Monthly Release Notes - January 2021

Jump to:

Automate Beyond Security Boldon James Bytware CCSS
Clearswift Core Security Digital Guardian Document Management (RJS)
GoAnywhere Halcyon IBM Partnership Insite  
InterMapper JAMS Powertech Robot
Safestone Sequel Showcase Skybot
Tango/04 TeamQuest Titus Vera

Beyond Security

beSECURE

Version 21.1

January 1, 2021

Enhancements

  • Reports now show the Scan Date and Next Scan Date.

  • Reports now show the Web Scan Authentication, Scan Date, and Next Scan Date.

  • Added Quick Add Dashboard to allow users to quickly add scans of Cloud/Infrastructure/Website/IoT/Router/.

  • Added Host Information and Major Issues list and Issues graph dashboards.

  • API Keys are now listed with information regarding when they were last used.

  • Organization searching can now stop at the top level to ease locating of values.

  • The PCI screen now allows users who own the Scan to modify the scan schedule.

Fixes

  • Fixed an issue where Google Login did not record the login event.

  • Migrated (and unified) vulnerabilities/report/pcistatus with pci/returnpcistatus.

beSTORM

Version 11.1.15

January 15, 2021

Enhancements

  • beSTORM can now send and receive requests using HTTP/2 (TLS enabled and plaintext version) natively.

  • beSTORM will now recommend you upgrade your version of beSTORM if a newer version is available.

Back to Top

 

Core Security

Visual Identity Suite (VIS)

Version 2.5.1

January 23, 2021

Enhancements
  • VIS 2.5.1 introduces an additional Role Designer account type, RoleDesigner_RO. This provides the user with the privileges to access and view roles in the Role Designer without the abilities to modify those roles.
  • In VIS 2.5.1 the Role Details panel shows full entitlement names and descriptions for ease of reading. In addition, if space is available at the top or side of the matrix, VIS no longer will truncate entitlement names.
  • In Role Designer, the Mapping tab that displayed the lists of users and the lists of entitlements associated with a particular role has been divided into two separate tabs, Users and Entitlements, for ease of use. Now, separate tabs list the users and the entitlements associated with the role. These are included under both the Design and Export tabs of the Role Designer.
Fixes
  • Users and Entitlements lists now sort alphabetically.
  • The matrix zoom view no longer resets after selecting additional cells when editing roles.

Back to Top

 

Digital Guardian

Version: 7.8.0

January, 2021

New Features
  • DG Agent for macOS supports installation and operation on macOS 11.0.x and 11.1.x (Big Sur). Note: If you plan to install DG Agent for macOS on at least one computer running Big Sur, you must run DG Server 8.2.1 or later to support that agent computer.

  • To enable DG Web Inspection Proxy (WIP) to work on Big Sur and later macOS versions, DG has converted it from an "implicit proxy" to an "explicit proxy." Both types of web proxies help prevent data loss from occurring through a web browser. As a result of this change, customers using the DG Agent on computers running Big Sur or later will need to create a system proxy configuration that explicitly directs network traffic to the DG WIP process. In environments that use a corporate proxy server, the explicit proxy will be inserted between the web browser and the corporate proxy. As the first proxy in the line, the explicit proxy (DG WIP) will receive network traffic flowing to and from the browser before forwarding the traffic to the corporate proxy. DG WIP will continue to operate as an implicit proxy on Catalina without any configuration changes. Customers can configure DG WIP in explicit proxy mode on Catalina for initial testing in non-production environments. However, this is not supported in production environments. To learn more about the explicit proxy, see Digital Guardian Explicit Proxy Deployment Guide.

  • A new program runs on DG Agent computers running macOS 11.0 and later. This program checks if a certificate that DG WIP needs in order to work on macOS 11.0 or later is in the login keychain. If the certificate is not in the keychain, the program helps you add it to the keychain. The program launches under the following conditions:

    • After installing or upgrading DG Agent, and you are logging on for the first time after the Agent computer restarts.

    • If the default WIP Root Certificate Template in the DGMC is replaced with a custom Root Certificate Template.

Fixes

  • DG Agent now detects print events from Microsoft Word and Microsoft Excel as expected.

  • DG Agent computers running macOS 11.0.x and 11.1.x no longer restart slowly when Apple Endpoint Security is enabled.

  • DG Agent no longer causes kernel panics on Agent computers after upgrading the operating system from macOS 10.15.3 to version 10.15.4.

  • If you use the -I and -F input arguments when you remove and install Agents, older Agent files and folders are now removed completely as expected.

  • DG Agent no longer causes disk space to fill up with system files.

  • DG Agent computers no longer experience unexplained high CPU usage.

  • DG Agent no longer reports Sendmail events for previously sent email messages, and Sendmail events now indicate the correct sender.

