20201218.0.0
cognitix Threat Defender version 20201218.0.0 rolls out a number of new features and improvements. Find out what’s new below.
Upgrade Compatibility
The following versions are compatible with cognitix Threat Defender version 20201218.0.0:
New Features and Improvements
GDPR Data Export
Under Inventory > Data Export, cognitix Threat Defender now provides data exports that contain all data collected on selected users or assets in compliance with the right of access as stipulated by the GDPR.
SNMP Compatibility
Under Settings > Monitoring, you can set up SNMP connection information to provide cognitix Threat Defender statistical data to a central monitoring system.
IDS/IPS Improvements
It is now possible to upload .txt and .csv files with user-defined IPS rule sets to the IDS/IPS system of cognitix Threat Defender. You can toggle between the standard IPS rule set provided by cognitix Threat Defender and custom rule sets.
The keywords used in IPS rules are documented in IPS Rule Definitions.
cognitix Threat Defender now supports optional Suricata thresholding keywords.
The IDS engine supports additional HTTP and TLS keywords.
The external logs (via syslog, JSONL, or IPFIX) now contain IPS rule descriptions in addition to rule IDs.
Installer Improvements
cognitix Threat Defender now provides upgrade and recovery installations that keep the existing configuration when cognitix Threat Defender is re-installed.
The installer now displays the cognitix Threat Defender software version to be installed. On genua hardware, it also displays the hardware version used.
cognitix Threat Defender now supports MMC storage mediums.
Logging Improvements
cognitix Threat Defender displays more details on IDS hits.
syslog messages now provide timestamps with millisecond accuracy.
UI Improvement
The asset MAC/IP identifier handling was improved.
Important Fixed Issues
The assets database is now correctly restored when a configuration backup file is restored.
We fixed a possible SSH misclassification issue.
We improved the mid-flow direction guessing for established TCP connections.
Known Issues
After installing an update, it may be necessary to manually reload the browser page to confirm the certificate warning of the browser.
SNMPv2c communities are always set to “public”.
Upgrade Instructions and Requirements
For information on the hardware requirements needed to install this release version, see System Requirements.
For instructions on how to install the new version, see Updating cognitix Threat Defender.