Monthly Release Notes - February 2025

Jump to:

Agari Alert Logic Automate Beyond Security
Boldon James Bytware CCSS Clearswift
Cobalt Strike Core Security Digital Defense Digital Guardian
Document Management FileCatalyst Fortra Fortra Application Hub
Fortra VM Globalscape GoAnywhere Halcyon
IBM Partnership Insite InterMapper JAMS
Outflank Security Tooling Powertech Robot Safestone
Sequel Showcase Tango/04 TeamQuest  
Terranova Security Titus Vera

 

Alert Logic

Managed Web Application Firewall (WAF)
Version 5.2.1.4-2645

February 15, 2025

Bug Fixes

  • Resolve a memory leak related in an interaction between ACL handling and settings for streaming inspection

Version 5.2.1.3-2632

February 4, 2025

New Features

  • Support inspection of HTTP request body for specific application paths without size limitations

Enhancements

  • Filtering and workflow improvements in Page Integrity UI

  • Use regular expression matching for Page Integrity paths instead of prefix match

  • Ability to disable inline javascript resource collection to handle issues with constantly changing inline javascript that prevents Page Integrity feature from completing resource mapping

Back to Top

 

Boldon James

MasterKeyPlus

Version 9.2

February 20, 2025

Fixes

  • When decoding Distribution List Members List attributes, MasterKeyPlus does not recognise 'X400:' and 'X400:/#X500:' prefixes to specify email addresses or Distinguished Names. Additionally, when the requested attributes for the Members List and Submit Permissions are not specified to be binary attributes, if the returned attributes are still asn.1 encoded, they are not decoded.

SAFEmail

Version 3.9.2

February 20, 2025

Fixes

  • Dynamic SPIF command line not clear when SPIFClient.exe triggers a Process Start.

SAFEmail GreenShield Expansion Pack

Version 3.9.2

February 20, 2025

Fixes

  • IPM.Note Greenshield secured messages opened from the Inbox are not decoded.

SAFEmail P7 Transport

Version 3.9.2

February 20, 2025

  • No changes for this release.

SAFEmail Security

Version 3.9.2

February 20, 2025

  • No changes for this release.

Back to Top

 

Digital Guardian

Agent for Linux

Version: 9.2.0

February, 2025

New Features

  • Certification for Additional Kernels

    This table lists the additional certified Linux kernels for Red Hat Enterprise Linux (RHEL) and Ubuntu in this release. Refer to Agent for Linux User's Guide for details about the packages required to support the new kernel versions for the Agent. Refer to Agent_for_Linux_v7.4.x_and_later_RHEL_Certified_Environments and Agent_for_Linux_v7.4.x_and_later_Ubuntu_Certified_Environments for complete lists of supported RHEL and Ubuntu kernels.

Distribution

Version

Architecture

Kernel
RHEL 9.5 64-Bit kernel-5.14.0-503.22.1.el9_5
RHEL 9.5 64-Bit kernel-5.14.0-503.21.1.el9_5
RHEL 9.5 64-Bit kernel-5.14.0-503.16.1.el9_5
RHEL 9.5 64-Bit kernel-5.14.0-503.15.1.el9_5
RHEL 9.4 64-Bit kernel-5.14.0-427.50.1.el9_4
RHEL 9.4 64-Bit kernel-5.14.0-427.49.1.el9_4
RHEL 9.4 64-Bit kernel-5.14.0-427.48.1.el9_4
RHEL 9.4 64-Bit kernel-5.14.0-427.47.1.el9_4
RHEL 9.2 64-Bit kernel-5.14.0-284.100.1.el9_2
RHEL 9.2 64-Bit kernel-5.14.0-284.99.1.el9_2
RHEL 9.2 64-Bit kernel-5.14.0-284.97.1.el9_2
RHEL 9.2 64-Bit kernel-5.14.0-284.96.1.el9_2
RHEL 9.2 64-Bit kernel-5.14.0-284.95.1.el9_2
RHEL 8.10 64-Bit kernel-4.18.0-553.36.1.el8_10
RHEL 8.10 64-Bit kernel-4.18.0-553.34.1.el8_10
RHEL 8.10 64-Bit kernel-4.18.0-553.32.1.el8_10
RHEL 8.10 64-Bit kernel-4.18.0-553.30.1.el8_10
RHEL 8.8 64-Bit kernel-4.18.0-477.86.1.el8_8
RHEL 8.8 64-Bit kernel-4.18.0-477.83.1.el8_8
RHEL 8.8 64-Bit kernel-4.18.0-477.81.1.el8_8
Ubuntu 22.04 64-Bit linux-image-6.8.0-51-generic
Ubuntu 22.04 64-Bit linux-image-6.8.0-50-generic
Ubuntu 22.04 64-Bit linux-image-5.15.0-130-generic
Ubuntu 22.04 64-Bit linux-image-5.15.0-128-generic
Ubuntu 22.04 64-Bit linux-image-5.15.0-127-generic
Ubuntu 22.04 64-Bit linux-image-5.15.0-126-generic
Ubuntu 20.04 64-Bit linux-image-5.15.0-130-generic
Ubuntu 20.04 64-Bit linux-image-5.15.0-127-generic
Ubuntu 20.04 64-Bit linux-image-5.15.0-126-generic
Ubuntu 20.04 64-Bit linux-image-5.4.0-204-generic
Ubuntu 20.04 64-Bit linux-image-5.4.0-202-generic

Fixes

  • No issues are resolved in this release.

Back to Top

 

Fortra

Endpoint Manager

February 20, 2025
Enhancements

  • When creating a configured module, the most recent installers are now listed first.

Fixes

  • Resolved security vulnerabilities and minor bug fixes.

Fortra platform

February 25, 2025
Enhancements

  • Columns can now be configured on the OAuth Client page.

  • Recovery codes are automatically generated for a user if they do not have any set up.

Fixes

  • Fixed issue with keyboard navigation.

  • Resolved security vulnerabilities and minor bug fixes.

February 12, 2025
Enhancements

  • A secondary tenant can be set for a user.

Fixes

  • Resolved security vulnerabilities and minor bug fixes.

Fortra VM

Version 7.0.5.0

February 5, 2025

New Features

  • "Full Scan" scan policy

    This release includes a new predefined scan policy, “Full Scan,” that automatically includes checks for potential (version-based) vulnerabilities, CIS benchmarks, and patches. Credentials are also auto-enabled by default in this policy. This makes it easier to check for these types of vulnerabilities without having to create a custom scan policy.

    The “Full Scan” scan policy is now the default scan policy for VM scans in newly created accounts. The “Default” scan policy has been renamed to “Network Scan Without Potentials” for clarity. No changes are occurring to existing accounts or scans as part of this release, but the Full Scan policy is available for use if desired.

Enhancements

  • Removed the blue shading from 8 AM to 5 PM in blackout windows page

  • Created new Full Scan VM Scan Policy and make it default

  • Updated RNA download filename

  • Removed Switch Account option from top right menu in standalone

  • Added the ability to filter to all owned accounts for a given account

  • Updated “DDI” to “FVM” throughout product

Fixes

  • Agent Install Error: agent_scan.pth/ddi_linux_audit.pth No Such File

  • Standard New Scan template activates 'Create and run' when illegal values are in the Target IPs field

Back to Top

 

GoAnywhere

GoAnywhere MFT

Version 7.7.1

February 19, 2025

Enhancements

  • Enhanced the Create JWT task to support RSASSA-PSS signatures PS256, PS385, and PS512.