  • To allow Crowdstrike Falcon version 6.11 to run successfully on Agent computers, DG added these process flags to the default process flags file for DG Agent:

    • /Library/Application Support/CrowdStrike/Falcon/.*,0,SK+TRC

    • /Applications/Falcon.app/.*,0,SK+TRC

  • To prevent the DG WIP process from blocking web site redirections, DG added the domain flag "cc.zdtc.app,SK" to the default resource file (domains.txt).

  • Attempting to modify a file on a USB drive using the text editor Atom when a USB egress policy is applied no longer causes the file to get deleted.

  • DG Agent no longer assigns Digital Guardian-related names, such as "Digital Guardian Endpoint DLP Volume 0,” to unnamed USB drives when inserted into a DG Agent computer.

  • Screen captures taken with the tool Greenshot now succeed on DG Agent computers.

  • Now DG Agent intercepts network transfer upload (NTU) events in Safari 14. An entry was added to the process flags file to ensure interception.

  • Long volume serial numbers generated on DG Agents for macOS no longer cause bundle processor errors on the DGMC.

  • DG improved DG Web Inspection Proxy (WIP) connection settings so Microsoft Outlook no longer disconnects from the Exchange server when sending, receiving, or when idle.

  • The Xcode process flag now recognizes all possible Xcode file names.

  • Removable Media Encryption (RME) now encrypts files written to removable media as expected. DG WIP required up to a 24-hour delay when a website certificate was updated before the change would become effective, leading to transient certificate errors in certain circumstances. To resolve this issue, DG now removes the changed certificate from its cache if a website certificate changes during the cache period. This ensures that certificate updates are propagated to the user's browser without delay.

  • The default user policy no longer overrides configured user policies on computers running DG Agent for macOS.

Back to Top

 

GoAnywhere

Version 6.7.1
New Features

  • Added Allow Implicit Trust (SSH) setting to globally allow or deny implicit trust in SSH connections.

  • Added support for WS-Trust 1.3, allowing SAML users to log in to non-HTTPS services.

Enhancements

  • Added support for 384-bit and 521-bit ECDSA key sizes in the SFTP/SCP/SSH client.

  • Improved memory usage when using Local/Network Monitors.

  • Improved hostname verification handling when there is no host information to check.

Updates

  • Updated the default buffer size for the Copy Task to 1MB. This can be adjusted via a system property and upgraded copies will retain the 16KB buffer size to avoid memory issues.

  • Enabled usage of RSA encryption algorithm for PGP keys which was previously not allowed in BCFIPS mode.

  • Updated BouncyCastle FIPS APIS:PGP to 1.0.5.

  • Updated BouncyCastle FIPS APIS:Mail to 1.0.3.

Fixes

  • Fixed an issue with the PeSIT client and server where the incorrect encoding was being used resulting in international characters being lost.

  • Fixed issue where not all Web User Template settings were getting applied correctly to new Web Users.

  • Fixed an issue where the disconnect event of the SFTP server would take longer than needed.

  • Fixed issue related to incorrect JVM default trust store types when loading trust stores introduced in 6.7.0.

  • Fixed an issue connecting to the FTPS service while running in BCFIPS mode where no cipher suite could be negotiated.

Back to Top

 

Halcyon

Alert Intelligence

Version 15.0

January 25, 2021

(PTF: 2021.019)

Fixes

  • Alert Intelligence was not triggering for Object Rules that had AI ALERT(*NO) Actions. This has been corrected.

  • Alert Intelligence was not triggering for Output Queue *SPLF Rules that had AI ALERT(*NO) Actions. This has been corrected.

Level 1 - Message Management Suite

Version 7.0

January 25, 2021

(PTF: 2021.019)

Enhancements

  • Change Actions (CHGACTION) now supports changing a SNMPTRAP Action.

  • Message Monitor has had significant changes to improve performance. The Monitor now builds an internal "cache" of the ASP/IASP for each message file as it processes messages. It then uses this internal cache as much as possible instead of searching through all IASPs for every message.

  • Message Monitor now adds a message to the Halcyon Message Log every 5 minutes when a message queue on an IASP is not available for monitoring and the Rule Group is released and within the monitoring period.

  • When checking for applicable rules for a message, Message Monitor now checks that the message time is greater than or equal to the Start Time and less than the End Time +59secs on the Rule. For example, a Rule defined with a Start Time of 00:00 and End Time of 23:59 covers the time period 00:00:00-23:59:59.

Fixes

  • A Halcyon installation from the EXE would fail if the remote machine was using List Format *UNIX. This has been corrected.

  • A Halcyon upgrade using *FTP to obtain the Product files from another machine would fail if the remote machine was using List Format *UNIX. This has been corrected.

  • A Job Queue Rule which had default criteria and option "2=Change" taken against the criteria which had not been used would not alert. This has been corrected.

  • A new End User License Agreement (EULA) is now included within the Halcyon IBM i EXE installer.

