20210219.0.0

cognitix Threat Defender version 20210219.0.0 rolls out a number of new features and improvements. Find out what’s new below.

Upgrade Compatibility

The following versions are compatible with cognitix Threat Defender version 20210219.0.0:

To view the release notes of previous versions, see Previous Releases.

New Features and Improvements

Correlation and Policy Engine

  • We updated the ixEngine to its latest version.

  • We also reduced its memory footprint.

Reduced Installer Size

The cognitix Threat Defender installation image is now considerably smaller as we stripped it of all unneeded files. This allows for faster downloads and uploads.

IDS/IPS Improvements

  • cognitix Threat Defender now supports the DNS protocol which caused some errors in the past.

  • You can now merge the standard IPS rule set of cognitix Threat Defender with your user-defined IPS rule sets. This means you can now use both sets at the same time.

  • In addition to .txt and .csv files you can now also upload .rules files with user-defined IPS rule sets.

  • We improved the mapping of Suricata severities to our internal severities.

Logging Improvements

  • The data exports created under Inventory > Data Export now also include the respective Incident Logs.

  • Flow table reports now contain TTL information.

UI Improvements

  • We simplified the system time settings under Settings > General.

  • Under copyright_icon About, cognitix Threat Defender now also lists the genua hardware model used.

Documentation

The cognitix Threat Defender user documentation now contains a new FAQ section. It addresses user questions, such as Can I run cognitix Threat Defender in a virtual environment?

Important Fixed Issues

  • Restoring backup files with assets no longer causes errors and generates the correct audit log entries.

  • DPI conditions now match reliably on SSL.

  • Escaping in syslog messages now works correctly.

Known Issues

  • After installing an update, it may be necessary to manually reload the browser page to confirm the certificate warning of the browser.

  • SNMPv2c communities are always set to “public”.

Upgrade Instructions and Requirements

For information on the hardware requirements needed to install this release version, see System Requirements.

For instructions on how to install the new version, see Updating cognitix Threat Defender.