  • Increased the default thread count of the underlying HTTP client from 1 to the number of logical processors on the system.

  • Increased the default response buffer size of the underlying HTTP client from 1024 bytes to 8192 bytes.

Updates

  • Updated Tomcat from version 9.0.97 to 9.0.98.

Fixes

  • Fixed an issue preventing the sorting of some columns on the Schedules page.

  • Fixed an issue with the PI-13 value not properly being set on the PeSIT Receive task.

  • Fixed an issue on the Automatic IP Blocklist page not properly displaying search results.

  • Fixed an issue where the PI-28 value calculated was incorrect for fixed and variable text based transfers.

  • Fixed issues regarding token retrieval, request parsing, and batched response processing in the Fortra Threat Brain integration.

  • Fixed issue where resumption functionality for the FileCatalyst Service could fail and cause hanging transfers.

  • Fixed issue with PeSIT horizontal compression.

GoAnywhere Agents

Version 2.3.1

February 19, 2025

Enhancements

  • Enhanced the Create JWT task to support RSASSA-PSS signatures PS256, PS385, and PS512.

Fixes

  • Fixed issue where resumption functionality for the FileCatalyst Service could fail and cause hanging transfers.

Back to Top

 

Halcyon

Level 1 Message Management Suite

Version 7.0

February 21, 2025

(PTF: 2025.014.1)

Enhancements

  • Message HMC0386 now includes additional information about setting up access to a Certificate Store.

Fixes

  • An Escalation List triggered from a Remote Environment now correctly stops when the Remote Alert is Acknowledged or Closed.

  • IBM PTFs SJ03017 (V7R4) and SJ03163 (V7R5) no longer affect Halcyon functionality.

  • Print System Status (PRTSYSSTS) now prints N/A for IPL Date if the information has not yet been populated by the Primary Action Monitor.

Version 7.0

February 5, 2025

(PTF: 2025.14)

New Features

  • HALINST/INSTALL now requires acceptance of the End User License Agreement (EULA). Having accepted the EULA it will not re-prompt unless a new version of the EULA is issued. Installs and Upgrades cannot be performed until the EULA is accepted.

  • Message Queue Monitor can now warn when message processing "lags". New System Defaults HMM/MSGQLAGWRN (minutes "lag" allowed) and HMM/MSGQLAGWRNFRQ (time between warnings) control this. The Monitor adds message HMM0640 to the Halcyon Message Log when the difference between the message and current time is larger than the "Lag minutes". HMM0640 is added to Admin Alert Criteria (WRKADMALT). Message Queue Rule Groups in "Work with Rules" have "Lag minutes" that can be used to override the System Default.

Enhancements

  • [F10=Notes] is now available against all Rule Types in Work with Rules (WRKRULES).

  • Send Long Syslog Message (SNDSYSLOG2) now supports sending in CEF and LEEF formats.

  • Work with Admin Alert Criteria (WRKADMALT) now includes message HAL0440 (Supervisor not able to restart monitor).

  • The Customization for Powertech Antivirus for IBM i has been updated.

  • The Delete Spooled Files (DLTSPLFG) command, previously part of Halcyon Spooled File Manager, is now available with any Event Manager Product.

  • Export messages, displayed on the screen, are now prefixed *NETMGR when the Network Transfer Method, defined in System Default HAL/NETXFERMODE, is set to *NETMGR.

  • Print Communications Log (PRTCMNLOG) now allows you to specify from/to times.

  • Work with Email Addresses (WRKEMLADR) now checks that the "From" and "To" times for "Times allowed to send" are sufficient to cover the email retry period defined in the System Defaults HMC/EMAILRETRY and HMC/EMAILRETRYINTV.

  • Work with Calendars (WRKCAL) now allows the direct editing of Rules from within "8=Where used".

  • Work with Action Schedules (WRKACTSCH) now allows the direct editing of Rules from within "8=Where used".

  • Work with User Lists (WRKUSRLST) now allows the direct editing of Rules from within "8=Where used".

  • Work with Message Sub-Consoles (WRKMSGCON) now allows the direct editing of Rules from within "8=Where used".

  • Work with Phones (WRKPHONES) now allows the direct editing of Rules from within 8="Where used".

  • Work with Pagers (WRKPAGERS) now allows the direct editing of Rules from within 8="Where used".

  • Work with Email Addresses (WRKEMLADR) now allows the direct editing of Rules from within "8=Where used".

  • Work with Message Queue Recipients (WRKMSGQRCP) now allows the direct editing of Rules from within "8=Where used".

  • Work with Broadcast Groups (WRKBRDGRP) now allows the direct editing of Rules from within "8=Where used".

  • Work with Rosters (WRKROSTERS) now allows the direct editing of Rules from within "8=Where used".

  • Work with Call Schedules (WRKCALLSCH) now allows the direct editing of Rules from within "8=Where used".

  • Work with Escalation Lists (WRKESCLST) now allows the direct editing of Rules from within "8=Where used".

  • Work with Job Lists (WRKJOBLST) now allows the direct editing of Rules from within "8=Where used".

Fixes

  • Output Queue Monitor now ignores *USERASCII spooled files.

  • Message Queue Exports using *NETMGR now work as expected.

  • Work with Failed Syslogs (WRKFAILSL2) now handles messages that do not have any text.

  • Delete Rule Group (DLTRULGRP) now allows you to specify a Rule Group name or Library that includes an asterisk (*) as part of the name.

  • TCPIP *SYSMON Rules now allow the use of *SYSTEM 'Export name' for Remote Location.

  • Work with Phones (WRKPHONES) now includes the name of the phone in the "deleted" message added to the Message Log.

  • Message Communicator now handles unknown responses from a SMTP server.

  • Output Rules (OUTRULES) include content for Object Rules when a Rule Group is specified.

  • Work with Remote Locations (WRKRMTLOC) now adds Enterprise Console in the list of Apps after [F17=Reset applications] if applicable.

  • Auto-Export now adds messages to the Halcyon Message Log when the export fails due to an incorrect login.

  • Export within Work with Rules (WRKRULES) now works for passwords that contain single quotes.

  • Delete Spooled Files (DLTSPLFG) now shows values *LIBL and *CURLIB for 'Output queue library'.

  • Clear Failed Syslogs (CLRFSYSLOG) now clears all failed Syslogs.

  • The Action Monitors now handle an empty value for the &FUNTYPE and &FUNNAME Substitution Variables.

  • Send Long Syslog Message (SNDSYSLOG2) now sends using Secure TCP.

  • Renumbering a TCPIP Rule while the Rule Group is Held no longer causes the Monitor to add a "Rule not found" error to the Halcyon Message Log.

  • TCP/IP alerts now contain the complete 20-character 'Description' from the alert criteria.

  • The "Work with Alert Log (WRKALTLOG) [F17=Subset]" function no longer accepts an invalid Product/Monitor combination.

  • Message Communicator now adds the correct message to the Halcyon Message Log when an inbound email is received for an unauthorized Email Device.

  • You can now cancel using [F12=Cancel] while in [F4=Prompt] when working with Message Queue Recipients (WRKMSGQRCP).

  • The "Work with System Defaults" (WRKSYSDFT) function only accepts a valid Communications Resource for HMC/OAUTHRESOURCE.

