Core Network Insight

April 2021

Version: 7.1.3

April 14, 2021

Fixes

  • Fixed issue where if the system was overloaded, the reports were not properly generated [CAS-0010236180].

  • Solved OWASP 2017 Category: A6-Security Misconfiguration vulnerability [CAS-0010236499].

  • Corrected issue with some columns output on the Riskiest Assets dashboard widget.

  • Corrected how the 'Force password Change' feature behaves during user creation.

December 2020

Version: 7.1.2

December 16, 2020

Enhancements

  • The asset details page has been improved with the addition of a summary of the detections found in the asset, threat remediation steps, and, extended threat information ensuring the correct analysis and remediation of it.

  • The threat details page has been improved to ensure that the threat information is helpful and helps with the correct analysis and remediation of it.

New Features

  • The home dashboard has been rebuilt to better display the current status of the threat landscape in the environment and to ensure that the security analysts can prioritize their work in order to reduce the threats dwell time and the impact in the business.

Fixes

  • Solved an issue with network cards not fully compatible with the new XDP Linux kernel feature triggering a failure in the packet sniffer. [CAS-0010230162]

  • Long latency on login process when at least a sensor was down. [CAS-0010230036]

  • Solved an issue with network cards not fully compatible with the new XDP Linux kernel feature causing a problem in the packet loss diagnostic charts that were showing 100% packet loss. [CAS-0010230268]

  • config_backup output too large issue was corrected. [CAS-0010213295]

  • The infections chart in Executive Report page had a wrong scale definition and it seemed that the data was always 0. The issue has been corrected in this version.

  • An email on user creation, when a password is set, is not sent anymore avoiding unnecessary password resets.

September 2020

Version: 7.1.0

September 28, 2020

Enhancements

  • The major versions upgrade process has been made more reliable and faster to avoid service outages.

  • Hardware footprint has been reduced on sensors.

  • RADIUS authentication can now be validated

  • Easier configuration of the authentication settings. Authentication settings have been merged to improve its usability and user experience.

  • New help texts have been added to Asset identification settings and it is possible now to validate the Domain Controller asset resolution settings.

  • New help texts have been added to the UI to make the configuration process easier.

New Features

  • Hardware footprint has been reduced by 70% to ensure cheaper deployments and better resources usage.

  • We now support the XDP currently emerging standard for network data processing ensuring a faster packet processing and even faster detections. Up to 10 Gbps can be processed now with the adequate network card.

Fixes

  • End User License Agreement has been updated

  • SNMP polling not working properly due to a missing file. [CAS-0010220058]

  • Detection Engine stopped Suddenly and no further detection is taking place. [CAS-0010215812]

  • Detection Engine stopped Suddenly and no further detection is taking place. [CAS-0010215812]

  • The config_export script fails sometimes while using the force option. [CAS-0010213843]

  • Unable to change user password post creating the account. [CAS-0010211129]

  • After changing the time zone in user settings, the time zone does not reflect the report when generated. [CAS-0010210874]

  • Fiber card installation can't break configuration of the primary interface. [CAS-0010207331]

  • High packet loss rate with Speedracer driver enabled under certain circumstances. [CAS-0010175598]

June 2020

Version: 7.0.3

June 29, 2020

Enhancements
  • Asset risk UI has been changed for a clearer understanding.
  • Navigation style has been updated.
  • Asset page header has been modified for a better user experience
  • Login message improvements on the User Interface to make easier the troubleshooting.
  • Hardware footprint reduction on sensors.
  • Threat Intel domain has been updated to threathunting.helpsystems.com
Fixes
  • Login page image was always reset despite the checkbox content.
  • LDAP credentials fail even when they are correct in Domain Controller Asset Resolution settings. [CAS-0010202411]
  • Improvements in traffic processing engine to make it more reliable against failures. [CAS-0010204276]
  • Dshell password authentication was not working properly. [CAS-0010205102]

May 2020

Version: 7.0.2

May 27, 2020

Enhancements

  • Integrations Menu is now alphabetically ordered.

  • RADIUS authentication can now be validated.

  • Columns that should be displayed by default on the grid give more information on the specific asset status and threats.

Fixes

  • An issue with the LDAP validation configuration was causing a crash in the user interface that could cause problems accessing it for the next 30 min

  • Modifying whitelist enables threat categories. (CAS-0010158537)

  • An issue was causing a malfunction on the user session enrichment sessions feature through active directory. (CAS-0010189597)

  • An issue has been corrected when the retro database queue was full. (CAS-0010158089, CAS-0010194418)

  • Custom Threats page breaks when non-ASCII characters are used in threat names. (CAS-0010197912)

April 2020

Version: 7.0.1

April 27, 2020

Enhancements

  • Core Security logos have been updated to blue to fit with the HelpSystems brand book.

