What's new in this version
cognitix Threat Defender version 2020018.104.22.168 rolls out a number of new features and improvements. Find out what's new below (see also the Release Notes).
0.0.1. Free Configuration of Processing Interfaces
The management of the processing interfaces was improved (see Network). You can now freely allocate them to bridges and assign VLANs as required.
0.0.2. Clearer Menu Structure
We revised the menu structure of cognitix Threat Defender to allow for easier navigation in the user interface (refer to the Interface Reference section).
0.0.3. Improved Reporting
This release includes several enhancements of the reporting feature:
- The Analytics screens were restructured to further improve the user experience.
- We added new charts that display the logged policy severities.
- You can now easily switch the direction between source and destination when you analyze traffic based on IP addresses and assets.
0.0.4. Improved Asset Handling
We implemented various changes to make asset handling easier:
- It is now possible to use asset tagging in policies. This means you now dynamically assign tags to assets based on their behavior in the network.
- To streamline your workflows, you can now carry out operations (merging assets into one, adding and removing tags) for multiple assets at once.
- You can now exclude complete MAC prefixes from automatic asset discovery. This means that you can exclude prefixes used by virtualization solutions, for example.
0.0.5. Improved Audit Log
The audit logs generated by Threat Defender now log additional events, such as all system actions, enabling/disabling of IPS rules, etc. Furthermore, the audit log contains a new chart that displays all events logged in the previous 24 hours.
0.0.6. Discrete Login and Display Names
You can edit the login and display names of assets and users separately, meaning that they may differ from each other.
0.0.7. Higher Flow Tracking Accuracy
The flow state tracking was improved for:
- current phase
- seen handshake
- flow timeouts
- out-of-state packets
0.0.8. New Flow Table Health Warning
Threat Defender now reports a warning when the flow table of a processing thread is almost full (see also Connection Handling). The first warning is issued at 90% capacity, the second warning at 95% capacity.