  • Work with Alert Log (WRKALTLOG) now shows errors within [F4=Prompt] for "Product group".

  • Work with Alert Log (WRKALTLOG) now shows a message when an option is used for action against a Rule but the Rule no longer exists.

  • The name of the Message Queue is now shown in the message added to the Halcyon Message Log (DSPMSGLOG) when a SNDMSG Action fails as the Message Queue is full.

Level 2 Systems Operations Suite

Version 7.0

February 21, 2025

(PTF: 2025.014.1)

Enhancements

  • Message HMC0386 now includes additional information about setting up access to a Certificate Store.

Fixes

  • An Escalation List triggered from a Remote Environment now correctly stops when the Remote Alert is Acknowledged or Closed.

  • IBM PTFs SJ03017 (V7R4) and SJ03163 (V7R5) no longer affect Halcyon functionality.

  • Print System Status (PRTSYSSTS) now prints N/A for IPL Date if the information has not yet been populated by the Primary Action Monitor.

Version 7.0

February 5, 2025

(PTF: 2025.14)

New Features

  • HALINST/INSTALL now requires acceptance of the End User License Agreement (EULA). Having accepted the EULA it will not re-prompt unless a new version of the EULA is issued. Installs and Upgrades cannot be performed until the EULA is accepted.

  • Object Monitor has a new Rule Type *JOBTBL for monitoring Job Table entries (IBM command DSPJOBTBL).

  • Message Queue Monitor can now warn when message processing "lags". New System Defaults HMM/MSGQLAGWRN (minutes "lag" allowed) and HMM/MSGQLAGWRNFRQ (time between warnings) control this. The Monitor adds message HMM0640 to the Halcyon Message Log when the difference between the message and current time is larger than the "Lag minutes". HMM0640 is added to Admin Alert Criteria (WRKADMALT). Message Queue Rule Groups in "Work with Rules" have "Lag minutes" that can be used to override the System Default.

Enhancements

  • [F10=Notes] is now available against all Rule Types in Work with Rules (WRKRULES).

  • Object *RCDCNT Rules now allow an *IN comparison.

  • Send Long Syslog Message (SNDSYSLOG2) now supports sending in CEF and LEEF formats.

  • Audit Journal CP (User profile change) Rules now allow you to only Alert when a new Special Authority has been added to the User Profile via new value "A" for "Special authority" within the Criteria.

  • Object Monitor *RCDCNT rules now allow a maximum of 999,999,999. Note: Processing large files consumes significant system resources.

  • Work with Admin Alert Criteria (WRKADMALT) now includes message HAL0440 (Supervisor not able to restart monitor).

  • The Customization for Powertech Antivirus for IBM i has been updated.

  • The Delete Spooled Files (DLTSPLFG) command, previously part of Halcyon Spooled File Manager, is now available with any Event Manager Product.

  • Export messages, displayed on the screen, are now prefixed *NETMGR when the Network Transfer Method, defined in System Default HAL/NETXFERMODE, is set to *NETMGR.

  • Print Communications Log (PRTCMNLOG) now allows you to specify from/to times.

  • Work with Email Addresses (WRKEMLADR) now checks that the "From" and "To" times for "Times allowed to send" are sufficient to cover the email retry period defined in the System Defaults HMC/EMAILRETRY and HMC/EMAILRETRYINTV.

  • Work with Calendars (WRKCAL) now allows the direct editing of Rules from within "8=Where used".

  • Work with Action Schedules (WRKACTSCH) now allows the direct editing of Rules from within "8=Where used".

  • Work with User Lists (WRKUSRLST) now allows the direct editing of Rules from within "8=Where used".

  • Work with Message Sub-Consoles (WRKMSGCON) now allows the direct editing of Rules from within "8=Where used".

  • Work with Phones (WRKPHONES) now allows the direct editing of Rules from within 8="Where used".

  • Work with Pagers (WRKPAGERS) now allows the direct editing of Rules from within 8="Where used".

  • Work with Email Addresses (WRKEMLADR) now allows the direct editing of Rules from within "8=Where used".

  • Work with Message Queue Recipients (WRKMSGQRCP) now allows the direct editing of Rules from within "8=Where used".

  • Work with Broadcast Groups (WRKBRDGRP) now allows the direct editing of Rules from within "8=Where used".

  • Work with Rosters (WRKROSTERS) now allows the direct editing of Rules from within "8=Where used".

  • Work with Call Schedules (WRKCALLSCH) now allows the direct editing of Rules from within "8=Where used".

  • Work with Escalation Lists (WRKESCLST) now allows the direct editing of Rules from within "8=Where used".

  • Work with Job Lists (WRKJOBLST) now allows the direct editing of Rules from within "8=Where used".

Fixes

  • Output Queue Monitor now ignores *USERASCII spooled files.

  • Message Queue Exports using *NETMGR now work as expected.

  • Work with Failed Syslogs (WRKFAILSL2) now handles messages that do not have any text.

  • Delete Rule Group (DLTRULGRP) now allows you to specify a Rule Group name or Library that includes an asterisk (*) as part of the name.

  • TCPIP *SYSMON Rules now allow the use of *SYSTEM 'Export name' for Remote Location.

  • Work with Phones (WRKPHONES) now includes the name of the phone in the "deleted" message added to the Message Log.

  • Message Communicator now handles unknown responses from a SMTP server.

  • Restricted Tasks Manager no longer gives a buffer error when you perform a Save.

  • Object *RCDCNT Rules now accept SQL that includes multiple SELECTs.

  • Work with Alert Log (WRKALTLOG) now correctly lists Journal Rule Groups within [F4=Prompt] when "Monitor" is set to JRN.

  • Output Rules (OUTRULES) include content for Object Rules when a Rule Group is specified.

  • Work with Remote Locations (WRKRMTLOC) now adds Enterprise Console in the list of Apps after [F17=Reset applications] if applicable.

  • Auto-Export now adds messages to the Halcyon Message Log when the export fails due to an incorrect login.

  • Export within Work with Rules (WRKRULES) now works for passwords that contain single quotes.

  • Delete Spooled Files (DLTSPLFG) now shows values *LIBL and *CURLIB for 'Output queue library'.

  • Clear Failed Syslogs (CLRFSYSLOG) now clears all failed Syslogs.

  • The Action Monitors now handle an empty value for the &FUNTYPE and &FUNNAME Substitution Variables.

  • Send Long Syslog Message (SNDSYSLOG2) now sends using Secure TCP.

  • Renumbering a TCPIP Rule while the Rule Group is Held no longer causes the Monitor to add a "Rule not found" error to the Halcyon Message Log.

  • TCP/IP alerts now contain the complete 20-character 'Description' from the alert criteria.

  • Work with Rules (WRKRULES) now displays errors in the [F4=Prompt] window for the Audit Journal Entry Type selection.

  • Print Audit Journal Entries (PRTAUDJRNE) *OUTSTMF now prevents output of invalid characters.

  • Message Communicator now adds the correct message to the Halcyon Message Log when an inbound email is received for an unauthorized Email Device.

  • You can now cancel using [F12=Cancel] while in [F4=Prompt] when working with Message Queue Recipients (WRKMSGQRCP).

  • The "Work with System Defaults" (WRKSYSDFT) function only accepts a valid Communications Resource for HMC/OAUTHRESOURCE.

  • Work with Alert Log (WRKALTLOG) now produces errors when invalid combinations are set in Audit Journal Monitor [F17=Subset].

