20200805.0.0
cognitix Threat Defender version 20200805.0.0 rolls out a number of new features and improvements. Find out what’s new below.
Update Compatibility
The following versions are compatible with cognitix Threat Defender version 20200805.0.0:
Warning
As of version 20200805.0.0 cognitix Threat Defender no longer supports the legacy non-UEFI boot and installation mode. If your system does not support UEFI, install version 20200519.0.0 or 20200619.0.0. Then upgrade to the current version via the user interface (see Updating cognitix Threat Defender). We do not support upgrading from software versions older than version 20200519.0.0, however.
New Features
UEFI Boot Mode Support
cognitix Threat Defender now supports the UEFI system boot and installation mode.
Global Configurable Password Policy
Users are now asked to change their password after they first log in to increase the system security. Furthermore, you can now define global password requirements under Settings > General. This includes the required password length and complexity as well as password expiration.
Copying Policy Rules
Rules can now be copied to speed up the creation of similar rules under Policy > Rules.
Improvements
Improved Asset Handling
Asset tags can now be deleted by policy rules.
Under Inventory > Asset Logs, the Last Seen asset information now includes information from the MAC table, such as bridges, VLAN tags, etc.
The deep search function for assets was improved and now comprises Last Seen information.
All table columns under Inventory > Assets can now be sorted.
CentOS 8.2
We upgraded the base OS of Threat Defender to CentOS 8.2.
IDS: Improved HTTP Support
The IDS engine now supports additional keywords and fields for HTTP.
Network Analytics Show Flows
The dashboard under Analytics > Network now shows the number of currently open and new traffic flows.
Solved Issues
The tooltips in the user interface are now more consistent.
A documentation bug regarding the Filebeat setup in Exporting Reporting Data to Elastic/ELK was fixed.
The
/tmp
directory does no longer overflow if the configuration is frequently applied.Network objects are now correctly sorted under Policy > Network Objects.
Numbers in Analytics widgets are no longer incorrectly truncated in the Safari browser.
We fixed a possible memleak issue in the MAC table dump.
Known Issue
There may be errors (wrong version and validity) if you update a license and keep the old license in the system. To avoid this, delete the old license after adding the new one.