Page tree

FireMon is pleased to provide this overview of the new features and enhancements made for this Lumeta Enterprise Edition 4.6 release, which is recommended for all users. 

Lumeta Enterprise Edition 4.6

The upgrade file is now available in FireMon User Center > Downloads.
The supported upgrade path to Lumeta Command Center 4.6 is from the 4.4 and 4.5 versions.

For the upgrade procedure, see Upgrading to Lumeta Enterprise Edition 4.6. 


We recommend that you upgrade your Lumeta Enterprise Scouts whenever you upgrade your Command Center. However, Enterprise Scouts 4.4x and 4.5x are compatible with the 4.6 version of the Command Center. 

Disrupt:Ops Integration

Lumeta now offers a DisruptOps/AWS integration, which replaces the Lumeta CloudVisibility engine.   

To use the feature, open a Support ticket and request Disrupt:Ops. FireMon Support will respond by providing you with implementation steps and login credentials. They will also help you deploy the necessary "cloudformation stack."

  1. To configure this new integration, navigate to Settings > Integrations > Disrupt:Ops, and click Configure.


  2. Complete the form, supplying your Disrupt:Ops credentials as the Username and Password (not your AWS credentials).

Lumeta dashboards, reports, and device details have all been updated to accurately represent the data that comes from this integration. 

Integrations

Lumeta 4.6 has an all-new integrations page that shows the status of your integrations at a glance. The green power buttons indicate enabled integrations; grey ones are disabled. 

The configuration page for each integration provides a Test button you can use to check the connection. The system will provide feedback on whether your setup connects as intended. 

External Database Connection Support: JDBC Connector

Starting in Lumeta 4.6, you can leverage external databases directly from Lumeta using the new JDBC Connector.  With this new feature you are able to connect directly to external databases, query against the external tables in that DB and ingest that data into Lumeta for use in your Dashboards, Reports and Queries.  If you would like to utilize this new feature, please reach out to support so we can discuss your current Use Case and assist you in setting up the connection and desired tables.

Internet of Things

With this 4.6 release, you can now use BACnet as a Host scanning protocol. BACnet responses, which are of interest to IoT/OT customers, "speak" on a specific UDP port. You can also use new CLI commands to find out whether BACnet has been configured and if so, on what port. 

CLI Syntax for BACnetCLI Example
collector host collectorName bacnet (true/false)
collector host c1 bacnet true
collector host c1 collectorName (A comma separated list of UDP ports or 0 to disable)
collector host c1 bacnetPorts 47810


Database Schema

The Lumeta 4.6 database schema shows a visual representation of the Lumeta database. 

CLI Commands

The Lumeta CLI is a powerful hierarchical menu-driven interface which provides virtually all administrative functionality available in the browser interface.
To administer your system via command-line interface, see System Administration via CLI.


Security Updates & STIG 

Lumeta 4.6 resolves Common Vulnerabilities & Exposures (CVEs) and incorporates a variety of security-related (and non-security-related) enhancements. See Security Advisories 4.6 for a list of CVEs resolved in this Lumeta 4.6 release. 

Change Log 

Epic

LUM-3503 - Netflow Integration

LUM-3555- Deprecate Unused Integrations

Story

LUM-2415 - Update Tenable SecurityCenter to Tenable.sc

LUM-2913 - Add API/CLI to resize disk partions after increasing disk space

LUM-3306 - Remove the lumeta-ui component

LUM-3455 - Add BACNet as a Host protocol

LUM-3480 - Cancel Running Queries through the GUI

LUM-3481 - Automatically cancel running statements when the user refreshes a widget

LUM-3512 - CLI - Add the BACnet configuration/status options to Host

LUM-3517 - Add ports to BACnet UI

LUM-3518 - Expose Host / BACnet ports via CLI

LUM-3534 - SPIKE: Analyze how to map DisruptOps data to the existing CloudVisibility data model in Lumeta

LUM-3535 - Fix AWS dashboards and remove or hide Azure and Unified Dashboards/Reports for this release