  • Action Template STRWATCH was using incorrect Substitution Variables &MSGQLIB and &MSGQ and did not include the ASP Group. It should be using &QUEUELIBR, &QUEUE and &QUEUEASP. This has been corrected.

  • An upgrade to Halcyon would fail if Message Console (DSPMSGCON) had "User preferences" for a userid that did not exist. This has been corrected.

  • Auto-export was incorrectly exporting Message Queue Global Exclusions when specifically excluded but the Message Queue was newly created on the target Environment. This has been corrected.

  • Halcyon Auto-Upgrade Solution (AUS) command CONFIG would fail if time separator being used was not a colon. This has been corrected.

  • Message Communicator email addresses that included a space in the name would cause an upgrade to fail. This has been corrected,

  • Message Communicator was not closing the escalation of a message when the relevant alert was closed if the SNDTXT Action was defined to use the *LOCAL "Export name". This has been corrected.

  • Message Monitor was not correctly monitoring "Not received" rules that crossed midnight. This has been corrected.

  • Message Monitor would not raise "Not received" alerts for a released Rule Group relating to a message queue on an IASP. This has been corrected.

  • Message Queue Monitor now ignores message CPF2460 which is returned from the IBM API when a message queue is full.

  • Output Queue Monitor would not correctly extract an *IPDS spooled file as part of Title checking against a Rule. This has been corrected.

  • When adding/changing the QHST Message Queue Group within "Work with Rules" (WRKRULES) it would incorrectly show an error regarding the "Max consecutive cycles". This has been corrected.

  • Work with Rules (WRKRULES) would fail if a user had *USE authority and attempted to make a change. This has been corrected.

Level 2 - Systems Operations Suite

Version 7.0

January 25, 2021

(PTF: 2021.019)

Enhancements

  • Additional rules have been made available within the M3 Customization template.

  • Change Actions (CHGACTION) now supports changing a SNMTPTRAP Action.

  • Message Monitor has had significant changes to improve performance. The Monitor now builds an internal "cache" of the ASP/IASP for each message file as it processes messages. It then uses this internal cache as much as possible instead of searching through all IASPs for every message.

  • Message Monitor now adds a message to the Halcyon Message Log every 5 minutes when a message queue on an IASP is not available for monitoring and the Rule Group is released and within the monitoring period.

  • When checking for applicable rules for a message, Message Monitor now checks that the message time is greater than or equal to the Start Time and less than the End Time +59secs on the Rule. For example, a Rule defined with a Start Time of 00:00 and End Time of 23:59 covers the time period 00:00:00-23:59:59.

Fixes

  • A Halcyon installation from the EXE would fail if the remote machine was using List Format *UNIX. This has been corrected.

  • A Halcyon upgrade using *FTP to obtain the Product files from another machine would fail if the remote machine was using List Format *UNIX. This has been corrected.

  • A Job Queue Rule which had default criteria and option "2=Change" taken against the criteria which had not been used would not alert. This has been corrected.

  • A new End User License Agreement (EULA) is now included within the Halcyon IBM i EXE installer.

  • Action Template STRWATCH was using incorrect Substitution Variables &MSGQLIB and &MSGQ and did not include the ASP Group. It should be using &QUEUELIBR, &QUEUE and &QUEUEASP. This has been corrected.

  • An upgrade to Halcyon would fail if Message Console (DSPMSGCON) had "User preferences" for a userid that did not exist. This has been corrected.

  • Auto-export was incorrectly exporting Message Queue Global Exclusions when specifically excluded but the Message Queue was newly created on the target Environment. This has been corrected.

  • Halcyon Auto-Upgrade Solution (AUS) command CONFIG would fail if time separator being used was not a colon. This has been corrected.

  • Message Communicator email addresses that included a space in the name would cause an upgrade to fail. This has been corrected,

  • Message Communicator was not closing the escalation of a message when the relevant alert was closed if the SNDTXT Action was defined to use the *LOCAL "Export name". This has been corrected.

  • Message Monitor was not correctly monitoring "Not received" rules that crossed midnight. This has been corrected.

  • Message Monitor would not raise "Not received" alerts for a released Rule Group relating to a message queue on an IASP. This has been corrected.

  • Message Queue Monitor now ignores message CPF2460 which is returned from the IBM API when a message queue is full.

  • Output Queue Monitor would not correctly extract an *IPDS spooled file as part of Title checking against a Rule. This has been corrected.

  • Restricted Tasks Manager was causing an incorrect "interactive only" error which could mean that some tasks within a Task Group were not run. This has been corrected.

  • Restricted Tasks Manager was not enforcing the Batch Time-Out correctly. This has been corrected.

  • Retrieve Output Queue (RTVOUTQ) was not retrieving all spooled files if there were multiple archive files within an Archive Group. This has been corrected.

  • System Default HEM/SPLALLOBJ had mis-leading Description and help text. This has been corrected.

  • The EMAILSPLF Action was always using an email per recipient regardless of the setting in System Default HMC/EMAILBULKSEND. This has been corrected.

