CS Release Notes




Release Notes

Apr 2, 2020

- Added API support for new CryptoSpike Server GUI
- Added possibility to add subject alt name in SSL generation
- Improved blocking mechanism to take into consideration SID and IP of a blocked user
- Improved retrieval of filters mechanism via proxy
- Improved default values for ClickHouse save to avoid performance issues

Aug 26, 2020

- monit and ldapsearch capabilities (check user manual)
- Grafana reports Blocked User File Activity and FPolicy statistics
- display NFS user for NFS activity (when user SID is not available)
- phpmyadmin package

- allow filters with special characters

Sep 28, 2020

- ssl connection settings between FP and NetApp
- FILTER parameter for allowed expressions
- message queue and global actions limit configurations
- Active users dashboard filtered also by userIP
- Deletion for old data from Clichouse at 00:00
- associate LDAP to all clusters

- volume duplication in cluster tree
- ghosts VScanner pools

Nov 4, 2020

- Email servers module in order to configure multiple email server
- Possibility to setup the interval to receive status email every x hours when an FPolicy Server gets disconnected and does not reconnect.
- Validate that certificate and key match when setup SSL certificates from GUI
- Mechanism to solve unknown ldap users automatically every X minutes. Use ldap.resolve.unresolved.users.job.interval config key from System-> Config-> Application
- Possibility to unblock multiple users
- Disabling double login will require a supervisor to approve the change
- LDAP allowed groups - added role testing mechanism
- Analyzer Learner - filter by actions
- Added windows style path in blocked user reason
- Endpoint to retrieve blocked users based on cluster and svm
- Reconnect system for the situations when an SVM has more LIFS and FP server is connected to more then one of them and disconnects only from one

- Updated analyzer mechanism to allow a large quantity of blocked users (mostly for asynchronous config)
- Updated fpolicy status checker to trigger fpolicy disconnected email when it happens and not after the retry counter. also added status matrix to emails triggered by disconnect / reconnect states

- FPolicy status checker will now trigger reconnect email when the SVM has CIFS and NFS protocols enabled
- View logs from System status is now pointing to the correct URL
- New version notification now calculates correctly if a new version available
- Run Job on Quarz page will just run the job without messing the job schedule.
- Shares will be deleted on cluster refresh after they have been deleted from ontap
- Test Filter for Blocklist will now match for both lowercase and uppercase

Nov 20, 2020

- Double fixed

Nov 23, 2020

- Ignored reason save

Nov 23, 2020

- Force using mail.username.from when not empty

Dec 2, 2020

- Endpoints for blocking user for all CS instances
- Endpoints for Global Dashboard
- Api key for GW connections
- Force using mail.username.from when not empty
- Reverse lookup names for blocked users
- Allowed path accepts wildcard appended in svm name

- FPolicy Status Checker not sending email when the disconnected reason is [No local lif present]
- FPolicy Status Checker email display in Outlooks
- LDAP allowed groups/roles - after authentication the specified roles will be added to current user
- Allowed expression on filters and patterns accepts UNIXID

- Drill down Active/Blocked users for NFS activity
- Endpoint for FP status (like matrix)
- Allowed expression escape for special characters in path
- Username not being displayed entirely for long names
- Blocked reason being cut off for files that contained dots

Dec 11, 2020

- Special chars in LDAP user name
- Change filter category name

Dec 15, 2020

- Ignored users save error and gone after restart

Jan 20, 2021

- Updated allowed exclusion rules from 1000 chars to longtext

Jan 27, 2021

- Time interval configuration for LDAP Refresh job [ldap.job.interval]
- Time interval configuration for FPolicy disconnect email [fpolicy.send.next.disconnected.email.interval]. Now if FP's are changing states because of environment, you will not be spammed with disconnected emails. We will only send disconnect email every x minutes defined by the configuration value
- Configuration for ignore user email alert [mail.ignore.user.username.to] and for displaying a dialog in which the ignore reason can be inputed [ignored.users.reason.dialog.show]
- Automatic refresh mechanism on Blocked users page. The key to activate the automatic refresh is [page.blocked.users.refresh.interval]
- Possibility to enable / disable sql logging of queries. Default disabled. The key in configuration is [sql_log_queries] under Log tab in System - Config
- The possibility to update Filter or Pattern from blocked users reason details
- Audit logging mechanism (audit.history config key) enabled for LDAP, email servers, system templates, analyzer patterns, filters.
- Added connection timeouts for Fpolicy external engine
- Added grafana session store
- Configuration for case sensitive processing for path variable in allowed expression [allowed.expression.case.sensitive], this config value is default set to Yes
- Parameters for blocking script for svm name, volume name, engine mode, and if the blocked user will be notified by email
- Added ignored users on cluster tree
- Added the possibility to use the variables from the email body in the email subject
- Confirmation dialog for LDAP servers deletion which are assigned to svms
- Added the possibility to add svm name and volume name for NFS allowed paths
- Automatic refresh of licenses when the Quartz checkLicenceJob runs
- Config keys for enabling the quartz jobs execution

