Security Center 3.2.3 Release Notes
Special Note Regarding Security Center Plugins Updates:
As noted in the "SC Security & Auditing" section below, Security Center plugins updates for both Nessus and PVS have enhanced security which includes a secure channel for downloading the updates. If Security Center is permitted access to the Internet through a firewall to obtain these updates, then a firewall change to open port 443 for the Security Center system will be required. Port 80 had been previously used and existing Security Customers will need to modify the firewall rule already in use for their Security Center system.
The following changes are included in Security Center 3.2.3:
Cumulative Vulnerability Data Base
- Tracking more logical date/time-stamp information regarding vulnerabilities that have been moved to the patched and mitigated database. Now, resolved vulnerabilities will show when the vulnerability was first discovered by Security Center and the date that it was resolved.
- Corrected several minor formatting and display issues with dynamically generated information.
- The plugins list for the virus Check Scan policy has been updated.
- Several issues related to pausing scans and scheduled scans have been resolved.
- Better cleanup is performed when a scan policy is deleted.
- NetBIOS names are now provided in the Vulnerable Systems Detail chapter of the Reporting module.
- All times zones are now available when defining a report.
- Several minor issues related to the display of certain data have been resolved.
- The process of updating dynamic asset lists based on new scan information is significantly faster than previous versions of Security Center.
- The assets-sample.xml file has been updated.
- Deleting multiple static asset lists at the same time may not have worked for all asset lists that were selected. This has been corrected.
- Nessus v3.2 (currently in beta) will allow the addition of pre-compiled libraries. SC 3.2.3 provides support for uploading and use of the new .nlib files.
- Three Windows CIS compliance .audit files are now being provided with the Security Center base package.
- The log files for the version of Apache installed with Security Center are now periodically rotated and removed.
- Minor improvements to the Administrator log for readability and relevant information have been made.
SC Security & Auditing
- The plugins update processes for both Nessus and PVS have been modified to ensure that the connection used to retrieve the updates is secure, and that the packages are verified.
- PHP, OpenLDAP, and OpenSSL libraries/packages included with Security Center have been updated.
- The version of Apache included with Security Center has been updated.
- The SSL certificate included with Security Center has been updated.
- The ability to audit successful and failed login attempts is now provided.
- Entries are now made to the Administrator log when either successful or unsuccessful attempts to view the Administrator log are made.
- Several minor issues with filtering in the Cumulative Vulnerability DB, Analyze IDS Events, and Analyze Logs have been corrected.
- Corrected issues which arose in certain circumstances between Security Center and Thunder/LCE.
- Several improvements to error handling and error reporting.
- PVS plugins updates will no longer fail with PVS systems which are connected to Security Center over very low bandwidth connections.
- An issue in which the update for the Bleeding Snort rules could cause the update for the regular Snort rules to fail has been resolved.
- An issue which caused passively detected vulnerability data to delay appearing in the Patched and Missing database has been resolved.