  • Work with Alert Log (WRKALTLOG) now shows errors within [F4=Prompt] for "Product group".

  • Work with Alert Log (WRKALTLOG) now shows a message when an option is used for action against a Rule but the Rule no longer exists.

  • The name of the Message Queue is now shown in the message added to the Halcyon Message Log (DSPMSGLOG) when a SNDMSG Action fails as the Message Queue is full.

Level 3 Advanced Automation Suite

Version 7.0

February 21, 2025

(PTF: 2025.014.1)

Enhancements

  • Message HMC0386 now includes additional information about setting up access to a Certificate Store.

Fixes

  • An Escalation List triggered from a Remote Environment now correctly stops when the Remote Alert is Acknowledged or Closed.

  • IBM PTFs SJ03017 (V7R4) and SJ03163 (V7R5) no longer affect Halcyon functionality.

  • Print System Status (PRTSYSSTS) now prints N/A for IPL Date if the information has not yet been populated by the Primary Action Monitor.

  • An ARCHIVE Action now works with spooled files created with a time that starts with zero.

Version 7.0

February 5, 2025

(PTF: 2025.14)

New Features

  • HALINST/INSTALL now requires acceptance of the End User License Agreement (EULA). Having accepted the EULA it will not re-prompt unless a new version of the EULA is issued. Installs and Upgrades cannot be performed until the EULA is accepted.

  • Object Monitor has a new Rule Type *JOBTBL for monitoring Job Table entries (IBM command DSPJOBTBL).

  • Message Queue Monitor can now warn when message processing "lags". New System Defaults HMM/MSGQLAGWRN (minutes "lag" allowed) and HMM/MSGQLAGWRNFRQ (time between warnings) control this. The Monitor adds message HMM0640 to the Halcyon Message Log when the difference between the message and current time is larger than the "Lag minutes". HMM0640 is added to Admin Alert Criteria (WRKADMALT). Message Queue Rule Groups in "Work with Rules" have "Lag minutes" that can be used to override the System Default.

Enhancements

  • [F10=Notes] is now available against all Rule Types in Work with Rules (WRKRULES).

  • Object *RCDCNT Rules now allow an *IN comparison.

  • Send Long Syslog Message (SNDSYSLOG2) now supports sending in CEF and LEEF formats.

  • Audit Journal CP (User profile change) Rules now allow you to only Alert when a new Special Authority has been added to the User Profile via new value "A" for "Special authority" within the Criteria.

  • Object Monitor *RCDCNT rules now allow a maximum of 999,999,999. Note: Processing large files consumes significant system resources.

  • Work with Admin Alert Criteria (WRKADMALT) now includes message HAL0440 (Supervisor not able to restart monitor).

  • The Customization for Powertech Antivirus for IBM i has been updated.

  • The Delete Spooled Files (DLTSPLFG) command, previously part of Halcyon Spooled File Manager, is now available with any Event Manager Product.

  • Export messages, displayed on the screen, are now prefixed *NETMGR when the Network Transfer Method, defined in System Default HAL/NETXFERMODE, is set to *NETMGR.

  • Print Communications Log (PRTCMNLOG) now allows you to specify from/to times.

  • Work with Email Addresses (WRKEMLADR) now checks that the "From" and "To" times for "Times allowed to send" are sufficient to cover the email retry period defined in the System Defaults HMC/EMAILRETRY and HMC/EMAILRETRYINTV.

  • Work with Calendars (WRKCAL) now allows the direct editing of Rules from within "8=Where used".

  • Work with Action Schedules (WRKACTSCH) now allows the direct editing of Rules from within "8=Where used".

  • Work with User Lists (WRKUSRLST) now allows the direct editing of Rules from within "8=Where used".

  • Work with Message Sub-Consoles (WRKMSGCON) now allows the direct editing of Rules from within "8=Where used".

  • Work with Phones (WRKPHONES) now allows the direct editing of Rules from within 8="Where used".

  • Work with Email Addresses (WRKEMLADR) now allows the direct editing of Rules from within "8=Where used".

  • Work with Message Queue Recipients (WRKMSGQRCP) now allows the direct editing of Rules from within "8=Where used".

  • Work with Broadcast Groups (WRKBRDGRP) now allows the direct editing of Rules from within "8=Where used".

  • Work with Rosters (WRKROSTERS) now allows the direct editing of Rules from within "8=Where used".

  • Work with Call Schedules (WRKCALLSCH) now allows the direct editing of Rules from within "8=Where used".

  • Work with Escalation Lists (WRKESCLST) now allows the direct editing of Rules from within "8=Where used".

  • Work with Job Lists (WRKJOBLST) now allows the direct editing of Rules from within "8=Where used".

Fixes

  • Output Queue Monitor now ignores *USERASCII spooled files.

  • Copy Spooled File (CPYSPLF) and Copy Output Queue (CPYOUTQ) no longer allow the copying of spooled files to which you are not authorized.

  • The Performance Monitor now removes the spooled files created as part of checking a *POOL Rule.

  • Message Queue Exports using *NETMGR now work as expected.

  • Display Disk Analysis Data (DSPDSKDTA) now shows an error when you attempt to use an incorrect "Opt" against an ASP.

  • Work with Failed Syslogs (WRKFAILSL2) now handles messages that do not have any text.

  • Delete Rule Group (DLTRULGRP) now allows you to specify a Rule Group name or Library that includes an asterisk (*) as part of the name.

  • An ARCHIVE Action now handles the date on the spooled file being in a different format than the system date.

  • TCPIP *SYSMON Rules now allow the use of *SYSTEM 'Export name' for Remote Location.

  • Work with Phones (WRKPHONES) now includes the name of the phone in the "deleted" message added to the Message Log.

  • Message Communicator now handles unknown responses from a SMTP server.

  • Restricted Tasks Manager no longer gives a buffer error when you perform a Save.

  • Object *RCDCNT Rules now accept SQL that includes multiple SELECTs.

  • Work with Alert Log (WRKALTLOG) now correctly lists Journal Rule Groups within [F4=Prompt] when "Monitor" is set to JRN.

  • Output Rules (OUTRULES) include content for Object Rules when a Rule Group is specified.

  • Work with Remote Locations (WRKRMTLOC) now adds Enterprise Console in the list of Apps after [F17=Reset applications] if applicable.

  • Auto-Export now adds messages to the Halcyon Message Log when the export fails due to an incorrect login.

  • Export within Work with Rules (WRKRULES) now works for passwords that contain single quotes.

  • Delete Spooled Files (DLTSPLFG) now shows values *LIBL and *CURLIB for 'Output queue library'.

  • Clear Failed Syslogs (CLRFSYSLOG) now clears all failed Syslogs.

  • The Action Monitors now handle an empty value for the &FUNTYPE and &FUNNAME Substitution Variables.

  • Send Long Syslog Message (SNDSYSLOG2) now sends using Secure TCP.

  • Renumbering a TCPIP Rule while the Rule Group is Held no longer causes the Monitor to add a "Rule not found" error to the Halcyon Message Log.

  • TCP/IP alerts now contain the complete 20-character 'Description' from the alert criteria.

  • Work with Rules (WRKRULES) now displays errors in the [F4=Prompt] window for the Audit Journal Entry Type selection.

  • Print Audit Journal Entries (PRTAUDJRNE) *OUTSTMF now prevents output of invalid characters.

