Release Notes for Snare Agent Manager v1.1.0
New Features
- SAM now supports /wiki/spaces/SAM/pages/89146192, also known as binary distribution. This feature provides the ability to centrally manage upgrades of agents from version v5.1.0 onwards. This reduces the amount of manual administration that is required in order to maintain Snare Agents for security compliance. This feature allows upgrades to a newer after the v5.1.0 agent version. The installed agent must be at least v5.1.0. See User Guide for prerequisites and instructions. Presently only the Snare Enterprise Agent for Windows is supported for binary distribution feature, Epilog, SQL and Unix agent dont have this feature at this time.
- SAM can now be configured to alert users know if there are problems with the SAM, by proactively sending emails to alert on error conditions like the following: -Â
- when licenses are about to expire
- send a critical alert if a feature license is expiring within 30 days and/or a warning alert if support expires within 90 daysÂ
- when agents can't license either from being oversubscribed from current license count or when agents cannot renew their license.
- The ability to export CSV of the Agent information in SAM, accessible from Agents | Export. Options to select columns for export, disable header rows are available.
- Implementation of User Guide and Knowledge Base links in the SAM sidebar.
- As of <INSERT DATE> the Snare Windows SAM agent has achieved Veracode VerAfied security compliance to VL4 status. The 5.1.0 version of the Snare Windows SAM now meets the Veracode VL4 certification policy criteria. By using Veracode independent source code static analysis methods there are no very high, high, or medium security rated vulnerabilities present based on OWASP top 10 and SANS top 25 coding vulnerabilities. See the following for more information https://www.veracode.com/get-verafied-and-listed
Enhancements
- Agent status will display if the Snare Agent User Interface (UI) is disabled or enabled for any version 5.1+ agents. Please note that this UI status is only available when the agent is configured to communicate to SAM.
- SAM now reports on all devices running Snare, even if the product is not configured to report to the SAM. SAM will also report on which products have an incorrectly configured remote access password. The detection of these products is done during network scans. The SAM can still only detect agents if the web interface of the access is enabled and accessible from the network the SAM is running on.Â
- The default list of ports scanned by SAM has been updated. The ports scanned by default are 6161, 6162, 6163, 6164, 6165, 6169. This covers many of the Snare products. Users are asked to check their existing ports and update as required.
- Addition of OpenSSL version used by Snare Agent Manager available on Settings | About page.
- Added indicator of core license feature status on Dashboards License column, to visibly notify if SAM Key or Feature license is available.
- Exclusive SAM Key Licenses installed into SAM will no longer render the Support Expires date on the Licenses Registered or Dashboard pages.
- Time drift notification message on login page has been adjusted to an allowance of 5 minutes (previously 10 minutes).
- SAM will now force prompts for Administrative privileges at the start of an install / uninstall.
- SAM now acknowledges the Snare Enterprise Agent with WEC and will display it correctly in the agent license types rather than IA_WEC.Â
Security Updates
- Maintenance update for OpenSSL to patch to OpenSSL-1.0.2n.
Bug Fixes
- Issues with agent counts when cancelling a scan. This is now fixed, so that the Total Agents count shown post scan or a cancelled scan is correct.
- Fixed the issue where multiple MSSQL agents on the same host could show the license usage count exceeding its maximum. This did not affect SAM licensing the agents, as internally SAM correctly treated the license as not over limit. However this update does correct the usage counts when displaying license usage.
- It was possible that when upgrading the SAM, a duplicate entry could appear in the Add/Remove Programs for Control Panel. This has been fixed and only a single entry will exist when SAM is installed or upgraded.
- Fixed the detection of Linux agents, full Unix Epilog Agents and Solaris v4 agents when scanning a network using the SAM scanning feature.
- Fixed a bug where SAM would appear hung and would not license agents in very rare cases when the hostname of a machine that the agent was running on, had changed.