  • When adding/changing the QHST Message Queue Group within "Work with Rules" (WRKRULES) it would incorrectly show an error regarding the "Max consecutive cycles". This has been corrected.

  • Work with Rules (WRKRULES) would fail if a user had *USE authority and attempted to make a change. This has been corrected.

Level 3 - Advanced Automation Suite

Version 7.0

January 25, 2021

(PTF: 2021.019)

Enhancements

  • Additional rules have been made available within the M3 Customization template.

  • Change Actions (CHGACTION) now supports changing a SNMTPTRAP Action.

  • Message Monitor has had significant changes to improve performance. The Monitor now builds an internal "cache" of the ASP/IASP for each message file as it processes messages. It then uses this internal cache as much as possible instead of searching through all IASPs for every message.

  • Message Monitor now adds a message to the Halcyon Message Log every 5 minutes when a message queue on an IASP is not available for monitoring and the Rule Group is released and within the monitoring period.

  • When checking for applicable rules for a message, Message Monitor now checks that the message time is greater than or equal to the Start Time and less than the End Time +59secs on the Rule. For example, a Rule defined with a Start Time of 00:00 and End Time of 23:59 covers the time period 00:00:00-23:59:59.

Fixes

  • A Halcyon installation from the EXE would fail if the remote machine was using List Format *UNIX. This has been corrected.

  • A Halcyon upgrade using *FTP to obtain the Product files from another machine would fail if the remote machine was using List Format *UNIX. This has been corrected.

  • A Job Queue Rule which had default criteria and option "2=Change" taken against the criteria which had not been used would not alert. This has been corrected.

  • A new End User License Agreement (EULA) is now included within the Halcyon IBM i EXE installer.

  • Action Template STRWATCH was using incorrect Substitution Variables &MSGQLIB and &MSGQ and did not include the ASP Group. It should be using &QUEUELIBR, &QUEUE and &QUEUEASP. This has been corrected.

  • An upgrade to Halcyon would fail if Message Console (DSPMSGCON) had "User preferences" for a userid that did not exist. This has been corrected.

  • Archiving an AFPDS spooled file into a Document Management System (DMS) *INDEXED Archive could fail if the spooled file had a non-standard page width. This has been corrected.

  • Auto-export was incorrectly exporting Message Queue Global Exclusions when specifically excluded but the Message Queue was newly created on the target Environment. This has been corrected.

  • Halcyon Auto-Upgrade Solution (AUS) command CONFIG would fail if time separator being used was not a colon. This has been corrected.

  • Halcyon Work with Spooled Files (WRKSPLF) was ignoring the value set for "User name" on the command if System Default HEM/SPLALLOBJ was set to *NO. This has been corrected.

  • Halcyon Work with Spooled Files (WRKSPLF) was not subsetting to a Group Profile correctly when specified as the "User name" within [F17=Subset]. This has been corrected. Permission to view and manage the spooled files listed is controlled by the IBM operating system permissions.

  • Log File Monitor will now add message HEM2232 to the Halcyon Message Log when the Monitor is not authorized to access a file defined for a Rule.

  • Message Communicator email addresses that included a space in the name would cause an upgrade to fail. This has been corrected,

  • Message Communicator was not closing the escalation of a message when the relevant alert was closed if the SNDTXT Action was defined to use the *LOCAL "Export name". This has been corrected.

  • Message Monitor was not correctly monitoring "Not received" rules that crossed midnight. This has been corrected.

  • Message Monitor would not raise "Not received" alerts for a released Rule Group relating to a message queue on an IASP. This has been corrected.

  • Message Queue Monitor now ignores message CPF2460 which is returned from the IBM API when a message queue is full.

  • Output Queue Monitor would not correctly extract an *IPDS spooled file as part of Title checking against a Rule. This has been corrected.

  • Restricted Tasks Manager was causing an incorrect "interactive only" error which could mean that some tasks within a Task Group were not run. This has been corrected.

  • Restricted Tasks Manager was not enforcing the Batch Time-Out correctly. This has been corrected.

  • Retrieve Output Queue (RTVOUTQ) was not retrieving all spooled files if there were multiple archive files within an Archive Group. This has been corrected.

  • System Default HEM/SPLALLOBJ had mis-leading Description and help text. This has been corrected.

  • The EMAILSPLF Action was always using an email per recipient regardless of the setting in System Default HMC/EMAILBULKSEND. This has been corrected.

  • When adding/changing the QHST Message Queue Group within "Work with Rules" (WRKRULES) it would incorrectly show an error regarding the "Max consecutive cycles". This has been corrected.

  • Work with Indexed Spooled Files (WRKIDXSPLF) would fail if you attempted to email to a Message Communicator email device which had a name including brackets. This has been corrected.

  • Work with Rules (WRKRULES) would fail if a user had *USE authority and attempted to make a change. This has been corrected.