- Updated default events retention interval to 1 week
- Registration process it's not creating policy, scope and events on ONTAP, if there are no volumes setup for monitoring
- FPolicy Servers Status will show NOTHING TO MONITOR in the case of no volumes setup for monitoring
- Updated Blocked reason information using object instead of text

- Analyzer window message jumping
- Analyzer script null parameters set as empty
- Analyzer memory control refresh triggering error on browser after changing page
- FPolicy Servers Statistics correctly removes the interval for refresh when changing page
- Blocked user link in email will correctly display Grafana dashboard
- Test Blocklist missing column in query
- Advanced Analyzer processing for case sensitive paths

Jan 28, 2021

- Ignored users not being initialized after CryptoSpike Server update

Feb 25, 2021

- Email servers on cluster level (will be used for blocking users email)
- Blocked users add/edit feature
- Email notification for CIFS session close error on user block
- Added the possibility to add all the allowed exclusions via the Mass Exclude dialog in the Filters module

- Ignored users update will automatically trigger a push to all fpolicy servers with the new list
- Called Clickhouse delete partitions every hour (with time interval where clause)

- Do not close CIFS and do not move to blocked group in asynch mode
- AD login for nested groups

Feb 25, 2021

- LDAP follow referral on AD login

Mar 9, 2021

- Blocked users Unblock all label
- Configuration value extended to longtext
- Policy label rename
- Blocked reason filters solve

Mar 11, 2021

- Checkbox to replace the default email subject for templates with the inputed one

- The System Templates editor is now a dialog instead of a drawer

Mar 11, 2021

- Back to System Templates plain text editor

Mar 14, 2021

- Rich text editor for System Templates

Mar 15, 2021

- Added more log info for AD login

Apr 5, 2021

- Configuration for notifying by email a blocked user that he has been unblocked [mail.unblock.user.notification]
- Configuration for http/https access to grafana link from blocked user email
- Configuration to use hostname instead of ip for grafana link from blocked user email
- Node location (Cluster/Svm/Volume|Share) in Ignored users email
- Warning message that shows duplicate values that appear in allowed exclusions input boxes

- Persists in events the proper Svm/Cluster name when 2 volumes have the same MSID
- Ignored users - added more info about the cluster/svm/share
- Paths that match the filter's allowed path will be excluded from the test filter result by setting the [fpolicy.filters.test.with.pass.exclusions] configuration to Yes
- Delete clickhouse job updated to delete partition

- Email configurations for synch/asynch on blocking user
- Ignoring and removing a user from the ignored list will send the email to the address specified in the [mail.ignore.user.username.to] config
- Analyzer pattern allowed filter for file name

Apr 7, 2021

- Fixed null error on analyzer pattern edit

May 7, 2021

- Input to specify the TLS protocol supported versions for email servers
- Clear all notifications button

- Retrieval for Blocked Reason filter (by Id instead of name)
- Allow duplicate ignored users for different treeNodeTypes

- Fixed svm_block on asynch blocked user
- Using $IP$ instead of IP in allowed expressions (and same for other fields)

Jun 15, 2021

- Ignored users load for large number of records

Jul 8, 2021

- Ignored users bulk add
- Possibility to setup start time for quartz jobs
- Monitor NFS and CIFS when protocol disabled but configuration key ontap.include.new.volumes.shares is Yes
- Advanced analyzer limits in Blocked users/Block reason tables.
- Sync/Async in Blocked users table.
- Unblock email to sync/async configured email address
- Added share in blocked reason

- Block NFS users for filter blocking activity from the same ip and using different UnixId
- Unblock NFS users with the same IP
- FileName/Path differences for AA blocking
- Ignored users for new Volume/Share
- LDAP error on LdapResolveUnresolved job

Aug 3, 2021

- Configuration blocked.users.asynch.count.limit to limit the number of asynch blocked users
- Usage of the wildcard operator into non regex matching

- ANALYSER_ALERT_USER_WARN_BY_EMAIL will act also for filter warnings
- Synchronous/asynchronous flag in blocked users from Advanced Analyzer
- Allowed expressions for regex matching