  • The "Work with Alert Log (WRKALTLOG) [F17=Subset]" function no longer accepts an invalid Product/Monitor combination.

  • Message Communicator now adds the correct message to the Halcyon Message Log when an inbound email is received for an unauthorized Email Device.

  • You can now cancel using [F12=Cancel] while in [F4=Prompt] when working with Message Queue Recipients (WRKMSGQRCP).

  • The "Work with System Defaults" (WRKSYSDFT) function only accepts a valid Communications Resource for HMC/OAUTHRESOURCE.

  • Work with Alert Log (WRKALTLOG) now produces errors when invalid combinations are set in Audit Journal Monitor [F17=Subset].

  • Work with Alert Log (WRKALTLOG) now shows errors within [F4=Prompt] for "Product group".

  • Delete Spooled Files (DLTSPLFG) now shows error HEM7358 (No valid authority code found) when the Halcyon Environment does not have a valid License Code for its use.

  • Work with Alert Log (WRKALTLOG) now shows a message when an option is used for action against a Rule but the Rule no longer exists.

  • The name of the Message Queue is now shown in the message added to the Halcyon Message Log (DSPMSGLOG) when a SNDMSG Action fails as the Message Queue is full.

  • Work with Rules (WRKRULES) now shows *CALC Fields within "5=Display" against a Log File Monitor Rule Group.

Level 4 Operations Center Suite

Version 7.0

February 21, 2025

(PTF: 2025.014.1)

Enhancements

  • Message HMC0386 now includes additional information about setting up access to a Certificate Store.

Fixes

  • An Escalation List triggered from a Remote Environment now correctly stops when the Remote Alert is Acknowledged or Closed.

  • IBM PTFs SJ03017 (V7R4) and SJ03163 (V7R5) no longer affect Halcyon functionality.

  • Print System Status (PRTSYSSTS) now prints N/A for IPL Date if the information has not yet been populated by the Primary Action Monitor.

  • An ARCHIVE Action now works with spooled files created with a time that starts with zero.

Version 7.0

February 5, 2025

(PTF: 2025.14)

New Features

  • HALINST/INSTALL now requires acceptance of the End User License Agreement (EULA). Having accepted the EULA it will not re-prompt unless a new version of the EULA is issued. Installs and Upgrades cannot be performed until the EULA is accepted.

  • Object Monitor has a new Rule Type *JOBTBL for monitoring Job Table entries (IBM command DSPJOBTBL).

  • Message Queue Monitor can now warn when message processing "lags". New System Defaults HMM/MSGQLAGWRN (minutes "lag" allowed) and HMM/MSGQLAGWRNFRQ (time between warnings) control this. The Monitor adds message HMM0640 to the Halcyon Message Log when the difference between the message and current time is larger than the "Lag minutes". HMM0640 is added to Admin Alert Criteria (WRKADMALT). Message Queue Rule Groups in "Work with Rules" have "Lag minutes" that can be used to override the System Default.

Enhancements

  • [F10=Notes] is now available against all Rule Types in Work with Rules (WRKRULES).

  • Change Group Times (CHGGRPTIMS) has been made available to bulk update times on Groups within Advanced Job Scheduler. This requires *CHG or *ALL to the HJS GROUPS User Permission within "Work with User Authorities (WRKUSRAUT)". Note that only times are adjusted, not Days.

  • Object *RCDCNT Rules now allow an *IN comparison.

  • Send Long Syslog Message (SNDSYSLOG2) now supports sending in CEF and LEEF formats.

  • Audit Journal CP (User profile change) Rules now allow you to only Alert when a new Special Authority has been added to the User Profile via new value "A" for "Special authority" within the Criteria.

  • Object Monitor *RCDCNT rules now allow a maximum of 999,999,999. Note: Processing large files consumes significant system resources.

  • Work with Admin Alert Criteria (WRKADMALT) now includes message HAL0440 (Supervisor not able to restart monitor).

  • The Customization for Powertech Antivirus for IBM i has been updated.

  • The Delete Spooled Files (DLTSPLFG) command, previously part of Halcyon Spooled File Manager, is now available with any Event Manager Product.

  • Advanced Job Scheduler Groups and Jobs can be edited from within "8=Where used" in Work with Calendars (WRKCAL).

  • Export messages, displayed on the screen, are now prefixed *NETMGR when the Network Transfer Method, defined in System Default HAL/NETXFERMODE, is set to *NETMGR.

  • Print Communications Log (PRTCMNLOG) now allows you to specify from/to times.

  • Work with Email Addresses (WRKEMLADR) now checks that the "From" and "To" times for "Times allowed to send" are sufficient to cover the email retry period defined in the System Defaults HMC/EMAILRETRY and HMC/EMAILRETRYINTV.

  • Work with Calendars (WRKCAL) now allows the direct editing of Rules from within "8=Where used".

  • Work with Action Schedules (WRKACTSCH) now allows the direct editing of Rules from within "8=Where used".

  • Work with User Lists (WRKUSRLST) now allows the direct editing of Rules from within "8=Where used".

  • Work with Message Sub-Consoles (WRKMSGCON) now allows the direct editing of Rules from within "8=Where used".

  • Work with Phones (WRKPHONES) now allows the direct editing of Rules from within 8="Where used".

  • Work with Email Addresses (WRKEMLADR) now allows the direct editing of Rules from within "8=Where used".

  • Work with Message Queue Recipients (WRKMSGQRCP) now allows the direct editing of Rules from within "8=Where used".

  • Work with Broadcast Groups (WRKBRDGRP) now allows the direct editing of Rules from within "8=Where used".

  • Work with Rosters (WRKROSTERS) now allows the direct editing of Rules from within "8=Where used".

  • Work with Call Schedules (WRKCALLSCH) now allows the direct editing of Rules from within "8=Where used".

  • Work with Escalation Lists (WRKESCLST) now allows the direct editing of Rules from within "8=Where used".

  • Work with Job Lists (WRKJOBLST) now allows the direct editing of Rules from within "8=Where used".

Fixes

  • Output Queue Monitor now ignores *USERASCII spooled files.

  • Copy Spooled File (CPYSPLF) and Copy Output Queue (CPYOUTQ) no longer allow the copying of spooled files to which you are not authorized.

  • The Performance Monitor now removes the spooled files created as part of checking a *POOL Rule.

  • Message Queue Exports using *NETMGR now work as expected.

  • Display Disk Analysis Data (DSPDSKDTA) now shows an error when you attempt to use an incorrect "Opt" against an ASP.

  • Work with Failed Syslogs (WRKFAILSL2) now handles messages that do not have any text.

  • Delete Rule Group (DLTRULGRP) now allows you to specify a Rule Group name or Library that includes an asterisk (*) as part of the name.

  • An ARCHIVE Action now handles the date on the spooled file being in a different format than the system date.

  • Export Group (EXPGRP) now supports user passwords that contain single quotes.

  • TCPIP *SYSMON Rules now allow the use of *SYSTEM 'Export name' for Remote Location.

  • Work with Phones (WRKPHONES) now includes the name of the phone in the "deleted" message added to the Message Log.

  • Message Communicator now handles unknown responses from a SMTP server.

  • Restricted Tasks Manager no longer gives a buffer error when you perform a Save.

  • Object *RCDCNT Rules now accept SQL that includes multiple SELECTs.

  • Work with Alert Log (WRKALTLOG) now correctly lists Journal Rule Groups within [F4=Prompt] when "Monitor" is set to JRN.

