Minor Version 7.5.0 Released

Products Change Tracker News
,
1

What’s New in Change Tracker

The following information highlights the new and enhanced features introduced in Netwrix Change Tracker v7.5.

Change Tracker v7.5.0.0 Released February 1, 2022

New

  • Cloud Tracker: Harden cloud platforms, including Azure, AWS and GCP, with CIS certified benchmarks and constantly protect against configuration drift.
  • Vulnerability Assessor: for continuous assessment of application vulnerabilities.

Major Enhancements

  • Refreshed dashboard presentation for Compliance reporting simplifies the display of multiple policies with risk-scoring.
  • Reset Filters feature clears all Event filters back to default of Past Hour/No Device Selection.
  • Support for PowerShell-based compliance report rules allows direct re-use of scripted tests for compliance.
  • Build Your Own Baseline options, with Open Ports baseline now optionally using local netstat output, ideal for NERC CIP compliance usage.
  • Baseline options also include Local User Accounts and Groups, Services and Processes also now included.
  • Command Whitelist interface means only approved commands are used in reports and trackers.
  • Okta 2FA support for user logins, Azure OAuth2 OIDC authentication option also supported.
  • CIS Benchmark reports for a wide range of platforms, including Windows 10 and Windows Server.
  • Clone feature for Scheduled Reports makes the addition of reports quicker.
  • TCP poll option where ICMP Ping is not supported for online status check.
  • X509 certificate-based authentication.
  • Update to support registering to multiple groups via custom registration script.

Bug Fix List

This document contains the bug fix lists from the general availability (GA) version and the cumulative updates (CUs) published after GA of this product.

Version 7.5.1.5 Released July 19, 2022

ID Description
105347 Fix for Baseline - Failed Process/Services rules cannot be extended, process tracker failures need to have missing value passes flag set when extending, adding or deleting a rule
105245 Fix for Baseline - Processes/Services Cannot Be Added with Missing Value Passes Rule Option - Process/Service Rule Builder options now support Missing value passes
106778 Fix for unable to add more than 1 process failure to pending changes grid
106779 Fix for only current page of pending changes sent to hub
107120 Fix for Baseline failures from ‘No Others’ rules could not be added/extended to the baseline
105839 Enhancement re: handling multiple mongodb certificates in the certificate store
Fix for LDAPS AD login authentication, custom port can now be supplied in the LDAP:// uri, and LDAPS is honored on Windows
Fix for Settings > Groups > Agent Updates > Define the update schedule - Update button wasn’t working
Fix for show correct local user date on baseline etc timeline
Fix for Extending tracker rule failures that need to always have missing value passes due to attribute values not being available

Version 7.5.1.4 Released May 24, 2022

ID Description
For LDAPS AD login authentication on Windows (LDAPS not supported on Linux)
Added Proetheus metrics for http request count/concurrent/duration stats per dto request

Version 7.5.1.3 Released May 10, 2022

ID Description
101305 Timestamp added to generated report names has been changed from using UTC to the user’s local time zone.
To detect untrusted commands in existing policies during an upgrade from 7.3.x so that the commands are available in UI ready for approval by user
New Hub config settings: EventSubmissionBackoffThresholdMs (default 1000), EventSubmissionBackoffMinMs (30000 / 30sec) and EventSubmissionBackoffMaxMs (240000 / 4min). Used to instruct the agent to backoff when Hub is under load indicated by the event submission request processing time being greater than the limit (backoff is random number of ms chosen between min and max)
Add performance-improving index _t_1_SubmittedDateTimeUtc_1 on BackgroundTaskQueue
Use existing environment var option “NNT_API_AVAILABILITY”=“agentonly” to prevent cache pre-load at startup
Add support for windows certificate store for MongoDB certificate

Version 7.5.1.2 Released April 5, 2022

ID Description
100688 Allow registration script length up to 10000000 (~10MB) characters

Version 7.5.1.1 Released March 25, 2022

ID Description
3797 File/Folder access problem events can now be stored as the specified type, via the new config key “ProcessAccessProblemEventsAs” (default “Device”, other event type options are “Audit”, “Alert” and “Error”).
9660 Remove default NNT_CONFIG_LOCATION entry from web.config, so that IIS based installs can have a config folder location specified in an Environment variable
9661 Change Tracker uninstaller removes website from IIS even if user backs out of uninstall
9360 Added ‘NoExpansionOfEnvironmentVariables’ flag to rules schema to allow Compliance Reports to be configured to not expand Environment Variables in output text fields
For ‘template not trusted … HashError’ in ValidatePolicyDataHash to compare IsTrusted flag correctly
Increase DefaultTrialLicenseDays to 20 from 14
Updated NNT CIS Cisco IOS 15 reports, addition of NNT CIS Cisco IOS 16 and NNT CIS VMware ESXi 6.7 Benchmark reports

