FireMon is pleased to provide this overview of the new features and enhancements made for this Lumeta Enterprise Edition 4.6 release, which is recommended for all users.
Lumeta Enterprise Edition 4.6 | |
---|---|
The upgrade file is now available in FireMon User Center > Downloads. | For the upgrade procedure, see Upgrading to Lumeta Enterprise Edition 4.6. |
We recommend that you upgrade your Lumeta Enterprise Scouts whenever you upgrade your Command Center. However, Enterprise Scouts 4.4x and 4.5x are compatible with the 4.6 version of the Command Center.
Disrupt:Ops Integration
Lumeta now offers a DisruptOps/AWS integration, which replaces the Lumeta CloudVisibility engine.
To use the feature, open a Support ticket and request Disrupt:Ops. FireMon Support will respond by providing you with implementation steps and login credentials. They will also help you deploy the necessary "cloudformation stack."
- To configure this new integration, navigate to Settings > Integrations > Disrupt:Ops, and click Configure.
- Complete the form, supplying your Disrupt:Ops credentials as the Username and Password (not your AWS credentials).
Lumeta dashboards, reports, and device details have all been updated to accurately represent the data that comes from this integration.
Integrations
Lumeta 4.6 has an all-new integrations page that shows the status of your integrations at a glance. The green power buttons indicate enabled integrations; grey ones are disabled.
The configuration page for each integration provides a Test button you can use to check the connection. The system will provide feedback on whether your setup connects as intended.
External Database Connection Support: JDBC Connector
Starting in Lumeta 4.6, you can leverage external databases directly from Lumeta using the new JDBC Connector. With this new feature you are able to connect directly to external databases, query against the external tables in that DB and ingest that data into Lumeta for use in your Dashboards, Reports and Queries. If you would like to utilize this new feature, please reach out to support so we can discuss your current Use Case and assist you in setting up the connection and desired tables.
Internet of Things
With this 4.6 release, you can now use BACnet as a Host scanning protocol. BACnet responses, which are of interest to IoT/OT customers, "speak" on a specific UDP port. You can also use new CLI commands to find out whether BACnet has been configured and if so, on what port.
CLI Syntax for BACnet | CLI Example |
---|---|
collector host collectorName bacnet (true/false) | collector host c1 bacnet true |
collector host c1 collectorName (A comma separated list of UDP ports or 0 to disable) | collector host c1 bacnetPorts 47810 |
Database Schema
The Lumeta 4.6 database schema shows a visual representation of the Lumeta database.
Security Updates & STIG
Lumeta 4.6 resolves Common Vulnerabilities & Exposures (CVEs) and incorporates a variety of security-related (and non-security-related) enhancements. See Security Advisories 4.6 for a list of CVEs resolved in this Lumeta 4.6 release.
Change Log
Epic
LUM-3503 - Netflow Integration
LUM-3555- Deprecate Unused Integrations
Story
LUM-2415 - Update Tenable SecurityCenter to Tenable.sc
LUM-2913 - Add API/CLI to resize disk partions after increasing disk space
LUM-3306 - Remove the lumeta-ui component
LUM-3455 - Add BACNet as a Host protocol
LUM-3480 - Cancel Running Queries through the GUI
LUM-3481 - Automatically cancel running statements when the user refreshes a widget
LUM-3512 - CLI - Add the BACnet configuration/status options to Host
LUM-3517 - Add ports to BACnet UI
LUM-3518 - Expose Host / BACnet ports via CLI
LUM-3534 - SPIKE: Analyze how to map DisruptOps data to the existing CloudVisibility data model in Lumeta
LUM-3535 - Fix AWS dashboards and remove or hide Azure and Unified Dashboards/Reports for this release
LUM-3536 - DisruptOps mappings for Device Details
LUM-3538 - Adjust CloudVisibility integration configuration to point to DisruptOps
LUM-3556 - Remove Cisco PX Grid
LUM-3557 - Remove McAfee DXL
LUM-3580 - Use git hashes instead of build numbers in RPM versions
LUM-3582 - Design new Integrations UI page
LUM-3585 - Version number requires changing due to build number change
LUM-3597 - Feature Request allow user to update ntp servers via CLI
LUM-3610 - Update some third-party libraries for 4.6
LUM-3623 - Warehouse: Add support for ingesting raw JSON strings as fields (DisruptOps integration)
LUM-3624 - Initial ingestion spec for DisruptOps AWS data
LUM-3630 - Add more parser spec functions and first-class logging to parser specs to make development easier
LUM-3631 - Implement a first-pass DisruptOps feed downloader
LUM-3654 - Improve DisruptOps feed downloader to support full pagination and better list of fields
LUM-3655 - Put back the Cloud Map link since it's working now
LUM-3685 - Warehouse: Add support for periodic statements against external data connections
LUM-3707 - Username, password and key in system.feed should be encrypted
LUM-3708 - Remove old Integration API code (unused)
LUM-3717 - Add CLI support for configuring DisruptOps (CloudAWS) integration
LUM-3722 - CLONE - Feature Request: Enable "Find Path" for Discovered, Untargeted Devices.
