FireMon is preparing Lumeta Enterprise Edition 220.127.116.11 for general availability, a software release that will provide new features and enhancements, including those highlighted on this page. This release is recommended for all Lumeta Enterprise Edition users.
|Lumeta Enterprise Edition 18.104.22.168|
|Upgrade Path||User Center Download||Upgrade Method||Upgrade Procedure|
TO release . . .
|About the Package & Validation Code||GUI|
Lumeta Enterprise Command Center 22.214.171.124 or 126.96.36.199
|Lumeta Enterprise Command Center 188.8.131.52|
Lumeta 184.108.40.206 Upgrade DownloadAvailable 8/14/2019 on the FireMon User Center > Downloads page
SHA256 checksum: (available at GA)
The Lumeta 220.127.116.11 upgrade package upgrades the Lumeta
See Upgrading to Lumeta Enterprise Edition 18.104.22.168 for the procedure.
Lumeta Enterprise Scout
|Lumeta Enterprise Scout |
Lumeta Enterprise Portal
|Lumeta Enterprise Portal |
|Lumeta CloudVisibility Community Edition 22.214.171.124|
|Full Deployment||Source ||Deployment Method||Deployment Procedure|
Request Download From
|AMI||Lumeta Community Edition Command Center v126.96.36.199|
|Lumeta CloudVisibility |
|AMI||Lumeta Community Edition Cloud Scout v188.8.131.52|
Lumeta Command Centers are generally compatible with the last two versions of the other component systems. Any departures from this are noted below.
|Lumeta Enterprise Edition Compatibility ||Enterprise Scout||Cloud Scout||Portal|
|Command Center 184.108.40.206|
This release provides the foundation of a full Rapid 7 integration. Lumeta Enterprise Edition 220.127.116.11 has the capability to ingest information about your network devices from Rapid 7 via API. See Rapid7 Integration for the configuration procedure and Rapid7 Management dashboard for more on results-reporting in the Lumeta.
About Cloud Scanner & CloudVisibility
The Lumeta development team has minimized the overlap in capabilities between Cloud Discovery (aka Cloud Scanner) and the Cloud Scout. This page provides information and guidance on choosing the method that will work best with your deployment.
This release includes the following enhancements:
CLI commands have been added that support allowing root-ssh to be powered on from a Cloud Scout CLI. For more, see Enabling ROOT-SSH Access to the Cloud Scout
The CloudVisibility configuration page now reports operational status right on the Lumeta GUI: Is the Cloud Scout working? Does Lumeta have cloudvisibility? How recently? What's the most recent error? This type of information is provided.
A Command Center's name (e.g., 6hour is the system name) is now displayed in its browser tab.
Health of the CloudScout connection is now displayed on the GUI with a red/green indicator.
Map has been given a self-expanding search capability. When one searches for a device, the correct map containing that device is not only launched but also deliberately expanded down to whatever level is required to expose the endpoint (and the endpoint also pulses). In previous releases, if you searched on a map where the target device was not currently expanded (visible) on the map canvas, the map remained stagnant and did not show the endpoint (despite a textual indication that the endpoint(s) were found.
The macvendor_id is now cleared when a mac address is cleared or expired from device table. Immediately after a timeout, mac devices subject to the timeout have both their MAC and macvendor ids set to null. Also for those devices, their former macvendor attributes are not used in profiling.
|IPv4Range and IPv6Range columns have been added to Device Details: Cloud: Security <requested screencap on jira>|
|LUM-236||IPv6 Troubleshooting Support Tools|
The following issues reported by customers have been fixed:
|Case ID||Fixed Issue|
Ensured that a Scout having multiple interfaces such as eth0 and eth1 does not send IPv6/128 packets to addresses from its non-configured interface..
|LUM-6||Not performing HTTP/HTTPS scanning of responsive IPv6 devices|
|LUM-7||Not performing CIFS scanning of responsive ipv6 devices|
We'll make you aware of any known issues and the work-arounds here.
|Lumeta 18.104.22.168 Known Issues|
|1||None as of 8/6/2019|
Lumeta 22.214.171.124 resolves Common Vulnerabilities & Exposures (CVEs) and incorporates a variety of security-related (and non-security-related) enhancements. A list of CVEs resolved in this 126.96.36.199 release will be made available soon.