Version 7.5.1.0 Released March 14, 2022

ID Description
10590 Added “SyslogAllowInvalidCertificates” advanced setting to allow CT to use self-signed certificates in a remote syslog server
Handle Oracle stored procedure privileges errors in compliance report
Vulnerability page did not correctly filter when using an inherited group selection filter
Default reports not having an attachment template name set, resulting in error on update/edit from UI
For ‘Proxied device Diagnostic mode & Baseline source don’t persist’
Change events page to query SHA256 instead of SHA1
Ensure compliance/cloud/baseline timeline dates reflect the selected timezone
Ensure baseline events submitted from a tracking template that doesn’t have send baseline events are not stored
Added Microsoft Azure OAuth2 OIDC authentication for ChangeTracker signin
New FileTrackerFilePollLimit Hub config setting. Limits the items tracked by all agents’ filesystemtracker. Default is 0 (unlimited)
Addition of CIS Microsoft Windows 10 Enterprise (Release 21H1) compliance report templates
Updated CIS Microsoft Windows Server 2019 compliance report templates
Additional check to identify if a scheduled compliance report is still referenced and only remove data if related report no longer exists
Device Detail report template now includes Tracking templates along with the Compliance templates associated with a device
Updates to compliance rule descriptions to add group members info, and ports process and PID info to XML description field
Added diff/comparison display to process output rule results in compliance rule results. Updated web UI to use same presentation including character-level differences. Added optional ConfigKeys “MaxAllowedDiffSizeBytes” (default 262144) and “DiffConfigLines” (default 5) to control this feature.
Reset filters from LHS Filter Panel
Added ‘Clone’ function to duplicate scheduled reports
Update UI to remove misleading software inventory ‘ticks’ icons, replaced with ‘Awaiting Review’ and ‘Review Complete’ badges
Added ConfigKey setting “SyslogAllowInvalidCertificates” (default “false”) to allows a TCP (Secure) connection to a remote syslog server which is using a self-signed certificate
Include “Filesecurity” field in syslog CEF output
Device Detail report now includes Tracking templates along with the Compliance templates associated with a device

Version 7.5.0.0 Released February 1, 2022

ID Description
10429 Change Tracker generating lots of audit events when a user no longer exists
3614 Add Proxied Device not honoring the Custom OS Name
8420 Event Stream Dashboard Widget Event Types Configuration not Honored
7821 Incorrect Start-Time displayed when creating a new planned change having selected the ‘All Events’ option
8089 No planned change ruleset rule created when selecting the ‘All Events’ option
229 Re: showing other changes apart from contents
8422 Re: group report result event notification
9074 Planned Changes Dashboard Widget > link to Events page doesn’t filter to only Device Change events
8997 Compliance Filter - Select Report does not match name
9301 Re: size of passes / fails expression being truncated
9232 System Settings - User Password Settings Policy is being enforced when it’s not set
8689 Enhancement Request - Compliance Report - CSV Export - Remove RuleNumber From The RuleTitle Field
3820 Added collated sort to DeviceName
3563 Addition of TCP pinger to update online status for devices that can’t respond to ping
3219 Ability to sort on last poll time
8627 Support X509 certificate-based authentication
9468 Generate alert when user is locked
Updating agent online detection method (proxied devices) doesn’t persist
For adding proxied device in UI, and editing existing device details (re popup won’t close/validator won’t allow empty IPv6/OS)
Cache problem with contained devices when groups moved between groups
Added ConfigKey setting “ProcessAccessProblemEventsAs” (default “Device”) to change the type of event an access problem is processed and shows up as on the hub (values: Device, Audit, Alert, Error)
Added Two-factor authentication. Default admin account is auto-enrolled when first signing in (turn off via security:auth:twoFactor:registerAdmin = false (default:true))
Addition of SQL Server 2016 and 2019 compliance templates
Addition of CIS Windows 10 Enterprise (Release 20H2) compliance reports
Addition of CIS Amazon Linux 2 Benchmark compliance reports
Addition of CIS VMware ESXi 6.5 Benchmark compliance reports
Addition of CIS Ubuntu Linux 20.04 LTS compliance report templates
Addition of CIS SUSE Linux Enterprise Linux 15 compliance report templates
Updated packaged MongoDB to release 5.0.5
Change Tracker Bug Fix List