This document describes many of the changes that are included in SecurityCenter 4.8, as well as significant enhancements and notes for upgrading. A PDF file of these release notes is also available here.
Upgrades are only supported for those users running SecurityCenter 4.7.1 and later. Users upgrading from 4.7 and earlier must first perform an upgrade to SecurityCenter 4.7.1 before attempting to upgrade to version 4.8. Please refer to the SecurityCenter 4.7 Upgrade Guide for information about upgrading to SecurityCenter 4.7. Information about upgrading from SecurityCenter 4.7.1 is available in the SecurityCenter 4.8 Upgrade Guide.
SecurityCenter 4.8 only supports Nessus scanners 5.x or later. The Passive Vulnerability Scanner must be version 4.0 or higher. In addition, if SecurityCenter leverages the Log Correlation Engine (LCE) for log processing, the LCE must be running a minimum of version 3.6.1 for compatibility purposes and LCE 4.2.x for complete feature compatibility.
The command syntax for an RPM upgrade is as follows:
# rpm -Uvh [RPM Package File Name]
File Names & MD5 Checksums
There has been a complete revamp of the user model within SecurityCenter. There is no longer a hierarchal mode of creating users and managers. The user model now follows the more common "grouping" method of creating and managing users.
Groups are now used to define what security data (vulnerabilities, events, etc.) people have access to. Roles and permissions are used to define what they can do with it. Below is a brief comparison of some functionality between 4.8 and previous versions:
|4.7 and Previous Releases||4.8|
|The OrgHead account needed to be shared to provide full management access.||User-Group relationships allow an unlimited number of users full access to both users and objects across the organization.|
|The user hierarchy is problematic as it cannot be altered after user creation.||User hierarchy is replaced by user groups. Users may be moved between groups.|
|Managers cannot manage "all" users due to the hierarchy. A manager has no visibility into to users created by the OrgHead account or other managers.||User hierarchy is replaced by groups, and any user with "Manage Users" access to the group will be able to manage all users within that group. So, the "SecurityManager" can create a group, assign users to it, and any other users who have "Manage Users" access to that group will also be able to manage those users, regardless of who created them.|
|Neither OrgHead nor managers can manage scans or reports created by other users.||Any user with "Manage Objects" access to a group will be able to edit/delete/use any object created by any user who belongs to that group.|
|Complex asset calculations due to hierarchy and having to compute for every user.||Asset calculations are done for the group, rather than for individual users. So, if you had 100 users in an organization and they were divided in 3 groups, asset calculation is run only 3 times versus 100.|
In SecurityCenter 4.8, we have continued to migrate more of the application over from Flex to HTML5. The big addition was the introduction of the "Analysis" screen into the HTML app. This also allowed us to enable the drill-down from the dashboard.
There are a lot of changes from a look and feel perspective as well as workflow on the new "Analysis" page. This release is intended to introduce users to the more streamlined, easier to use SecurityCenter.
Combination Asset Support
In previous versions of SecurityCenter, users had the ability to create pretty powerful asset lists dynamically using a number of different methods. However, there was no way for them to merge multiple dynamic asset lists into a single dynamically updated asset list. In 4.8, we have added this functionality.
For example, you can create one asset list that covers Windows servers and a second asset list that contains Windows workstations. You can create a single dynamic asset list that contains those two assets. As each of the individual asset lists gets updated, so does the parent.
In 4.8 we have considerably enhanced filtering capabilities. Users now have the ability to apply set logic against multiple assets. For example, while on the "Analysis" screen you are now able to perform a filter that essentially does: "I want to look at all the vulnerabilities that are in Asset A and Asset B and are not in Asset C".
Defining User Responsibility
A new feature in this release is the introduction of defining "User Responsibility". This will allow managers to associate an asset with a user. At that point, the user can configure dashboards or reports that are based solely on the IPs that they are responsible for.
Updated method for handling Database Credentials
In previous versions of SecurityCenter, when defining a scan that required the need to include database credentials, you needed to define that in each scan policy you created. In other words, the credentials you needed for scanning a database was not being serviced by the Credentials portion of the application. In 4.8, this is no longer the case.
Support for PCRE in Dynamic Asset Lists
In 4.8, we have added the support for Perl Compatible Regular Expression (PCRE) when defining dynamic asset lists. Previously we only supported POSIX, which does not allow for setting a negative operator. Now with the addition of PCRE, support for this has been added.
Updated communication between PVS and SecurityCenter
In SecurityCenter 4.8, we have updated how PVS and SecurityCenter communicates. These changes will allow for better management of PVS. Due to this change, all attached PVS scanners must be of version 4.0 or higher.
- IP Ratio Matrix breaks template
- Fixed an issue with prepare_rep_assets which is causing asset list calculations to show zero.
- Resolved an issue when CSV Reports are disabled after editing copy.
- Fixed an issue where CSV reports are missing lines, every 5000 lines it drops a line.
- Resolved the issue that generated the follow error: "Dashboard component #xxx not found. Unable to retrieve Component #xxx".
- Fixed the issue where a user could not send a Customer Dashboard to a report.
- Numerous other fixes.