a specific exit point, that user will not be prompted again for a duration specified by the administrator.
    • The Authentication Suppression value can be set for IBM i Agent systems on the New/Edit System and New/Edit Default System panes in Insite.
    • Authentication suppression is active by default for the IBM i user initial program, which provides green screen sign-on authentication.
  • Improved Logging and Reporting. Powertech MFA's logging and reporting capabilities have been expanded.
    • You can now view User Portal signon activity and detailed information about authentication failures and all device-related actions, including device addition, removal, and disabling.
    • The logging level of all available Authentication Managers can now be configured by a Powertech MFA administrator.
    • Log files can now be downloaded from authentication manager servers to aid in troubleshooting.
  • Move or Copy IBM i Agent Configurations. Powertech MFA's IBM i Agent configuration, including status, exit point settings, and user settings, can now be easily copied to a different IBM i system. During this process, the original configuration can be removed to help accommodate maintenance issues such as hardware upgrades.
  • Bulk Profile Importing. Many Powertech MFA users or IBM i profiles can now be imported into the software quickly using .csv documents.
Enhancements
  • The way in which validation is performed when a Powertech MFA user signs into the Desktop Agent or User Portal using their IBM i credentials has been updated to minimize the impact on performance when the TCP Signon Server is active.
  • The Authentication Manager is now supported on Linux PowerPC operating systems.
  • A global timeout value can now be set for communications between the IBM i and the Powertech MFA Authentication Manager.
  • The ActiveMQ message broker is now used for communication with Powertech MFA's Desktop Agent.
  • The Port Configurator accompanying the Authentication Manager installer has been updated and simplified to accommodate Powertech MFA's enhanced infrastructure.
Other Fixes
  • The broken Desktop Agent shortcut in the Windows Start Menu has been corrected.

SIEM Agent

Version 4.3

Nov 19, 2020

  • An issue that caused excessive job logs for TCP output monitors when the target system was unavailable has been resolved.
Version 4.2

Nov 2, 2020

New Features
  • SIEM Agent now supports the LEEF format, which allows events from SIEM Agent to be forwarded to QRadar, IBM's SIEM solution. While SIEM Agent previously integrated with QRadar via the SYSLOG protocol, LEEF is QRadar's preferred protocol.
  • SIEM Agent now supports the JSON Format, which allows events to be forwarded to destinations such as Apache Kafka.
  • SIEM Agent now supports integration with Apache Kafka, and includes the Kafka Agent and YAJL JSON parser, offering an event management solution for very large environments.
Enhancements
  • The process used for sending messages to a TCP server is now more resilient.
  • The default start behavior of SIEM Agent has been adjusted to improve performance.
Other Fixes
  • Events output in SYSLOG and MODERN formats formerly included data intended only for events in CEF format. This data is no longer included in new installations. For backward compatibility, the "Use Header Format Compatibility" flag has been added to the Work with Formats panel. It allows the CEF data to be included with SYSLOG and MODERN Formats.
  • While copying an Event Source, all Subtypes and Rules of the Event Source are now copied.
  • A problem causing extraneous output when an event description has inactive sub-types has been corrected.
  • Missing predefined data for Event Descriptions in the Audit Event Source is now included during installation.
  • Message CPF1393 is now formatted correctly for SYSLOG and CEF.
  • When using option 4 to delete entities (such as Event Sources, or Outputs) in conjunction with other options, entries for all options are no longer shown as deletions on the confirmation panel.
  • During conversion from SIEM Agent 3 (Interact), warning messages regarding custom journals are no longer included in the conversion log when no custom journals were defined.
  • Monitor jobs are no longer started when no active outputs are defined.
  • An issue that could cause the message queue monitor job to fail if more than 25 messages were received within a one-second interval has been corrected.
  • SIEM Agent now displays a warning message when an attempt is made to create an Extension with a name that already exists. (Duplicate Extension names are not allowed.)
  • An error causing incorrect formatting when multiple extensions are defined for an event has been corrected.
  • Encrypted data is no longer erroneously included in the output when capturing event types UNA and UNR from Powertech Exit Point Manager.
  • Error MCH1210 is no longer logged in the job log if a user creates a new rule for an event, and inadvertently presses Enter with all entry fields empty.
  • At install time, a pre-checker now checks to ensure a PTF required for the RNXIE program has been installed.
  • The "Position to Name" function on the Work with Event Descriptions panel now positions the list correctly.
  • Minor text and formatting changes have been made to several panels to improve usability.
  • SIEM Agent users are now protected from incidental removal of Powertech Central Administration on a system. (Powertech Central Administration is required for SIEM Agent to function.)
  • The "Special" field in the Create Output panel has been renamed "ArcSight Compatibility" to more clearly indicate its function.
  • *WSG SIGNON Workstation Gateway Server - Signon has been removed from SIEM Agent's list of servers as it has been discontinued by IBM and is not included in recent IBM i versions.
  • When IBM i 7.4 entry types TM0, TM6, TM7, TM8, and TM9 are configured as Active in SIEM Agent, and SIEM Agent is active on IBM i 7.3 or earlier, SIEM Agent jobs no longer fail.
  • A problem causing SYSLOG events to omit data in the OBJECT, LIBRARY, and MEMBER fields has been resolved.
  • SIEM Agent's event source monitor no longer fails when the journal entry type is not supported on the OS.
  • The T:CP field description is no longer missing values.
  • A problem causing lines to lose their delimiter when a trace file is shared across multiple outputs has been corrected.