Level 4 - Operations Center Suite

Version 7.0

January 25, 2021

(PTF: 2021.019)

Enhancements

  • Additional rules have been made available within the M3 Customization template.

  • Change Actions (CHGACTION) now supports changing a SNMTPTRAP Action.

  • Message Monitor has had significant changes to improve performance. The Monitor now builds an internal "cache" of the ASP/IASP for each message file as it processes messages. It then uses this internal cache as much as possible instead of searching through all IASPs for every message.

  • Message Monitor now adds a message to the Halcyon Message Log every 5 minutes when a message queue on an IASP is not available for monitoring and the Rule Group is released and within the monitoring period.

  • When checking for applicable rules for a message, Message Monitor now checks that the message time is greater than or equal to the Start Time and less than the End Time +59secs on the Rule. For example, a Rule defined with a Start Time of 00:00 and End Time of 23:59 covers the time period 00:00:00-23:59:59.

Fixes

  • A Halcyon installation from the EXE would fail if the remote machine was using List Format *UNIX. This has been corrected.

  • A Halcyon upgrade using *FTP to obtain the Product files from another machine would fail if the remote machine was using List Format *UNIX. This has been corrected.

  • A Job Queue Rule which had default criteria and option "2=Change" taken against the criteria which had not been used would not alert. This has been corrected.

  • A new End User License Agreement (EULA) is now included within the Halcyon IBM i EXE installer.

  • Action Template STRWATCH was using incorrect Substitution Variables &MSGQLIB and &MSGQ and did not include the ASP Group. It should be using &QUEUELIBR, &QUEUE and &QUEUEASP. This has been corrected.

  • An upgrade to Halcyon would fail if Message Console (DSPMSGCON) had "User preferences" for a userid that did not exist. This has been corrected.

  • Archiving an AFPDS spooled file into a Document Management System (DMS) *INDEXED Archive could fail if the spooled file had a non-standard page width. This has been corrected.

  • Auto-export was incorrectly exporting Message Queue Global Exclusions when specifically excluded but the Message Queue was newly created on the target Environment. This has been corrected.

  • Halcyon Auto-Upgrade Solution (AUS) command CONFIG would fail if time separator being used was not a colon. This has been corrected.

  • Halcyon Work with Spooled Files (WRKSPLF) was ignoring the value set for "User name" on the command if System Default HEM/SPLALLOBJ was set to *NO. This has been corrected.

  • Halcyon Work with Spooled Files (WRKSPLF) was not subsetting to a Group Profile correctly when specified as the "User name" within [F17=Subset]. This has been corrected. Permission to view and manage the spooled files listed is controlled by the IBM operating system permissions.

  • Log File Monitor will now add message HEM2232 to the Halcyon Message Log when the Monitor is not authorized to access a file defined for a Rule.

  • Message Communicator email addresses that included a space in the name would cause an upgrade to fail. This has been corrected,

  • Message Communicator was not closing the escalation of a message when the relevant alert was closed if the SNDTXT Action was defined to use the *LOCAL "Export name". This has been corrected.

  • Message Monitor was not correctly monitoring "Not received" rules that crossed midnight. This has been corrected.

  • Message Monitor would not raise "Not received" alerts for a released Rule Group relating to a message queue on an IASP. This has been corrected.

  • Message Queue Monitor now ignores message CPF2460 which is returned from the IBM API when a message queue is full.

  • Output Queue Monitor would not correctly extract an *IPDS spooled file as part of Title checking against a Rule. This has been corrected.

  • Restricted Tasks Manager was causing an incorrect "interactive only" error which could mean that some tasks within a Task Group were not run. This has been corrected.

  • Restricted Tasks Manager was not enforcing the Batch Time-Out correctly. This has been corrected.

  • Retrieve Output Queue (RTVOUTQ) was not retrieving all spooled files if there were multiple archive files within an Archive Group. This has been corrected.

  • System Default HEM/SPLALLOBJ had mis-leading Description and help text. This has been corrected.

  • The EMAILSPLF Action was always using an email per recipient regardless of the setting in System Default HMC/EMAILBULKSEND. This has been corrected.

  • When adding/changing the QHST Message Queue Group within "Work with Rules" (WRKRULES) it would incorrectly show an error regarding the "Max consecutive cycles". This has been corrected.

  • Work with Indexed Spooled Files (WRKIDXSPLF) would fail if you attempted to email to a Message Communicator email device which had a name including brackets. This has been corrected.

  • Work with Rules (WRKRULES) would fail if a user had *USE authority and attempted to make a change. This has been corrected.

Record & Playback

Version 15.0

January 25, 2021

(PTF: 2021:019)

Fixes

  • Record HRP Script (RCDHRPSCR) was not clearing the screen buffer before requesting the next screen from the IBM API which could result in parts of the previous screen appearing in the current screen. This has been corrected.