  • Output Rules (OUTRULES) include content for Object Rules when a Rule Group is specified.

  • Work with Remote Locations (WRKRMTLOC) now adds Enterprise Console in the list of Apps after [F17=Reset applications] if applicable.

  • Auto-Export now adds messages to the Halcyon Message Log when the export fails due to an incorrect login.

  • Export within Work with Rules (WRKRULES) now works for passwords that contain single quotes.

  • Delete Spooled Files (DLTSPLFG) now shows values *LIBL and *CURLIB for 'Output queue library'.

  • Update Group (UPDGRP) now finds the Group when OCCUR(*FIRST) is specified.

  • Work with Groups (WRKGRP) now always shows the "Action" for "Alerts".

  • Work with Groups (WRKGRP) for a *FTP Job allows [F13=Edit] if the "Member" name is valid and the source file exists.

  • Update Group (UPDGRP) now allows lowercase letters for the group name.

  • Clear Failed Syslogs (CLRFSYSLOG) now clears all failed Syslogs.

  • The Action Monitors now handle an empty value for the &FUNTYPE and &FUNNAME Substitution Variables.

  • Send Long Syslog Message (SNDSYSLOG2) now sends using Secure TCP.

  • Renumbering a TCPIP Rule while the Rule Group is Held no longer causes the Monitor to add a "Rule not found" error to the Halcyon Message Log.

  • TCP/IP alerts now contain the complete 20-character 'Description' from the alert criteria.

  • Work with Rules (WRKRULES) now displays errors in the [F4=Prompt] window for the Audit Journal Entry Type selection.

  • Print Audit Journal Entries (PRTAUDJRNE) *OUTSTMF now prevents output of invalid characters.

  • The "Work with Alert Log (WRKALTLOG) [F17=Subset]" function no longer accepts an invalid Product/Monitor combination.

  • Message Communicator now adds the correct message to the Halcyon Message Log when an inbound email is received for an unauthorized Email Device.

  • You can now cancel using [F12=Cancel] while in [F4=Prompt] when working with Message Queue Recipients (WRKMSGQRCP).

  • The "Work with System Defaults" (WRKSYSDFT) function only accepts a valid Communications Resource for HMC/OAUTHRESOURCE.

  • Work with Alert Log (WRKALTLOG) now produces errors when invalid combinations are set in Audit Journal Monitor [F17=Subset].

  • Work with Alert Log (WRKALTLOG) now shows errors within [F4=Prompt] for "Product group".

  • Delete Spooled Files (DLTSPLFG) now shows error HEM7358 (No valid authority code found) when the Halcyon Environment does not have a valid License Code for its use.

  • Work with Alert Log (WRKALTLOG) now shows a message when an option is used for action against a Rule but the Rule no longer exists.

  • The name of the Message Queue is now shown in the message added to the Halcyon Message Log (DSPMSGLOG) when a SNDMSG Action fails as the Message Queue is full.

  • Work with Rules (WRKRULES) now shows *CALC Fields within "5=Display" against a Log File Monitor Rule Group.

MQ Manager

Version 15.0

February 5, 2025

(PTF: 2025.14)

Enhancements

  • Halcyon MQ Manager now supports the use of symbolic links as part of the MQ Configuration.

Network Server Suite

Version 11.6

February 5, 2025

New Features

  • NSS: A new feature has been introduced to the Halcyon UI ribbon applications, enabling users to switch between dark and light modes effortlessly. Dark Mode is saved per user and not by the application. Setting Dark Mode in any one of the UI ribbons applies it across all of the applications, even those not currently loaded, which will then use the theme once opened.

Enhancements

  • EC: The Halcyon Enterprise Console mobile app has been updated to be compliant with Google Play policies.

  • EC: The Enterprise Console Android application's login form has been rebranded.

  • EC: Generic failed login messages are now displayed within the Enterprise Console Android app.

  • EC: Landscape view of app content has been enabled.

  • EC: In the Enterprise Console Android App, devices are listed in order of their alert importance. This ensures that critical alerts receive immediate attention.

  • EC: The Android app targets Android 13 (API level 33) or higher.

  • EC: The maximum log file size can now be specified for both the client and server. The EC Client’s log file size can be set up to 100MB, while the server’s log file size can be set up to 500MB.

  • IA: The Instant Alert Message Sender and IASend console application has been enhanced to allow the sending of messages to rosters.

  • IA: Rosters can now be exported and imported from Instant Alert settings.

  • IA: Emails and text messages can now be sent to a 'roster' (call rotation). This needs to be defined in the Instant Alert Address Book.

  • NSS: Connections to SQL Server will now utilize the Microsoft OLE DB Driver (MSOLEDBSQL) instead of the deprecated SQL Server Native Client.

  • NSS: PostgreSQL, utilized by NSS Windows Agents, has been upgraded to version 17.0.

  • NSS: The installers now include the updated Microsoft Visual C++ 2015-2022 redistributables which will be listed as new prerequisites.

Fixes

  • EC: Fixed a connection issue, introduced in NSS 11.4, to allow mobile applications to communicate with the Halcyon Enterprise Server.

  • EC: User permissions are now taken into account when closing IBM® i ‘inquiry’ alerts.

  • EC: The issue with deleting alerts from the Android app has been resolved.

  • EC: A fix has been applied so that under certain conditions, the Enterprise Server rules no longer become corrupted or disappear.

  • EC: The ability to use square brackets when searching for alert text has been fixed.

  • NSS: PostgreSQL will now be installed in the designated installation folder instead of the ‘Program Files’ directory.

Record & Playback

Version 15.0

February 5, 2025

(PTF: 2025.14)

Fixes

  • Work with Playback Sessions (WRKPLBSSN) now shows Sessions as *WARN Status when screens are set to error using the SETERROR statement.

  • Run HRP Script (RUNHRPSCR) now exits debug mode cleanly.

Back to Top

 

JAMS

Version: 7.7.3

February 27, 2025

IMPORTANT: Before downloading and upgrading to JAMS V7.7.2 or higher, please review Managing the JAMS Database and consult with your organization's SQL Database Administrator. Microsoft requires changes to SQL Database connections. Ensure the common.config file in JAMS is updated accordingly, if needed, before proceeding with an upgrade.
Enhancements
  • Desktop Client
    • Added a new List View in the Task Toolbox to list the Jobs associated with Submit Job Tasks in a Sequence Job.
  • Installer
    • Updated the JAMS installer to include and install SQL Server Express 2022.
    • Updated to NET 8.0.11 and Visual Studio 14.42.34433 C++ 2015-2022 Redistributable.
    • A root Certificate Authority and Scheduler listener are now created as part of upgrades and installs if they do not already exist.
    • Updated the installer to require any missing prerequisites to be downloaded and installed manually. The installer no longer downloads the required .NET frameworks.
  • Scheduler
    • Added updates for issues with Agent connections and for Jobs staying in the Executing state on Connect On Demand Agents.
Fixes
  • Desktop Client
    • Resolved an issue where an Execution Method may not be imported correctly if it has a parameter with variable reference in it.
    • Resolved an issue where importing a Folder with a Relative Notification Job fails when the Search Path is inherited from a parent Folder.
    • Resolved an issue where an Agent may not be assigned when a Batch Queue is used.

Back to Top

 

Powertech

BoKS Manager

Version 9.0.0

February 24, 2025

Server s-9.0.0
New Features

  • BoKS Principal feature that enables multiple multiple user accounts to be grouped under one entity.