LUM-3536 - DisruptOps mappings for Device Details

LUM-3538 - Adjust CloudVisibility integration configuration to point to DisruptOps

LUM-3556 - Remove Cisco PX Grid

LUM-3557 - Remove McAfee DXL

LUM-3580 - Use git hashes instead of build numbers in RPM versions

LUM-3582 - Design new Integrations UI page

LUM-3585 - Version number requires changing due to build number change

LUM-3597 - Feature Request allow user to update ntp servers via CLI

LUM-3610 - Update some third-party libraries for 4.6

LUM-3623 - Warehouse: Add support for ingesting raw JSON strings as fields (DisruptOps integration)

LUM-3624 - Initial ingestion spec for DisruptOps AWS data

LUM-3630 - Add more parser spec functions and first-class logging to parser specs to make development easier

LUM-3631 - Implement a first-pass DisruptOps feed downloader

LUM-3654 - Improve DisruptOps feed downloader to support full pagination and better list of fields

LUM-3655 - Put back the Cloud Map link since it's working now

LUM-3685 - Warehouse: Add support for periodic statements against external data connections

LUM-3707 - Username, password and key in system.feed should be encrypted

LUM-3708 - Remove old Integration API code (unused)

LUM-3717 - Add CLI support for configuring DisruptOps (CloudAWS) integration

LUM-3722 - CLONE - Feature Request: Enable "Find Path" for Discovered, Untargeted Devices.

LUM-3723 - Warehouse should not allow duplicate widget names in the same Dashboard

LUM-3726 - Warehouse: support SQL file inclusions in DDL

LUM-3727 - 4.6 Release Activities

LUM-3744 - Warehouse: enhance SQL file inclusions in DDL

LUM-3762 - Improve Audit Log retrieval and display

LUM-3763 - License and upgrade modal should be informational (not alerting)

LUM-3769 - Handle 504: Gateway Timeout from DisruptOps more broadly

LUM-3804 - At least 6hour netboots failing

LUM-3814 - Uptick Apache Commons Text to at least 1.10.0

LUM-3815 - Uptick the Apache Hive driver to 3.1.3

Bug

LUM-3040 - PKI | CLI | ssh install command does not report error for invalid file

LUM-3206 - Rebranding: webapp and warehouse are not starting after upgrade

LUM-3391 - Naming a zone with a vertical bar in the name causes breakages in Rapid7 due to the way Rapid7 zone mapping data is being stored and parsed

LUM-3447 - Leaks By Direction Summary Report is failing with an error if there is no data

LUM-3454 - The removal of "spectre" left some stuff unaligned in the CLI

LUM-3457 - MSSP - getting error when creating a zone. "must be owner of table mssp_data"

LUM-3460 - PeerConnection.isConnected() can be true even when the underlying WebSocketConnection is closed

LUM-3464 - Pie chart label names can overlap

LUM-3479 - BGPScanner Null Pointer Exception

LUM-3516 - UI Automation - ReportSchedulesTest automation test verifyCreateAndConfirmAndDeleteReportSchedule failing nightly after recent update

LUM-3523 - GUI session expiration still misbehaves

LUM-3524 - CLI command "authentication pki' is displaying an error message

LUM-3526 - Metrics dashboards can have canceled queries upon first view

LUM-3530 - UI-Automation: Update Server/Credentials for Tenable SC automation

LUM-3531 - UI-Automation: Update Server/Credentials for Tenable IO automation

LUM-3539 - Splunk | App | More Dashboard Issues

LUM-3560 - 4.6 upgrade includes many rpm's that aren't in a netboot.

LUM-3566 - Update BlueCat Integration automation to allow for API timeout.