  • Work with Record & Playback Scripts (WRKHRPSCR) and Work with Screen Templates would fail if IBM Programming Development Manager (PDM) was not available. This has been corrected to fail gracefully.

  • Record And Playback was not issuing message HRP0279 when the ERRMSG statement was used to terminate a script. This has been corrected.

  • Record & Playback script function %ERRMSG() was not returning the error text in some circumstances. This has been corrected.

  • Record HRP Script (RCDHRPSCR) would fail with "Incorrect password" if the system was set to CCSID 65535. This has been corrected.

  • When using option "10=Screens" in Work with Playback Sessions (WRKPLBSSN) the message "MESSAGE ID NOT FOUND IN MESSAGE FILE /MSGF" for the last screen may have been displayed when the script ended in error. This has been fixed in this release.

Back to Top

 

JAMS

Version: 7.2.632

January 20, 2021

Enhancements
  • API
    • Added a new REST endpoint to contact JAMS Support.
Fixes
  • Desktop Client
    • Resolved an issue where non-report parameters on an SSRS Job were not saved after modifying the Job source.
    • Removed the IsModified property from the Connection Store editor.
    • Updated an error message that may be displayed for a Sequence with a Runaway Schedule Item.
  • Integrations
    • Resolved an issue where the incorrect Batch Job Name was displayed after re-opening the Dynamics AX Job.
    • Enhanced the logging for Dynamics AX Batch Jobs.
    • Updated an error message in the JAMS installer that may appear when installing the Banner integration.
    • Resolved an error that may occur when opening the Source tab for SAPDataServices Jobs.
  • Scheduler
    • Resolved an issue when specifying a Connection for a File Transfer Job with an SFTP connection.
    • Resolved an issue with a JAMS Variable and Inquire access.
    • Added validation for the required fields when contacting JAMS Support.
    • Improved the Agent initialization and connection process when many Agents are defined and prevented Agents from getting stuck in a state.
  • Upgrades
    • Resolved an issue where Schedule Items were displayed twice when converting V6 Setups to V7 Sequences.

    • Improved the upgrade of Setups to Sequences for Setups that have settings corresponding to Schedule Items in V7, such as Runaway or Precheck.

Back to Top

 

Powertech

BoKS Web Services Interface

Version 8.0.0.3

January 15, 2021

  • CAS-0010235962: Fixed an issue where the request timeout feature (added in WSI 8.0.0.1) did not result in a new connection to the admin server. This caused requests and responses to be out of sync after a request timeout had occurred for any request.

  • Only failed requests for connection errors are logged to mds.log. WSI 8.0.0.1 introduced all failing requests to be logged to mds.log. This made it harder to find actual problems because of many log messages. Failing modifying requests are also already logged to audit.log.

Version 7.2.0.4

January 15, 2021

  • CAS-0010235659: SAN certificates in keystore file not working resulting in that WSI cannot start. This issue was introduced in WSI 7.2.0.3.

  • CAS-0010235962: Fixed an issue where the request timeout feature (added in WSI 7.2.0.2) did not result in a new connection to the admin server. This caused requests and responses to be out of sync after a request timeout had occurred for any request.

  • Only failed requests for connection errors are logged to mds.log. WSI 7.2.0.2 introduced all failing requests to be logged to mds.log. This made it harder to find actual problems because of many log messages. Failing modifying requests are also already logged to audit.log.

Powertech Command Security

Version 1.15

January 28, 2021

  • An issue causing unsuccessful attempts to run the PCSJRNRPT command has been resolved.
  • Several help text errors have been corrected.
  • An issue related to accessibility of the STRSQL command has been resolved.
  • An issue causing PCS journal reports to print without the proper starting data has been resolved.
  • An issue causing a failure to send email messages under some conditions has been resolved.
  • An issue causing DLYJOB to fail to honor a delay value greater than 99999 has been corrected.
  • A process to repair damaged objects is no longer missing PCSITS.
  • Attempting to insert commands into Command Security from library QBRM could result in many errors displayed at the UI, followed by a data dump. This is caused by temporarily applied BRMS PTFs. The issue has been partly rectified. Error messages continue to appear at the bottom of the screen, but the process now ends normally and the errors can be ignored.

Powertech Antivirus for IBM i

Version 8.02

January 7, 2021

New Features
  • Powertech Antivirus now uses the new McAfee 6100 Anti-Malware Engine, which includes the following:
    • Enhanced threat landscape coverage with added support for 7Z, RAR5, and ISO archive file types
    • Improved detection with added support for WinACE2, BZIP2, LZMA2, BCJ, and PPMD Codecs
    • Better handling capability for non-PE-based malware with added Driver Ordering support
    • Improved precision in detection with added Floating-point support
    • Several bug fixes, security fixes, and performance improvements
Enhancements
  • Help text has been added to the AVINSTALL command.
Fixes
  • An issue that could cause incorrect reporting of the "not scanned due to error" summary total in the Antivirus Scan Summary report has been corrected.
  • An issue causing Powertech Antivirus to send illegible messages to AVMSGQ has been corrected.
  • The End User License Agreement is now available in the License screen by pressing F8.
  • Incorrect contact information in the message that warns of an upcoming license expiration (message L100006) has been corrected.