  • BoKS Learn Mode feature to discover requirements for users and access rules in a server environment.

  • Separate BoKS SSH package.

  • Create and modify timestamps are now available for BoKS host objects.

  • Command boks_graceful_shutdown added to shut down Replicas in a graceful manner.

  • extauthadm now supports the simple Radius configuration.

  • extauthadm now supports yubikey.

  • New options in cadm to fetch version numbers for BoKS packages.

  • Auto-registration automatically add Server Agent secondary addresses.

  • Create/Modify timestamps available for pre-registration entries.

  • It is now possible to limit the number of required character classes for passwords.

  • Sudo -l and -ll support.

  • Sudo targetpsw support.

  • adgroup prefixes configurable.

  • Sudo secure_path.

  • Support for symlinks as programs in SUDO rules.

  • support for sudo -l -U.

  • sudoedit now supports sudoedit_follow modifier.

  • Added check if host certificates are about to expire.

  • Support for yescrypt password hash added.

  • New program "boksmkcrl" for Certificate Revocation Lists.

  • certadm can now list revoked certs for a specific issuer CA.

Updates

  • Behavior of failed screen unlocking has changed.

  • Log severity level unified for password change logs.

  • BoKS UNIX group object attributes changed (TAB_UNIXGROUP).

  • BoKS EMS password events is tied to BoKS principal.

  • boks_portmux fail-check-slow/severity default changed.

  • Changed "User principal name" to "Kerberos principal name".

  • The sysreplace.conf file has moved.

  • Default BoKS bokspam.conf file renamed.

  • BoKS method.conf file moved.

  • classadm -v option only allowed for listings.

  • Structured data field principal renamed kerberosPrincipal.

  • Some audit log Structured Data parameter names have changed.

  • Authenticators optional_ssh_cert and ssh_cert are renamed.

  • Deprecated CLI ldapdomainadm.

  • boks_hostlookupd is deprecated.

  • lsbks -f is deprecated.

  • Audit log structure data element clientTime removed.

  • Virtual Cards support removed.

  • The old implementation of learn mode has been removed.

  • Support for .boks_env has been removed.

  • Support for RC5-128 has been removed for the BoKS bridge communication.

  • $BOKS_var/data/db.conf has been removed.

  • Database encryption and checksum not supported.

  • Direct DB upgrade from BoKS 7.2 or later only.

  • Old learn mode has been removed.

  • The blobadm command has been removed.

Fixes

  • extauthadm should enforce brackets around IPv6 address in URL.

  • Don't use ICMP ping in checkdomain (and other improvements).

Client c-9.0.0
New Features

  • BoKS Principal feature that enables multiple multiple user accounts to be grouped under one entity.

  • BoKS Learn Mode feature to discover requirements for users and access rules in a server environment.

  • Separate BoKS SSH package.

  • Kerberos pkinit PKCS#11 adapter for ssh-agent protocol.

  • Calling BoKS PAM module from application without root privileges.

  • Support for sudo -E and --preserve-env.

  • New PAM module pam_boks_limits.

  • New options in cadm to fetch version numbers for BoKS packages.

  • Auto-registration automatically add Server Agent secondary addresses.

  • The boksversion CLI has a new option "-p" for querying installed packages.

  • Sudo -l and -ll support.

  • Turn off default Sudo directory and program checks.

  • Sudo targetpsw support.

  • Sudo secure_path.

  • Support for symlinks as programs in SUDO rules.

  • Support for sudo -i without command.

  • support for sudo -l -U.

  • bash_profile and .bashrc files provisioned by BoKS.

  • Allow root to always do sudo.

  • sudoedit now supports sudoedit_follow modifier.

  • Support for yescrypt password hash added.

  • Audit logging of disabling/enabling of local kslog encryption.

  • Added hostname to debug output from boks_sshd, scp-server, and sftp-server.

  • New config variable 'authentication/cert/pkcs11-provider'.

  • Certificate authentication supports certificates with SHA512 signatures.

Updates

  • Manual account block locks local passwd.

  • boks_bksd now handles native screenlock for idle screens execpt for AIX.

  • Agent forwarding disabled by default.

  • "sftp-scp" is logged if sftp-server is used.

  • The sysreplace.conf file has moved.

  • Default BoKS bokspam.conf file renamed.

  • Set SASL_NOCANON true in BoKS ldap.conf file.

  • The boksversion outputs list BoKS native package version(s).

  • Increase btmp.bt_token field from 8 to 32 bytes.

  • Sudo now resolves symbolic links.

  • boks_host_deregisterd has been renamed.

  • Deactivating BoKS will remove stale symbolic links.

  • Some audit log Structured Data parameter names have changed.

  • sudo checks all all programs with given name in PATH.

  • Log messages have changed.

  • LOG_CRIT and LOG_ERR errors from boks_sshd are no longer warnings.

  • Authenticators optional_ssh_cert and ssh_cert are renamed.

  • External authentication programs moved from $BOKS_lib/ to $BOKS_lib/extauth.

  • BoKS legacy X-display lock deprecated.

  • Deprecated $BOKS_etc/radiusclient/server.

  • Deprecated $BOKS_etc/yubix.conf.

  • Certificates with SHA1 signatures are deprecated.

  • Audit log structure data element clientTime removed.

  • Virtual Cards support removed.

  • Support for .boks_env has been removed.

  • The -h option of boksversion is removed.

  • clntlog is removed.

  • Support for RC5-128 has been removed for the BoKS bridge communication.

  • Support for authentication using legacy securid API removed.

  • BoKS server agents 8.1.1.0 and later will not work in pre-7.0 domains.

Fixes

  • SSH rc scripts not executed for remote commands if kslog set on access rule.

Version 8.1 (version update)

February 21, 2025

Server s-8.1.0.15
Fixes

  • Performance enhancements when creating / modifying hosts.

  • Made the idle timeout in boks_portmux configurable.

  • Added logging for the BoKS DB initialization time to the boks_errlog file.

Version 8.1 (version update)

February 12, 2025

Client c-8.1.0.21
New Features

  • Make the time interval configurable for adjoin autoupdate to create a new key.

Fixes

  • Missing radius features: nas-identifier and Message Authenticator.

  • Changed the BoKS SSHD version number from three digits to four.

BoKS Control Center

Version 9.0.0

February 24, 2025

New features

  • Make certificate expiry warning time configurable.

Updates

  • Directories for configuration (etc) and logs (var) are moved to the installation directory (/opt/bccps).

  • Java 21 or later is required.

  • Support for relocation of directories during install of the RPM packages is removed.

  • Java Security Manager and bcc.policy file are removed.

Fixes

  • Authenticator "Must use" radio button should be preselected to "no".

  • Domain password policy's password parameters can't be edited from BCC when using ABAC.

  • Use browser locale date format for date handling.

  • Support for modifier use_targetpsw for SUDO, SUDOEDIT and SUDOLISTOTHERS access rules.

  • Secondary unix groups section not shown when group management is disabled.

  • Html pages should specify charset utf-8.

BoKS Web Services Interface

Version 9.0.0

February 24, 2025

New features

  • JWT authentication support with REST API.

  • BoKS authentication.

Updates

  • Directories for configuration (etc) and logs (var) are moved to the installation directory (/opt/mds).

  • Java 21 or later is required.

  • Multi-domain functions are deprecated.

