Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

V1.1.0

New Features

  • SAM now supports binary distribution - that is, the ability to centrally manage upgrades of agents from version 5.1.  This reduces the amount of manual administration that is required in order to maintain Snare Agents for security compliance. This feature allows upgrades to a newer after the v5.1 agent version.  The installed agent must be at least v5.1.0.  See User Guide for prerequisites and instructions.  Presently only the Snare Enterprise Agent for Windows is supported for binary distribution feature, Epilog, SQL and Unix agent dont have this feature at this time.
  • SAM can now be configured to alert users know if there are problems with the SAM, by proactively sending emails to alert on error conditions like the following: - 
    • when licenses are about to expire
    • send a critical alert if a feature license is expiring within 30 days and/or a warning alert if support expires within 90 days 
    • when agents can't license either from being oversubscribed from current license count or when agents cannot renew their license.
  • The ability to export CSV of the Agent information in SAM, accessible from Agents | Export.  Options to select columns for export, disable header rows are available.
  • Implementation of User Guide and Knowledge Base links in the SAM sidebar.

Enhancements

  • Agent status will display if the Snare Agent User Interface (UI) is disabled or enabled for any version 5.1+ agents. Please note that this UI status is only available when the agent is configured to communicate to SAM.
  • SAM now reports on all devices running Snare, even if the product is not configured to report to the SAM. SAM will also report on which products have an incorrectly configured remote access password. The detection of these products is done during network scans. The SAM can still only detect agents if the web interface of the access is enabled and accessible from the network the SAM is running on. 
  • The default list of ports scanned by SAM has been updated. The ports scanned by default are 6161, 6162, 6163, 6164, 6165, 6169. This covers many of the Snare products. Users are asked to check their existing ports and update as required.
  • Addition of OpenSSL version used by Snare Agent Manager available on Settings | About page.
  • Added indicator of core license feature status on Dashboards License column, to visibly notify if SAM Key or Feature license is available.
  • Exclusive SAM Key Licenses installed into SAM will no longer render the Support Expires date on the Licenses Registered or Dashboard pages.
  • Time drift notification message on login page has been adjusted to an allowance of 5 minutes (previously 10 minutes).
  • SAM will now force prompts for Administrative privileges at the start of an install / uninstall.
  • SAM now acknowledges the Snare Enterprise Agent with WEC and will display it correctly in the agent license types rather than IA_WEC. 

Security Updates

  • Maintenance update for OpenSSL to patch to OpenSSL-1.0.2n.

Bug Fixes

...

V1.0.2

Enhancement

  • Addition of links from the License Usage tables feature column to a list of Agents associated with the feature.
  • Alters references for Evaluation Licenses to Temporary Licenses.

Security Updates

  • SAM is now protected against XSS attacks that the server is configured site-wide to use the X-XSS-Protection header with a value set to "1; mode=block" .

Bug Fixes

  • SAM now issues licenses to agents with the Support-Expiry date matching that of the original license.
  • Resolves issue that prevented manual licensing of agents from SAM.

V1.0.1

Enhancement

  • Logout all users when SAM restart has been requested.
  • Key IDs are now styled to show alpha characters in black and numeric characters in a red tone. This is to make it easier for those that have problems seeing the different shades of grey.
  • Settings - General page doesn't require manual restart after a change.
  • Licenses may now list a KeyID of 0 (zero).

Security Updates

  • Maintenance update for OpenSSL to patch to OpenSSL-1.0.2j.

Bug Fixes

  • There was a limitation in previous version of the SAM that it can scan only ports 6161,6162 and 6163 on the network to detect snare agents. This limitation is removed in this release of SAM and now SAM can scan all those ports added in general configuration page.
  • There was a limitation in previous version of the SAM that it cannot detect multiple instances of the SareMSSQL agents running on the same cluster node. Though this limitation was only prevalent when SnareMSSQL agents are not configured to communicate with SAM. This issue is fixed in this release and now SAM detects each instance of SnareMSSQL agents running on any cluster node, even when SnareMSSQL agents are not configured to communicate with SAM. As always, SAM network scan can only detect snare agents if GUI is enabled for them. If GUI is not enabled for snare agents then agents must be configured to communicate with SAM so that SAM can detect them.
  • Fixed issue where an Expired license may incorrectly influence the counts of non expired licenses.
  • There were some issues in previous release of SAM during network scan and the way SAM handles the legacy to v5 agents. Due to these issues, wrong license status of an agent can be shown when upgraded from legacy to v5 agents and/or duplicates agents can be shown. These issues are fixed in this release of SAM and now SAM properly handles the upgrade of legacy to v5 agents. Alongside, this release also fixes the duplicate issues for agents. It is worthwhile to mention that users *MUST* upgrade both, agents to v5.0.1 and SAM to v1.0.1 to avoid duplicate issues. Moreover, in very limited scenario SAM can still detect two agents as single agent. This scenario is following. - There are at least two different domains - There are at least two machines with the same host name on these networks i.e. hostname.domain1.xyz and hostname.domain2.xyz - These machines with the same host names have same type of operating system and are running the same type of legacy agents or the same v5.0.0 agents that are *NOT* taking to SAM i.e. SAM details are not given in these agents. - During SAM network scan, these agents will be listed as same agent i.e. one of them will be missed from the scan. To fix this issue, v5 agents should be configured to talk to SAM and then subsequently SAM will list them two separate agents.