Release Notes for Snare MSSQL Agent v5.5.0

Snare MSSQL Agent v5.5.0 was released on 13th April 2021.

Security Updates

Security hardening of Agent to SAM communication: Digest Authentication was replaced with Basic Auth over HTTPS

After this change, the v5.5.0 agent will only be able to communicate with SAM v1.5.0 or newer.
SAM v1.5.0 is backward compatible, and supports communication with pre-v5.5.0 agents.
Security hardening of encryption keys storage, usage, export, and import
3rd party libraries upgraded:
- OpenSSL upgraded to version 1.1.1i
- Curl upgraded to version 7.72.0
- Boost upgraded to version 1.74

In the Agent Web UI the term "Objective" was replaced with "Audit Policy," i.e. the "Objective Configuration" page is renamed to "Audit Policy Configuration"
Agent will show a warning to remove default network loopback destination when a valid network destination is present

Updated Snare Agent to ignore group policy setting for WebPort when agent is running on a machine with SQL cluster setup
Agent Web UI now prunes log messages on the Snare Log page appropriately
Syslog 5424 header now conformant with RFC, as APP-NAME does not contain spaces
Improved browser compatibility when updating custom delimiter on the Destination Configuration page
Fixed port/protocol/format mismatch warnings on the Destination configuration page

The following is an offline version of the User Guide related to this release.

For an up-to-date version refer to the online version here.