  • Support for relocation of directories during install of the RPM packages is removed.

  • Installation TAR package are no longer provided.

Fixes

  • Request ID is added to the audit log messages.

  • ISO date format in log audit log messages.

  • New log4j2.xml file gets root ownership on upgrade.

Antivirus for IBM i

Version 8.12

February 4, 2025

Enhancements

  • In previous versions, the anti-ransomware functionality evaluated file server activity for both the IBM i NetServer, and the File Server host server. The anti-ransomware functionality now defaults to only taking IBM i NetServer activity into consideration and ignores activity from the host server. This default behavior can be overridden from the new Configure Anti-Ransomware Options option in the Anti-Ransomware menu, or by using the new Configure Anti-Ransomware Opts (AVCFGRWO) CL command.

  • You can now add one or more tags when registering an endpoint.

  • The captions for the parameters of the Register as Web Endpoint (AVREGWEB) command have been changed to express their functions more clearly.

  • Entering any type of license code will now display the Fortra License Agreement.

Fixes

  • The “Skipped” value in the Scan Summary report comprised objects skipped by the scan engine, and objects skipped by our scanner. Objects skipped by our scanner were added to the OK count, whereas objects skipped by the scan engine were not. That has been remedied so the totals will now be more accurate.

  • References to extension types have been removed from the Antivirus commands ‘FILES’ parameter.

  • Under certain conditions, the DAT update log would contain a message indicating a "Checksum failed" message. This message will now only be included in the DAT update log if the downloaded DAT files contain an actual checksum error.

  • The Run AV Scan Task (AVRUNTSK) command now scans files that have a naming convention prefixed with a blank.

  • Virus Definition (DAT) updates that are started from the web interface no longer generate a checksum error in the DAT update log .

  • Help text for the Change *ALLOBJ Profile menu option now provides a more detailed explanation of requirements and profile usage.

  • The help text for command AVCFGTSK (LOGLVL) parameter has been updated to reflect the actual values that can be entered.

Encryption for IBM i

Version 4.04

February 26, 2025

New Features

  • Powertech Encryption now supports integration with Midrange Dynamics Change Management (MDCMS) and MDRapid for deployment of files that contain encrypted data. Please request specific instructions from Powertech support if needed.

Enhancements

  • Performance has been improved when field encryption is activated over files that contain many fields.

  • The Add Field Encryption (ADDFLDENC) command now auto-populates the data type (DBFLDTYP) and field length (DBFLDLEN) parameters if the user does not specify values for them.

  • New error messages and audit entries have been added to the product to more clearly indicate when an existing Powertech Encryption for IBM i instance has been moved to a new system, but a Master Encryption Key was not recreated.

Fixes

  • The Print Field Encryption Registry Entries report has been corrected to print the full length of key label names.

  • Using option 22 to generate a Configuration Report against an entry in the Work with Field Encryption Registry now prints the full long name for the field name.

  • The licensing check related to processor capacity has been resolved.

Multi-Factor Authentication

Version 1.6.1

February 5, 2025

Enhancements

  • This release contains two Insite updates that are specific to the MFA product. Linux and Windows updates automatically detect if the install system has Insite installed, and if so, apply the updates to respective locations. If the Insite server is located on a system that does not contain a MFA manager, then the Insite fixes need to be applied manually.

  • PostgreSQL has been upgraded to 16.6 due to a security vulnerability (CVE-2024-10979).

  • The Catalina logs are shipped as turned on. They will use the default days and size (10MB - Count of 3 - and 90 Days) and will be set to INFO.

  • PMFA now requires TLS 1.2 and above, if TLS is used.

  • The instructions for securing the connection between the Authentication Manager and HelpSystems Insite were rewritten for clarity.

  • A number of RADIUS related fields, Radius User Name, LDAP User Name, Full Name, and Email have been increased in size to 256 characters.

Fixes

  • During a failover, the bat files contain an error that may cause the failover mechanism to not complete properly. In this case, the failing file will be retried and if it fails a second time, then a message will be sent that failover was unable to complete due to file issues.

  • We have now documented that PMFA supports Windows Server 2022.

  • Please note that this product currently requires installed versions of:

    • Microsoft Visual C++ 2010 Redistributables

    • Microsoft Visual C++ 2015 Redistributables

    • Microsoft Visual C++ 2017 Redistributables

    • Microsoft Visual C++ 2015-2019 Redistributables

  • From this release onwards, upgrades will no longer result in the deletion of any subfolders within the INSTALLDIR\Help Systems directory.

Multi-Factor Authentication IBM i Agent

Version R01M11

February 5, 2025

Enhancements

  • The Multi-Factor Authentication main menu now includes option 8=Confirm Configuration Identifier to specify the source identifiers that are to be used to verify a configuration request.

  • New function key (F5) has been added to Work with Authentication Managers that allows the administrator update the list from the single server.

  • Entering any type of Expiry Code will now display Fortra's License Agreement.

Fixes

  • A number of program objects have been updated such that when run, those programs adopt the correct owner authority.

  • The Multi-Factor Authentication exit program for Remote Command/Program Call (QIBM_QZRC_RMT) now authenticates remote commands and programs.

  • When using IBM i ACS to make a TCP Sign on request, the request rejection window no longer contains reference to library PTMALIB.

  • The "Help information is incomplete" message is no longer displayed at the bottom of the help text window.

Security Scan for IBM i

Version 3.4.8

February 14, 2025

Enhancements

  • File transmission through goAnywhere has been updated.

  • The user interface has been updated to reflect the branding of Fortra.

Fixes

  • The certificate used for sending reports to Fortra has been updated.

  • An issue with the information in the report sent to Fortra for a free consultation from a Security Advisor has been resolved.

Back to Top

 

Terranova Security

Version: 1.112

February 27, 2025

Enhancements
  • The platform's Learning Zone has been updated to comply with WCAG 2.1 AA standards, ensuring better accessibility for all users.
  • Partners accessing a child environment with ContentHub Read-Only enabled will no longer be able to add content to the library or launch content from ContentHub.
Fixes
  • An issue caused inactive scheduled email reports to be sent multiple times a day to some users, resulting in their inboxes being spammed. This issue has now been resolved.
  • The issue with the missing separator in the Menu UI has been resolved.
  • Other minor bug fixes.

Back to Top

 

Titus

DCS Policy Manager (Cloud)

Version 2025.01 HF1

February 28, 2025

New Features

  • For DCS for Data at Rest (DaR) only, replaced “Set classification” action with new “Set classification – scans” action. The default parameter values for this new Policy Manager action match the default Administration Console values for the DCS for DaR “Set Classification” action.

Enhancements

  • Improved Policy Manager importing for Administration Console TCPG files as follows:

    • Schema Views include enabled Schema Fields as configured in the Administration Console.

    • The Administration Console “Required” Schema Fields setting is the same as the Policy Manager “Force selection” Schema Fields setting. The configured data can be migrated from the Administration Console to Policy Manager.

  • Updated all File event properties to be multivalued in Policy Manager code. Administration Console policy configurations require administrators to click a "Repeat Rule" checkbox for certain message and file properties. In the Policy Manager, multivalued event properties show "All", "None of", "One of", or "Which" in the condition builder.

  • Updated “File.CustomDocumentProperties” event property to allow administrators to enter custom document property names and values.

  • Updated descriptions for the “Apply date offset” action used by DCS for DaR.

Back to Top