Back to Top

 

Robot


Performance Navigator

Version: 19.2 A

Nov 4, 2020

AIX/Linux
Enhancements
  • Latest version of Nigel’s Monitor (nmon) 16n for nmon on recent versions of Linux/Unix

  • Automatic reduction of data in the archive for mpgdata2 mpgdata3 and the rdhist.hostname files.

    • New files mpgd2_arcgztrim.sh, mpgd3_arcgztrim.sh, and rdhist_trim.sh

    • These run automatically once a month.

    • The amount of reduction defaults to 366, but can be set from 180 days and up in the pn.config file.

  • Latest nmonchart version 40 is included.

IBM i Host and Client
Enhancements
  • New preconfigured reports to allow customer to monitor a Daily Health Check and Monthly Interactive and Noninteractive Summaries
    • Supports both IBM i and AIX
    • For IBM i supports multiple ASPs
  • New graphs
    • CPU – Frame - PEP2 Analysis
    • CPU - Frame - Cores Used (HMC)
Other Fixes
  • CPW calculations for What-If when viewed by core

  • New fields in QAPMDISK caused an error when getting SOS data from IBM i's with 7.2, problem resolved.

Robot Schedule

Version 13.07

Nov 9, 2020

  • Installer updated to include IASP.

  • Audit log report will now use RBTENT* library to include IASP.

Robot Schedule Enterprise

Version 3.00

Nov 9, 2020

New Features
  • Schedule Enterprise can now be installed in an IASP.

Enhancements
  • Improved transfer rate for text-based FTP.

  • We are now shipping the most current Java 8 JVM available from Oracle, version 1.8_u241.

  • Installer updated to include IASP.

  • Updated temporary license keys.

Other Fixes
  • Fixed issue with RCLTFRF *FTP running too long.
  • Correct Agent version now shows in Schedule Enterprise Agent Manager.

  • Fixed issue with conversion removing RBTENTLIB.

Back to Top

 

Sequel


Viewpoint 11

Version: 11.20.260

Nov 16, 2020

Other Fixes
  • Excel Add-in in Repository mode gives error using Extended Help text on variable prompt.

  • View Designer alters JOIN when same file used more than once with *SEQUEL syntax.

  • Repository Mode (CHGAUTMODE *REPOSITORY) should allow CRO reports initiated from a script for a host job to run on the Viewpoint Server.

Back to Top

 

Showcase


Viewpoint 10

Version: 10.20.260

Nov 16, 2020

Other Fixes
  • Excel Add-in in Repository mode gives error using Extended Help text on variable prompt.

  • View Designer alters JOIN when same file used more than once with *SEQUEL syntax.

  • Repository Mode (CHGAUTMODE *REPOSITORY) should allow CRO reports initiated from a script for a host job to run on the Viewpoint Server.

Back to Top