What are the Release Notes for VigilEnt Security Manager 4.0?
VigilEnt Security Operations Center
VigilEnt Security Manager 4.0
Introduction To VigilEnt Security Operations Center
This release of VigilEnt Security Manager includes the new VigilEnt Security Operations Center (VSOC) console, which lets you manageÂ NetIQ's VigilEnt Enterprise Security Applications, or VESAs, all together or in any combination. The VESAs are presented and controlled through the VSOC console and powered by a VigilEnt Security Server engine.
- This release of VigilEnt Security Manager supports Microsoft Windows 2000 only.
- Non-U.S. language versions of Microsoft SQL Server are not supported.
- If you did not have MDAC previously installed on your computer, you may be prompted to reboot after the VigilEnt Security Manager installation is complete. You must then reboot your computer for all necessary services to start and for VigilEnt Security Manager to run properly.
- If you are installing VigilEnt Security Manager via Terminal Services on Microsoft Windows 2000 Advanced Server, and you are running
VSSInstall.exe, you must go to Add/Remove Programs to add the program from CD-ROM or the installation will fail.
New Features and Enhancements
- VigilEnt Security Operations Center provides common components for integrating all VigilEnt enterprise products into a single console.
- Several usability enhancements have been made, including a new look and feel, easy access to commonly used tasks through the taskpad, task pane, tree pane, and improved components such as the toolbar and menus.
- A Star Tree view has been integrated into the asset map to provide an intuitive and convenient view when managing large numbers of IT assets.
- Drag-and-drop capability lets you easily manage your IT assets and the relationships between them, including the set up of monitoring by proxy.
- VigilEnt Web Center provides a way to remotely view completed VSM reports using a web browser. The Web Center has a separate installation.
- VSOC has the capability to ?discover? all systems on the network. After discovering the systems, you can drag and drop endpoints onto existing agents in VSOC.
- You can add comments for any discovered system and hide the system from view.
- Discovered systems can be dragged and dropped into your IT Asset Map.
- You can export and print the list of discovered systems.
- VSOC can discover agents on the network and tell you if they are being managed in the IT Asset Map.
- The Microsoft Windows and Unix remote deployment wizards are integrated into the discovered systems view to allow you to remotely install, update, or uninstall the agents to those systems from within VSOC.Â
- You can export and print any list view in the IT Asset Map.
- You can now bulk delete alerts from VigilEnt Security Manager.
- You can now quickly select or clear all available security checks when creating a new security checkup template.
- The Data Presenter remembers by username and report type the user-defined column width and which columns are shown and hidden in the report.
- The Data Presenter remembers by username and report type the filter and sort settings in a report.
- Users can choose whether or not to persist report settings in the Data Presenter.
- You can now add external authentication sources for users in VSOC.
- You can now view only the selected users in a role or the selected roles for a user without having to view the entire list of users or roles.
- Filtered completed task views and alerts are now displayed on separate nodes under the Filtered Lists node in the tree pane of VSOC. This feature allows the standard Completed Tasks and Alerts views to be available even when viewing the filtered lists.
- You can now delete, enable, and disable multiple scheduled tasks at one time.
- You can now g.
ive a user permissions that allow him to see, or deny him from seeing, groups in the IT Asset Map.
- You can now send an e-mail message or an SNMP trap to notify a user when reports and heartbeat checks succeed or fail.
- You can now send an e-mail message or an SNMP trap to notify a user when specified users or role members log in to VSOC.
- You can now view the nodes under IT Assets with the list view, the flex grid, or the star tree.
- Agents and endpoints in VSOC are now categorized by operating system, database type, or web server.
- A new integrated Help Center is included that displays the help for all installed VigilEnt Enterprise Security Applications and VigilEnt Security Agents.
- Windows and Unix deployment wizards are components of the Windows and Unix products. For information on using these remote deployment tools, refer to the VigilEnt Security Agent for Windows or VigilEnt Security Agent for Unix documentation.
- When deleting a group, all sub-groups in the group are deleted.
- Custom tasks can now be accessed from the tree pane in VSOC. You can now create and modify custom tasks directly from the tree and content panes.