Lumeta 3.3.4: http://lumeta-supportfiles.firemon.com/schema/schema-3.3.4/output-allschemas/ (October 29, 2019)
Lumeta 188.8.131.52: http://lumeta-supportfiles.firemon.com/schema/schema-184.108.40.206/output-allschemas/ (July 22, 2019)
Lumeta 3.3.2: http://lumeta-supportfiles.firemon.com/schema/schema-3.3.2/output-allschemas/ (September 24, 2018)
SWADLed WADL 3.3.3x
Following are the changes made in preparation for this Lumeta 220.127.116.11 release. This information is from 8/6/19 and will be refreshed right before the GA release.
LUM-389 - Security updates for 18.104.22.168
LUM-1 - Rapid7 Management dashboard: Rapid7 and Spectre Managed IPs Detail widget - Risk score information is missing.
LUM-3 - Integrations=>Other Solutions=>Rapid7 - Tab border is not consistent with others
LUM-4 - Settings=>Integrations=>Other Solutions: Lumeta footer and text are missing on integrations page after adding Rapid7 tab.
LUM-5 - SNMPv3 credentials not giving the expected results
LUM-6 - Not performing HTTP/HTTPS scanning of responsive ipv6 devices
LUM-7 - Not performing CIFS scanning of responsive ipv6 devices
LUM-10 - devicemodel_short SQL contains a typo
LUM-11 - Check in 4.16.3 version of x15 rpm
LUM-14 - Update libssh2 and dbus for security
LUM-16 - Device details:Column sorting is not working on FireMon CVEs tab
LUM-34 - Issue in /etc/sysconfig/network-scripts/route-eth0 file on a multiple interface system
LUM-35 - Upgrade ag-grid to latest version (from 9.1 to 20.2)
LUM-42 - upgrade doesn't check if it's already doing an upgrade (parallel)
LUM-43 - Reports-->RC7-->Widget is not showing in report after edit widget settings
LUM-53 - UI redirects to default dashboard after 403 logout/login
LUM-59 - DEV license should not restrict cloud accounts/instances
LUM-61 - system reinit fails to enable ipv6 networking in the interface config or global config
LUM-70 - Lumeta CloudVisibility is spelled "Lumeta CloudVisibility"
LUM-77 - Device details- All tabs: Column sorting is not working correctly.
LUM-83 - Cloud visibility config error messages are not passed up to GUI
LUM-91 - Drill down on Device details on a Public IP Address from the CV Dashboards, the cloud tab doesn't populate public IP or MAC
LUM-98 - GUI changes for authentication services (PKI & TFA) error messages
LUM-112 - When there are no risks , device details gives a message "Could not get Security data"
LUM-115 - CV-Community License--> Cloud Scanning--> New License required alert should show before license enforcing
LUM-117 - Infoblox feed is not getting ingested for 22.214.171.124
LUM-118 - Cloud Visibility GUI : Drill Down Instance Details from Cloud Visibility Dashboard doesn't display the details, sits and spins
LUM-120 - Search - results chart - cell border width not the same
LUM-121 - upgrade tries to stop instrumentation, no longer present
LUM-122 - Incorrect certificate could possibly be used for profiling
LUM-127 - upgrade didn't include the ddl file, then next time did
LUM-129 - Cloud Visibility GUI : Configuring a bad Risk parameter and later leaving it blank still gives the error msg
LUM-130 - TFA and Password Control enable/disable steps led to customer being locked out of SSH login
LUM-131 - System and Device Notifications: Able to remove the selected column (subscribed, name, event type, priority) just by dragging them out of tabular
LUM-132 - Profiling Results Sporadic for similar Device
LUM-133 - Cloud SDK Account license check can hang entire GUI/CLI