LUM-3579 - Tables automation test verifyTableTypeTest() does not fully test expected behavior

LUM-3583 - Maps can contain duplicate edges

LUM-3587 - Netboot of (at least) esi-current failing

LUM-3592 - Support Tools - Update Automation to remove checks for Cisco PX_Grid

LUM-3593 - Support Tools - Update Automation to remove checks for DXL

LUM-3596 - Zones Page - Unable to verify Zone Collector Host Discovery Edit modal header (Found '')

LUM-3600 - CLI command to list tenable.sc status is displaying "Version:" that doesn't belong.

LUM-3604 - find_trace_for_target query is different in upgrade vs netboot.

LUM-3605 - rpm mismatch between netboot and upgrade

LUM-3606 - CLI for system feed is not setting username password for tenable

LUM-3611 - Map Visio Export does not work

LUM-3613 - Dashboard Using XLSX: Update XLSX file to remove Cisco PX Grid checks

LUM-3615 - All Notifications - Expected count fails to account for pagination

LUM-3616 - DNS | Name Servers | When updating DNS server using KLISH, the GUI Name Server addresses are not updated

LUM-3617 - Forwarders Responding To Common SNMP Strings - Update expected string value to fix failing test

LUM-3618 - Integration Tests - Several tests failing because of improper syntax or unexpected return values

LUM-3619 - Zone Test - Several tests are failing because of invalid syntax errors

LUM-3622 - Zone partially created, mayhem ensues (@Transactional not respected)

LUM-3629 - Additional updates for Dashboard Using XLSX file

LUM-3632 - dops_aws_instance_summary table is missing in upgraded CC

LUM-3635 - Breach Detection Integration Test - Several tests are failing due to syntax errors

LUM-3636 - After enabling password controls: shell login is honoring the new controls, but UI is not

LUM-3637 - RedSeal Test - Fix repeated getRedSealConfig failure

LUM-3638 - Tenable SC Test - Fix repeated getTenableConfig failure

LUM-3644 - Tables and ad-hoc searches should still use the "All time" time range

LUM-3646 - PKI | GUI | Users are not listed under User ID drop-down on the Manage User Certificates webpage

LUM-3649 - latest release of 4.6 shows snmpDetails processing is 15% higher

LUM-3653 - Optimize "Cloud Devices" query

LUM-3657 - CLI support dnslookup is failing with an error

LUM-3688 - Maps | Exports | Visio export errors out on upgraded CC

LUM-3699 - Infoblox | Feed | Error when the Network block has a value in the Comments field

LUM-3705 - Warehouse: bug when dropping and adding tables

LUM-3709 - CLI - 'system feed list' is returning an error

LUM-3718 - DOPS AWS | Tables | Purge is not working

LUM-3732 - update "Leak by Direction" query so netboot and upgrade match.

LUM-3742 - the view cloud_instance_v' the column sumofrulerisks should be renamed since is no longer the sum

LUM-3743 - CloudMon_Security_Group_by_InstanceId query is returning multiple copies of the same data

LUM-3745 - Compare for saved queries are failing for 3 queries

LUM-3753 - scouts are not scanning after a multi-scout upgrade from the CC GUI

LUM-3767 - Warehouse: cannot rename tables

LUM-3768 - unfriendly error is displayed when creating or updating a table with data that has extra columns

LUM-3781 - Reports | Metric widget doesn't respond, constant spinner

LUM-3789 - Upgrading a CC with no zones when go to zone page just get 2 loading spinners

LUM-3793 - Bluecat | Functionality | Regression Testing on GW 22.4.1

LUM-3796 - DOPS | Queries | cloud_instances_by_vpc_id query errors out

LUM-3798 - DOPS | Queries | CloudMon_Security_Group query errors out

LUM-3799 - Unable to create user from MSSP CC

LUM-3800 - Qualys | API | Integration not retrieving Network IDs

LUM-3803 - Connections | Tables | Updating existing table keeps previous table configuration due to cache

LUM-3805 - Upgrade not running stigs correctly

LUM-3807 - stigs script error checking ntp.conf

LUM-3809 - Qualys | API | Regression Testing on QG3 and BC

LUM-3817 - Qualys | API | Global Asset Group not created when no zones are selected

  • No labels