RSA SecurID Agent for IBM i

Version 9.10

January 27, 2021

New Features
  • Agent for RSA SecurID objects are now owned by one of two User Profiles.

    The new profiles are:

    • PTUSER - Standard object owner User Profile with IBM i Special Authority set to *NONE.

    • PTADMIN - Administrator level owner User Profile, which includes all available IBM i Special Authority values.

      (Previously, all objects were owned by a single User Profile named, ACEDTI.)

    Related considerations:

    • The command WRKSECURID has been added to allow direct access to the Powertech RSA SecurID Agent for IBM i master menu.
    • In order to administer the product, another User Profile is required. Profiles authorized to administer the product must now be added to the new PTSECURID authorization list. No specific Special Authority values are required as all necessary authority is provided by the appropriate product object owner profiles (PTUSER or PTADMIN).
    • Product administrators continue to be able to review the contents of "sdconf.rec" when running the Client Check command (CLNTCHK), even though a profile swap to PTADMIN (or equivalent) is required.
    • The PASE executable /var/ace/msxt960b is now owned by PTUSER. Previously it had been owned by ACEDTI.
    • Restored journal receivers are now owned by the new product owner profile, PTUSER.
    • When upgrading from Powertech RSA SecurID Agent for IBM i version 9.9 or earlier, an attempt is made to remove the ACEDTI profile.
Enhancements
  • Master menu option 4 "Activate/de-activate remote authentication" is no longer restricted to the product owner profile, QSECOFR, or a profile that is part of the QSECOFR group. With the introduction of Authorization List PTSECURID, access is available to those users configured on the Authorization List. In addition, User Profiles with *ALLOBJ Special Authority are also able to access and use the menu option.
  • Product settings now ensure only those objects that are accessed directly by every user have *PUBLIC authority set to *USE. In addition, there are now fewer objects set to run with the object owner's authority USRPRF(*OWNER).
Fixes
  • If Message Action Item functionality has been configured for Message Id MLT1102, the correct program name is now processed in relation to initial menu option 9 "Work with TCP/IP address by profile".
  • When upgrading from versions of RSA SecurID Agent for IBM i prior to 9.9, the installation procedure now respects the previous value for the position of the @ACE library.
  • The authority on the product installation directory, /var/ace, is now set for the owner profile only (the authority is set to RWX------). This configuration helps prevent denial of service if a user with less authority than the owner user profile attempts to remove any of the SecurID-related files that are required within /var/ace.
  • An issue that caused an incorrect message to appear while running CRTAGTPRF (to create a new User Profile and automatically activate SecurID) has been resolved.
  • The server control parameters, language, country, and CCSID are now used when starting the General Server, DTIGEN. This server runs as job ACEDTIDS04.
  • F3=Exit has been removed in favor of F12=Cancel in the Work with Actions for Message Id screen.
  • When upgrading from versions of RSA SecurID Agent for IBM i prior to 9.9, the installation procedure now respects the previous value for "Activate PCS Checking".
  • Incorrect characters in the "Failed to Connect External System" message on QSYSOPR have been removed.

Back to Top

Robot

Robot Schedule

Version 13.09

January 6, 2021

  • Fixed issue with invalid ASP group on Advanced Connection Properties.

Back to Top

 

TeamQuest

Automated Analytics

Version 11.3.25

January 12, 2021

Enhancements

  • Added the ability to add annotations to interactive charts.

Fixes

  • Report Navigator interactive html charts are now interactive and are no longer blurry.

  • Instance Filters no longer return Unsupported input combination in the discovery phase if the inputs are supported.

  • Corrupted views no longer cause NullPointerExceptions or service crashes.

TeamQuest Manager

Version 11.4.6

January 21, 2021

Enhancements

  • Upgraded Apache to 2.4.46.

Version 11.4.5

January 12, 2021

Enhancements

  • Added support for VMware vSphere 7.0.

  • Added support for the Web Server Agent (tqwsp) on Linux and Microsoft Windows systems.

VCM

Version 2.9.1

January 19, 2021

Fixes

  • Fixed redirect callback errors when logging in as an LDAP user.

Version 2.9.0

January 12, 2021

Features

  • Added the ability to collect and report on metrics for the Azure App Service.

  • Added the ability to collect and report on metrics for Azure SQL databases.

  • Added support for running VCM on Redhat Enterprise Linux (RHEL) 8 systems.

  • Added the ability to collect and report AWS RDS instance metrics.

Enhancements

  • Added support for VMware vSphere 7.0.

  • Added the ability to report AIX process data support in the TeamQuest module.