LUM-136 - Setting up defaultreponsder for OCSP does not reflect it in its configuration file
LUM-137 - Zones--> Cloud , uploading invalid file format (xml) throws error, it should show err msg : Badly formatted file on upgraded CC 3322 to 333 - RC1 build
LUM-138 - Cloud Credentials: grid headers are only partially visible after ag-grid upgrade
LUM-139 - Cloud Visibility: Instance Details-->Cloud tabs are not displaying the column headers
LUM-141 - Cloud Visibility GUI : Spectre GUI doesn't give any error msg when the connected Cloud Scout is down
LUM-145 - Report Page shows wrap around in cells after ag-grid upgrade
LUM-147 - Infoblox Dashboard IPs Unmanaged by Spectre Details is showing duplicate IPs
LUM-149 - CEF Configuration - SAVE button automatically enables the configuration (to green) though user not enabled it
LUM-150 - Modify GUI to Not Require Password in Feed
LUM-151 - CloudVisibility Device Details : Risks, Public IP and Public MAC address column not displaying the details when searched with the device details of the IP address associated with an Instance
LUM-152 - Triangle alert should show beside to Settings instead of overlapping on Username
LUM-154 - Infoblox integration timing out when setting up connection from Spectre UI
LUM-155 - CV-Community License--> No triangle alert is showing when system is in warning period of license violation
LUM-158 - Zones: Upload cloud credentials allows only txt file type, but "Download Sample" button provides a csv file and system doesn't allow
LUM-159 - Cloud Visibility : 3323 license is able to discover Cloud Visibility data when Upgraded to 333
LUM-161 - Cloud Visibility : When cloud Scanner is enabled, the Cloud Visibility data is not getting populated in the Dashboards (potential thread lock x15 not related to Cloud Scanner)
LUM-162 - collectd configuration typo
LUM-164 - CloudVisibility GUI: Editing an Instance with another Instance in searched instance tab in Device Details doesn't update the details without refreshing manually
LUM-167 - Spectre Systems - license expiration field always says "Never"
LUM-168 - Ag-grid upgrade:Dashboards/Reports: 'i' icon help text is overlapped with grid data on widgets.
LUM-171 - The UI should not proceed to the dashboard behind the first-login password-change dialog
LUM-174 - /usr/local/lumeta directory still exists on cloud scout
LUM-175 - ag-grid: resizing query results throws a JS error and has the wrong mouse cursor
LUM-176 - Reports: AWS Devices not populating with data when zone cloud scanner is enabled and gathering instances. Discovered AWS Device have no discovery type
LUM-177 - CC upgrade from 3.3.3 to 126.96.36.199 with cloud scanner enabled: Unable to launch CC GUI. Seeing license agreement page
LUM-178 - x15-backend rpm still says depends on jre
LUM-179 - Cloud Visibility GUI: Overlapped data displayed in all the columns in Cloudmon Instance and Security Group Risk Tables
LUM-180 - update python for security
LUM-181 - Report Schedule Times show AM/PM
LUM-184 - Customer with 108 zones unable to add any more zones. Unable to delete zones
LUM-187 - Ag-grid upgrade:Column resizing is broken in Tables grid
LUM-188 - Modify Feed Test To Not Require Password
LUM-190 - CC - PKI : Lumeta logo and copyright text is overlapped with the password field in the Manage System PKI page - Server Certs layer.
LUM-191 - Cloud Visibility Device Details: IP Attributes values are getting displayed when hovering over it.
