SKyPRO Products
Page tree

Versions Compared

Old Version 6

changes.mady.by.user Horst Fuhrmann

Saved on

compared with

New Version Current

changes.mady.by.user Horst Fuhrmann

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

ACD Migration Tool

  • ACD v3.0 comes with a new easy to use migration tool that works with all newer ES versions (v 6.8.4 and up) via the new ES API
  • Massive speed increase for data migration
    • Based on the new API, the migration process will work about 3x faster
  • The issue with the migration of more than 500,000 objects has been fixed
  • The new migration tool allows the migration of all data as well as the ES index settings and mappings


...

ACD in general  -  New Features

...

  • Several vulnerability bug-fixes and security improvements
  • fixed an existing bug in the Default Workflow report - Filters show only 10 records


...

AuditServer  -  New Features

...

  • Improved communication with Elastic Search API changed to prevent memory leaks and fix the problems occurring when getting more than 500,000 objects for reports
    • This is necessary for large reports
  • fixed Fixed problem with big queries (too long HTTP request)
    • g. a report for 1 year => 365 parameters in URL.
      Hence, HTTP-request would crash, using more than 365 parameters
    • New Limit = Length of the URL string definition
      This parameter can be adjusted using the new User Interface (Admin settings)
  • Fix in scheduled reports
    • If a user has no admin rights, he could define a report but it would not work (but no Feedback given)
    • New the User Interface sends feedback “no permission”.

...

AuditDriver  -  New Features

  • Driver prevents passwords to be shown in iManager and traces
  • In the Publisher channel now we do not start the event processing by IDV to catch the status.
    We catch the status in the OTP now.
  • AJC ECMAScript was removed from all packages
  • Base package - GCV-style Driver Parameters.
    Now we use named passwords to stop all passwords instead of clear-text
  • Base and Monitor packages are split into several smaller packages.
    Hence, the administrator can choose what exactly he needs/wants to add to the ACD Driver or into the 3-party driver to monitor it.
  • Monitor package - all connection parameters were moved into the driver set package.
    Hence, enough it suffices to configure the ACD server address, credentials, and ssl SSL certificates just once for the whole driversetdriver set.
  • audit Audit and event timestamps now have milliseconds and become more precise. Now the administrator can choose the time format which will be sent to the ESElastic Search.
  • The fields "new value" and "old value" fields are cut limited to 32760 symbols to avoid ES errors
  • fixed the bug in the Default Workflow report - Filters show only 10 records
  • added 2 fields were added: "Channel" (Publisher or Subscriber) and "Place of auditing" (OTP, ITP, CTP, and so onmore)
  • now we optionally have Additionally 2 points of auditing for each channel
  • New: 2 ways of Monitor monitoring 3-party drivers:
    • send audit message directly to
    ES or put
    • Elastic Search
    • send audit events into the main ACD Drivers's queue
  • more correct handling of ES Better handling for Elastic Search errors by the ACD Driver appshim. More extended
    Extended and useful error messages from by the appshim to the driver


...

AuditProxy  -  New Features

  • The AuditProxy has been completely redone and its functionality massively enhanced
    • It is now working as the security guard for all ACD functions
  • The AuditProxy in ACD v3.0 now supports multiple LDAP servers at the same time
  • Any LDAP attributes can be used for a signing in
  • It supports the use of signed-in LDAP user attributes as filters and for transformations of the proxied data
    • Any data can be processed based on signed-in LDAP users attributes
  • Usage of new and flexible rules to control permissions
  • It supports the possible usage of security templates
    • security roles or security templates
  • Unlimited amount of proxies supported
    • unlimited amount of proxy server services
    • clustering is possible
  • Possible action calls or alarms on Audit Events
    • The AuditProxy can (is) controlling all HTTP traffic
  • It allows data filtering and transformation on the fly
  • It now features extended debugging options to control and troubleshoot applications
  • It supports a proxy-service health check
    • Health status available
  • Only 1 SSL/TLS PKC12 Keystore (instead of PEMs) certificate is now used for all ACD components
    • Hence, configuration and installation is now much easier
  • Only 1 external network port used for all ACD components (instead of five in the previous ACD version)
  • Access control for all ACD components in one place, all inside AuditProxy

AuditProxy  -  Bug Fixes

  • fix the issue if login/password containing special symbols or umlauts


...

AuditReport  -  New Features

  • Debug options added to better control snapshot process

    • No possible errors are shown hence, much easier to debug

  • The possibility was added to use LDAP attributes mapping within the config file

...

AuditExport  -  New Features

  • Various security fixes
  • ACD now supports new ES APIs, up to v 6.8.4


...

Object History Browser  -  New Features

  • An option has been added to compare and show only attributes that are different

  • The problem with Object Browser showing incorrect results if objects DNs contains delimiter symbols

    • The parser has been updated in order to solve this issue (ES)

  • A print option has been added (e.g. to print comparison)


...

Kibana and Elasticsearch Integration  -  New Features

  • Elasticsearch (ES) and Kibana have been updated to the current version (v 6.8.4)
  • No plain-text credentials anymore for Kibana plugin
  • Extending mapping rules for ES data
  • Some dashboards optimizations and improvements