  • Newly created users can't log in until a second password change.

  • SMTP mail server configuration validation button has been added.

  • Add SSL and TLS/STARTTLS authentication to SMTP server configuration.

  • SSL and TLS/STARTTLS authentication has been added to SMTP server configuration. (CAS-0010192121, CAS-0010184524)

Fixes

  • User Permissions prevented from correctly upgrade the product to 7.0. (CAS-0010196258)

  • Software update notifications messages have been corrected to display the correct status of the installation.

  • When creating a new user account, there's a checkbox for forcing the user to change their password upon first logging in that is not being unchecked after the change so the user is requested to change the password after each login. (CAS-0010191716)

  • Corrected a defect where 2 consecutive password resets were needed to allow a new user to log in the product.

  • Memory requirements have been modified to allow a correct functioning on lightweight micro-sensors or vSensors. (CAS-0010195683)

  • Systems and Threat tabs in the GUI are not accessible after scrolling to bottom of the page. (CAS-0010196661)

  • SIEM settings Syslog or Splunk uses UDP irrespective of changes in UI. (CAS-0010198356)

  • Statistics are now saved in multiple files. (CAS-0010198455)

March 2020

Version: 7.0.0

March 16, 2020

New Features
  • After any version update, a what's new page is presented to the user to explain the new features and enhancements released on that version.
  • Dark mode ensures that bright and eye-burning screen will not be a problem for your night on-call.
  • User interface has been updated with the following enhancements:
    • UI navigation is now easier and more user friendly with more data visualization space and easier menus.
    • New login Page.
    • New table/grids look & feel.
    • New Forgot Password Page.
    • New Reset Password Page Style.
    • Diagnostics Charts look and feel has been improved.
Enhancements
  • New help text has been added to the UI to make the configuration process easier.
  • Mail alert notifications have been improved with enriched information and a new look & feel.
  • Automatic monthly updates are now available.
  • New help text has been added to Asset identification settings and it is possible now to validate the Domain Controller asset resolution settings.
  • Under the hood performance improvements for Speedracer driver.
  • Enhanced Message Queue and communication channel improvements.
  • Easier configuration of the authentication settings. Authentication settings have been merged to improve its usability and user experience.
  • Improvements on the graphical reporting of statistics. You can select specific metrics and zoom on the data to understand better the product behaviors. (CAS-0010186683)
Fixes
  • API authentication was failing if the user had never logged into the user interface first.

January 2020

Version: 6.4.4
Fixes

  • Fix in the Diagnostics Bandwidth chart (under some conditions the graph could produce spikes due rounding errors). (CAS-0010182239)

  • Reduction of the CPU and bandwidth usage in the diagnostics data generation.

December 2019

Version: 6.4.3
Fixes

  • Improvements on diagnostic metrics calculation performance and reliability. (CAS-0010170402)

November 2019

Version: 6.4.2
Enhancements

  • SIEM events can be forwarded now using both TCP and UDP protocols via Syslog. (CAS-0010168588)

  • Performance improvements on servicenow tickets integration.

  • New notification to update servicenow synchronization status through the user interface.

  • Logon failures are now audited. (CAS-0010166873)

  • Support for VXLAN packet analysis.

  • Lists now support the possibility to display more than 100 records at a time. I.e.: assets, files, threats, etc.

Fixes

  • Improvements on diagnostics data reliability. ([CAS-0010170402)

  • Improvements on data forensics to improve support diagnostics performance. postgresql logs added.

  • Other under the hood improvements, bug fixes and performance improvements to make the product experience even more smoother.

September 2019

Version: 6.4.1
New Features

  • Network Insight can run now on AWS and Azure.

  • All audit changes are now forwarded through SIEM integrations (login, account creation, account locking, and so on).

Enhancements
  • Threat Intel host and port configuration have been removed from user interface to ease the configuration. Now only the Threat Intel API key is needed.
  • Force parameter has been added to config_export command to force an export even if the information is incomplete.
  • LDAP field names and help tips have been improved.
Fixes
  • Management Console does not connect to RADIUS server.
  • Internal Proxy IPs appear to be published as CnC IPs for Palo Alto Integration.
  • Error 500 while accessing the details for some assets from All assets page.
  • Error while accessing logs from Management Console User Interface (Settings > logs).
  • Memory management improvements on Distributed Configuration service.
  • Memory management improvements on Carrier sniffer service.
  • Performance and stability improvements.

 

Back to Core Security Products