• Support
  • Forums
  • Blogs

USM Anywhere 2018-07-12 Update

JeffOlenJeffOlen

New Life Form
+3
We've updated USM Anywhere with the improvements and defect fixes listed below. The USM Anywhere service and Sensors are updated automatically so you do not need to take any additional actions for the update to take effect.

Improvements

Improvement to Network IDS configuration: You can now specify network ranges for your internal networks (home_net) as part of the Network IDS configuration on a sensor.

New AWS dashboard chart: The AWS dashboard now includes a “Account Vendors” chart that identifies known vendor services generating CloudTrail events.

Notable Defects Fixed

ATLAS-11469/ATLAS-15858/ATLAS-16960 Various improvements to CSV exports for 50k records
ATLAS-15200 Supplemental Vulnerabilities Report - Error while creating report
ATLAS-16471 "Receive Alarm Notifications" not available if user is exists in USM Central
ATLAS-17247 Azure jobs stop running after job timeout

Threat Intelligence

New Plugins
AR-1812 SoftEther VPN

Improvements
AR-1759 Correlation rule for "entered promiscuous mode" should ignore veth interfaces
AR-1761 Nxlog does not parse some logs
AR-1787 Add account_vendor to the CloudTrail plugin
AR-1790 Create a Custom Function to format MAC addresses
AR-1805 Alienvault-Agent: add protocol dict to plugin
AR-1811 NXLog Exchange add parsed field

Defects
AR-1733 Kerio Plugin for USM Anywhere event name blank
AR-1809 CheckPoint FW1 R77.3O ~ 'Drop' events show as 'Allowed_Event'
AR-1816 HP Storage Area Network Switch: Replace MAC addreses with IPv6 addreses
AR-1820 PacketFence: Avoid capturing "unknown" for MAC Addresses tags
AR-1823 Cisco ISE Plugin is not parsing username
AR-1827 Potential FP:Remote WMIC Activity
AR-1837 NXlog event with no name
AR-1844 Update DHCP plugin to fix MAC Addresses

Share post:

Sign In or Register to comment.