- VigilEnt users and roles are now accessed from the tree pane in VSOC.
- Purging records from the VigilEnt database is a system wide task that happens without warning. The ability to purge is turned off by default, but can be turned on by changing the value in the System Purge Interval field on the Database tab in the VSS Configuration Utility.
- A user must be granted the Access IT Assets permission to Allow All Groups in order to be able to add groups and see those groups that he creates.
- If you change any system?s IP address, Microsoft SQL Server may need to be restarted. If you restart SQL Server, you must then restart VSS.
- When upgrading non-operating system agents from a previous version of VSM, the host name and IP address for the agents cannot be derived from the previous version?s data. Therefore, the host name and IP address will be displayed as Unknown### where ### is a unique server ID for the endpoint associated with the agent. These upgraded agents will be designated by VSM Upgrade in the Location field.Â
- In certain configurations the IP lookup function will not obtain the correct IP address. This can happen when the computer running VSOC has multiple Ethernet adapters installed. The IP lookup function for the local computer will return the assigned IP address of the first adapter it finds. Depending on the order in which the adapters were created on the machine, the first adapter may not be the active one. In this situation the user will be required to manually enter the correct IP address.
- Dragging and dropping large numbers of endpoints may take several minutes.Â
- To support regional date settings, scheduled tasks that have never been run will now be blank in the Last Run Date column. If a task has not been scheduled, the Next Run Date column will be blank as well.
- When creating a new user, you cannot assign permissions to the new user during creation. You must assign permissions to the user after the user has been created.
- When synchronizing system users, VSM does not differentiate between two users that have the same name, but have different cases (for example, VSMUser and vsmuser).
- If a synchronized user has been deleted, the user still appears in the Synched user list, but has no links. In addition, if a user is deleted via the Run Tasks wizard, the user is n.
ot unsynched or unlinked.
- Exporting or printing will pause if you attempt to perform other actions in VSOC during the export or print process.
- If an endpoint does not have a host name in Version 3.0 of VSM, and if you upgrade your Version 3.0 database to VSM Version 4.0, DHCP lookup will not be available for these endpoints.
- If a user has rights to add a group, but has only been granted limited access to groups, then she will not be able to view any new groups she creates until she is granted access by a user that has those rights.
- If a user logs in remotely using Windows authentication, and that user does not have access permissions to the system where the database is running, an error message from VSOC appears that says the database login failed. To fix this problem, you must add the user to the system where the database is running.
- If you run another application during installation of VSM, the background screen of the VSM installation program could become separated from the actual installation program. You must then use Alt+Tab or the Windows taskbar to return to the VSM installation program.
- When the database connection is lost, the VSOC console does not exit gracefully.
- When viewing another user?s Pending Tasks or Completed Tasks queue, the numbers of read and unread items and the list itself are not updated until the next task is run or completed by the logged-in user.
- If an endpoint is monitored by multiple agents, running a User List report results in multiple reports being generated, thus the appearance of duplicate users.Â
- Alerts generated by a Windows Detect agent with a version older than Version 3.0 do not appear in VSOC.
- If you are upgrading a database that contains VPN-1/FireWall-1 agents, an error message could appear that indicates that the upgrade failed. This error is false; please ignore this message.
- If you have an endpoint that is monitoring its hosting system, and you drag and drop the endpoint on to another agent for monitoring, then you cannot delete the endpoint from the second agent that is monitoring that endpoint. To remove the endpoint from the second agent, you must delete the endpoint completely from the IT Asset Map and then add it back.
- When deploying Windows agents remotely, be sure that you have the newest versions of the license files for that product. To check to see if the license files you have are current, open the file and look for the Asset Info section. If there is no Asset Info section in your file, you cannot deploy agents from the IT Asset Map. You must either call Technical Support for a new file, or you can deploy agents from the Discovered Systems node. Certain products have different software installed to agents and endpoints. This results in a more limited selection in the Deployment Wizard of items to deploy when deploying from the Systems node in the IT Asset Map than when deploying from Discovered Systems node.
- The VigilEnt Security Agent for VPN-1/FireWall-1 Version 1.1.1 is the only version of that agent that works with VSOC.