  • Added the ability to configure more than one Apache Zookeeper server.

  • Added Google Cloud properties that identify the system for creating groups, using in views, and generating Key Performance Indicators.

  • Added Azure properties that identify the system for creating groups, using in views, and generating Key Performance Indicators.

  • Added a dashboard that allows you to see unused systems that are reclamation candidates.

  • Added a dashboard that allows you to create a Chargeback report for accounting purposes.

  • Added NFS request metrics to identify performance problems with NFS file systems. Metrics are only available for NFS version 4.

  • Added the ability to save Efficiency results by group for 1 year so analysts can monitor efficiency fluctuations over time.

  • Added support for custom cloud instances in the VCM Efficiency reporting to help understand cost savings potential using customized standard instance sizing.

  • Added support for scheduling reports to generate CSV output so analysts can automate exporting data into a format that can be automatically imported into a database.

  • Updated the Plans page in the Capacity Plans component to identify the user who initially created the plan.

  • Added NFS I/O metrics to identify performance problems with NFS file systems. Metrics are only available for NFS version 4.

  • Added Kernel Details metric group (Kernel Paging, Kernel Swapping, and Kernel System Calls) to identify performance problems on Linux systems.

  • Added the ability to specify a CPU or Memory threshold to reduce the amount of process data that needs to be processed to manage the scale of data.

  • Added Google Cloud properties to identify the system for creating groups, using in views, and generating Key Performance Indicators.

  • Added the ability to specify a Data Total by Partition threshold to reduce the amount of Disk IO by Partition data that needs to be processed to manage the scale of data.

  • Added the ability to show container names in the Performance Monitor component, when they are available.

  • For new VCM installations, the Disk IO filter list in the default collector configuration includes nvme in the Disk IO filter to support AWS EC2 environments.

  • Added the ability to control how often the same alert is generated by VCM when the threshold conditions are met.

  • Added support for Single Days, Range of Days, and Overlay of Days as calendar selections in VCM Details to allow you to chart multiple days of data in a single chart.

  • Added the ability to specify a Data Total by Disk threshold to reduce the amount of Disk IO by Disk data that needs to be processed to manage the scale of data.

Fixes

  • Move Workloads event does not populate Workloads to Move when Create a Plan is selected from KPI Health.

  • Corrupted views no longer cause NullPointerExceptions or service crashes.

Back to Top

 

Vera

Version 3.14.0

January 2021

New Features

  • Vera announces support for the following operating systems:

    • iOS 14

    • Connectors CentOS 7.9 and RedHat 7.9

  • Vera has created a lockout system called Brute-Force Attack Protection where if the user has attempted an incorrect password multiple times, then the user will be locked for a period of 1 minute, and progressively increasing as incorrect attempts continue. For more information, refer to "Brute-Force Attack Protection" technical guide from the Vera admin portal.

  • Vera extends its support for Server Message Block (SMB) with the Vera-Symantec Integration. If a secured file is uploaded to the SMB folder, the File Share connector correctly updates the document with the SMB share location and Access Controls Entries (ACEs) sourced from the SMB folder.

Updates

  • Vera announces end of the support for the following operating systems and applications with the 3.14.0 release:

    • Operating Systems: iOS 11 and Windows 7

    • Applications: Microsoft Office 2010 (Windows) and Microsoft Office 2016 (Mac)

  • Security Updates:

    • Vera has disabled access to the application.wadl to restrict information about the Vera API to possible attackers. For any questions or concerns regarding the Vera API and/or Vera SDK, please contact support.

    • Vera has developed a solution to prevent user enumeration that will reduce the chance of information leakage. Following are the different scenarios:

      • If email authentication is configured and its authentication flow is selected, Vera sends an email to authenticate a new user.

      • If email authentication is not configured, then Vera sends an email_auth as the auth flow to the UI but does not send an actual email.

    • Vera has improved the security of the web portal by restricting the scope and usage of the cookies used by the help option to prevent a Cross-Site Request Forgery (CSRF) brute-force attack.

    • Vera has added an HttpOnly flag to the help portal page cookies to prevent any data leaks or a brute-force attack.

Fixes

  • With a Vera-secured file, users with the Adobe Acrobat application cannot combine the file with another as per the policy and it used to display the incorrect error message "Could not be added to the list because it doesn't exist". This error message has been updated to display "Operation is disabled by the policy".

  • Vera has updated the event logs that were created during a role change for a user. An improved display of audit events when the new role is assigned will also be displayed in the audit event.

 

  • Fixed the following customer-reported tickets:

    • Fixed an issue where the matching rule for the folder had additional filename criteria if the folder rename event was not handled properly.

    • Fixed an issue where the .tif files were unable to open in the browser.

    • Fixed an issue where a user creates and provides access to a secured file to another user, and it opens as an unsecured file and stores it as an unsecured copy in OneDrive.

    • Fixed an issue where users were unable to install the Vera client on iPad.