Aug 5, 2021

- FPolicy registration on different IP than Hazelcast one

Aug 12, 2021

- Proper Cluster/Svm/Volume names for NFS activity

Aug 12, 2021

- Check configuration blocked.users.asynch.count.limit with >= and not with >

Sep 7, 2021

- Fixed Analyzer Learner timezone offset

Sep 29, 2021

- Default Clickhouse retention 1 week (for new installations)
- Report for blocked user file activity. This will show data only if the blocked.users.enable.history setting was enabled when the blocking occured
- Username column in Blocked user reason table
- Email notification for expired and soon to be expired licenses on the checkLicenseJob quartz job run
- Date and timestamp in notifications
- Created at column in Ignored users table
- Blocked.users.reasons.asynch.count.limit configuration key to limit the number of inserts in clickhouse table when running in asynch mode and a blocking event occurs. Default disabled.

- File activity button in Blocked users page will show history if blocked.users.enable.history is enabled
- Mail.username.from will act like a label when sending emails
- Blocked users reason table date sorting will sort all pages, not only current page
- Allowed path expression in filters / pattern will escape plus(+) and dot(.) when the path containers those symbols and the expression it's not prefixed with "(r)"

Sep 30, 2021

- svm_block templates variable is now working

Oct 8, 2021

- Fix cluster tree without node

Oct 13, 2021

- Fix LDAP ignored users log error

Nov 2, 2021

- Separate configuration for blocking user (Analyzer/Filter/Warn by email)
- FPOLICY_ANALYZER_NUMBER_BLOCK_FILTERS_WARN configuration (to warn the user for repeated action over a block filter - before being blocked)
- Test blocklist will be done in background, not blocking UI. Test blocklist will have history and download of past tests available.
- Show analyzer config popup after touching analyzer patterns
- Audit log compare mechanism (compare difference between versions)
- Email notification on manual user blocking
- Possibility to enable or disable patterns and/or filters blocking

- Fixed Allowed Path with format \\*\share\folder

Nov 15, 2021

- Fix Scheduled deletion for clickhouse events.

Nov 23, 2021

- Fix analyzer number of block filters

Dec 13, 2021

- Updated Log4j -> 2.15.0

Dec 15, 2021

- Aggregate information for call home
- Additional information for unblock user event sent to syslog

- Unblock action from notifications will check user permissions for unblock rights
- Correct email template used when blocking on filters / patterns is enabled / disabled
- Test proxy button
- Restore Mysql db from file with space in name

Dec 15, 2021

- Updated Log4j -> 2.16.0

Dec 20, 2021

- Updated Log4j -> 2.17.0 (fixing security vulnerability CVE-2021-45105)

Dec 29, 2021

- Updated Log4j -> 2.17.1 (fixing security vulnerability CVE-2021-44832)

Jan 13, 2022

- Grafana access based on active session from CryptoSpike or ProLion Control Panel

Jan 19, 2022

- Email alerting mechanism

Jan 25, 2022

- Email subject and synch

Jan 31, 2022

- Email alerting mechanism

Feb 1, 2022

- Unblock reason for unblock email
- Fallback link for blocking email when there is no active CryptoSpike session, in order to avoid empty grafana login page
- $name variable for user_alert_mail_unblock template

Apr 11, 2022


- Execute blocked script for NFS and unsolved users too


- Mass exclusion - remove white expression

- Test block list fix Excluded by white rules

Apr 20, 2022


- configuration ontap.register.exclude.disabled.volumes

May 16, 2022


- configuration EVLOG_SYSLOG_DISABLED_FOR_ERRORS to disable syslog for errors

May 19, 2022


- Syslog start error

May 25, 2022


- Configuration to delay FPolicy disconnect

Jun 7, 2022


- Decoupled SYSLOG message from email service

- Added JSON format in SYSLOG message ( for decoupled configuration )

- Added machine name in SYSLOG message

Jun 30, 2022


- Sent date in email header (internal)


- Blocked users history data retrieval

Aug 8, 2022


- Support for Grafana 9

- Support for Metrocluster

- Delay in hours to activate new filters


- License check for missing licenses ( new or changed nodes )

Aug 11, 2022


- Statistics generator interval to ten minutes

Aug 17, 2022


- Moved grafana 9 reports to another folder

Aug 24, 2022


- Possibility to force garbage collection when the system used memory goes over 80 %. Enable configuration key gc.force.trigger.only.on.low.memory

Sep 1, 2022


- Ignored users import


- Timeout for solving user inside script executor