LUM-192 - Ag-grid upgrade:Column resizing is broken in Advanced Queries grid
LUM-193 - Column resizing is broken in Search Devices/Device Detail grids after ag-grid upgrade
LUM-194 - PKI--> Able to enable TFA on PKI enabled box and vice versa
LUM-195 - update kernel for security
LUM-197 - Cloud visibility credentials tab lets user add more credentials than license limit
LUM-199 - ag-grid upgrade: sort headers on CloudVisibility are misaligned
LUM-200 - Cloud Visibility : After Configuring a Cloud Scout on GUI&Submitting, the password textbox text disappears and shows Blank
LUM-201 - FireMon Integration Dashboards:Unable to see data on widgets unless integration is turned off and turn back on - Post upgrade from 3322 to 333-RC8
LUM-244 - When you drill down using device details on a Public IP address or Public MAC from CV dashboards , the cloud tab is empty
LUM-245 - Error: License Expiration Imminent on System with no License Expiration
LUM-249 - Database Health Doc: stated CLI cmd is vacuum full analyze, command is support db command
LUM-250 - Discrepancy between GUI and CLI License expiration at Customer
LUM-267 - Ag-grid upgrade:Some filter conditions are displayed on Users grid and grid format is missing.
LUM-268 - Rapid7 configuration: Seeing "This product is not configured properly." message when navigating back to integration configuration page from dashboards.
LUM-271 - Browse-Historical: End date and time calendar controller is not properly aligned.
LUM-277 - Integrations - payload for POST expecting base64 for password and username is failing after a recent change.
LUM-291 - Spelling mistakes in Authentication services (PKI & TFA) error messages
LUM-334 - Upgrade slow due to orphan certificate cleanup
LUM-387 - lumeta-api.properties is not getting updated with 188.8.131.52 upgrade updt.tgts.insert=true
LUM-388 - x15 query timeout - Infoblox Integration: Unable to see data on dashboard widgets. "Error: Unable to fetch query results. undefined" is displayed.
LUM-392 - Device Details | FireMon | Assets | Interfaces is not formatted properly
LUM-399 - Tenable Security Center dashboard: Unable to see data on widgets as there is empty feed on tenable server.
LUM-401 - RC3 184.108.40.206 upgrade failed to update 23 pkgs
LUM-22 - Normalize DeviceType, Model, OS, Version pattern attributes
LUM-30 - Push list of unmanaged devices to Rapid7
LUM-37 - Cloud Visibility:Instance details=>Security tab:Column sorting is not working
LUM-38 - upgrade can miss a few rpms, repo not localized
LUM-39 - Port IPv6 ping work to esi-220.127.116.11
LUM-45 - Add UI to configure pushing assets by zone
LUM-47 - Provide AWS Audit Logs in Lumeta
LUM-99 - Make changes to real time target processing
LUM-205 - Need a way to identify GIT changes along with SVN changes on System Information in Spectre
LUM-206 - Make all saved queries for Cloud Device Details consistent
LUM-208 - update openssl for security
LUM-211 - create/configure upgrade and autoupgrade to 18.104.22.168
LUM-212 - Improve formatting of tooltip on "Risks" column
LUM-214 - Reorganize and update User Management test Cases in Zephyr
LUM-216 - Improve Device Details: Cloud to use column names returned in the queries
LUM-219 - Understand and write tests for cloud visibility licensing , authentication and deployment
LUM-220 - update kernel and microcode_ctl for MDS CPU vulnerabilities
LUM-221 - Improve age_out_routes to expire routes per zone
LUM-222 - (CV) Add support root-ssh to CLI
LUM-223 - Allow to set super user flag for AD user by group mapping
LUM-224 - Cloud Scanner --Allow user to add/remove cloud credentials on the CLI command line
LUM-226 - Implement testFeedConfiguration function for Cloud Visibility
LUM-227 - We should clear macvendor_id when we clear/expire mac address from device table
is being searched
LUM-229 - Remove Rule Number
LUM-231 - 3.3.3 profile pattern anomaly (Model vs model)
LUM-232 - Cloud Visibility GUI : The Configuration tab text boxes should have validation checks
LUM-233 - Dashboard/Reports : Right click on Public IP should not allow user to go to device details or maps if we cannot display information
LUM-234 - CV - Add IP Range and Description
LUM-235 - Allow Cloud Scout scheme and port to be overridden for development
LUM-236 - IPV6 troubleshooting support tools
LUM-237 - Show feed status on the Cloud Visibility Configuration page
LUM-283 - Default polling interval for CloudVisibility should be shorter