LUM-3723 - Warehouse should not allow duplicate widget names in the same Dashboard
LUM-3726 - Warehouse: support SQL file inclusions in DDL
LUM-3727 - 4.6 Release Activities
LUM-3744 - Warehouse: enhance SQL file inclusions in DDL
LUM-3762 - Improve Audit Log retrieval and display
LUM-3763 - License and upgrade modal should be informational (not alerting)
LUM-3769 - Handle 504: Gateway Timeout from DisruptOps more broadly
LUM-3804 - At least 6hour netboots failing
LUM-3814 - Uptick Apache Commons Text to at least 1.10.0
LUM-3815 - Uptick the Apache Hive driver to 3.1.3
Bug
LUM-3040 - PKI | CLI | ssh install command does not report error for invalid file
LUM-3206 - Rebranding: webapp and warehouse are not starting after upgrade
LUM-3391 - Naming a zone with a vertical bar in the name causes breakages in Rapid7 due to the way Rapid7 zone mapping data is being stored and parsed
LUM-3447 - Leaks By Direction Summary Report is failing with an error if there is no data
LUM-3454 - The removal of "spectre" left some stuff unaligned in the CLI
LUM-3457 - MSSP - getting error when creating a zone. "must be owner of table mssp_data"
LUM-3460 - PeerConnection.isConnected() can be true even when the underlying WebSocketConnection is closed
LUM-3464 - Pie chart label names can overlap
LUM-3479 - BGPScanner Null Pointer Exception
LUM-3516 - UI Automation - ReportSchedulesTest automation test verifyCreateAndConfirmAndDeleteReportSchedule failing nightly after recent update
LUM-3523 - GUI session expiration still misbehaves
LUM-3524 - CLI command "authentication pki' is displaying an error message
LUM-3526 - Metrics dashboards can have canceled queries upon first view
LUM-3530 - UI-Automation: Update Server/Credentials for Tenable SC automation
LUM-3531 - UI-Automation: Update Server/Credentials for Tenable IO automation
LUM-3539 - Splunk | App | More Dashboard Issues
LUM-3560 - 4.6 upgrade includes many rpm's that aren't in a netboot.
LUM-3566 - Update BlueCat Integration automation to allow for API timeout.
LUM-3579 - Tables automation test verifyTableTypeTest() does not fully test expected behavior
LUM-3583 - Maps can contain duplicate edges
LUM-3587 - Netboot of (at least) esi-current failing
LUM-3592 - Support Tools - Update Automation to remove checks for Cisco PX_Grid
LUM-3593 - Support Tools - Update Automation to remove checks for DXL
LUM-3596 - Zones Page - Unable to verify Zone Collector Host Discovery Edit modal header (Found '')
LUM-3600 - CLI command to list tenable.sc status is displaying "Version:" that doesn't belong.
LUM-3604 - find_trace_for_target query is different in upgrade vs netboot.
LUM-3605 - rpm mismatch between netboot and upgrade
LUM-3606 - CLI for system feed is not setting username password for tenable
LUM-3611 - Map Visio Export does not work
LUM-3613 - Dashboard Using XLSX: Update XLSX file to remove Cisco PX Grid checks
LUM-3615 - All Notifications - Expected count fails to account for pagination
LUM-3616 - DNS | Name Servers | When updating DNS server using KLISH, the GUI Name Server addresses are not updated
LUM-3617 - Forwarders Responding To Common SNMP Strings - Update expected string value to fix failing test
LUM-3618 - Integration Tests - Several tests failing because of improper syntax or unexpected return values
LUM-3619 - Zone Test - Several tests are failing because of invalid syntax errors
LUM-3622 - Zone partially created, mayhem ensues (@Transactional not respected)
LUM-3629 - Additional updates for Dashboard Using XLSX file
LUM-3632 - dops_aws_instance_summary table is missing in upgraded CC
LUM-3635 - Breach Detection Integration Test - Several tests are failing due to syntax errors
LUM-3636 - After enabling password controls: shell login is honoring the new controls, but UI is not
LUM-3637 - RedSeal Test - Fix repeated getRedSealConfig failure
LUM-3638 - Tenable SC Test - Fix repeated getTenableConfig failure
LUM-3644 - Tables and ad-hoc searches should still use the "All time" time range
LUM-3646 - PKI | GUI | Users are not listed under User ID drop-down on the Manage User Certificates webpage
LUM-3649 - latest release of 4.6 shows snmpDetails processing is 15% higher
LUM-3653 - Optimize "Cloud Devices" query
LUM-3657 - CLI support dnslookup is failing with an error
LUM-3688 - Maps | Exports | Visio export errors out on upgraded CC
LUM-3699 - Infoblox | Feed | Error when the Network block has a value in the Comments field
LUM-3705 - Warehouse: bug when dropping and adding tables
LUM-3709 - CLI - 'system feed list' is returning an error
LUM-3718 - DOPS AWS | Tables | Purge is not working
LUM-3732 - update "Leak by Direction" query so netboot and upgrade match.
LUM-3742 - the view cloud_instance_v' the column sumofrulerisks should be renamed since is no longer the sum
LUM-3743 - CloudMon_Security_Group_by_InstanceId query is returning multiple copies of the same data
LUM-3745 - Compare for saved queries are failing for 3 queries
LUM-3753 - scouts are not scanning after a multi-scout upgrade from the CC GUI
LUM-3767 - Warehouse: cannot rename tables
LUM-3768 - unfriendly error is displayed when creating or updating a table with data that has extra columns
LUM-3781 - Reports | Metric widget doesn't respond, constant spinner
LUM-3789 - Upgrading a CC with no zones when go to zone page just get 2 loading spinners
LUM-3793 - Bluecat | Functionality | Regression Testing on GW 22.4.1
LUM-3796 - DOPS | Queries | cloud_instances_by_vpc_id query errors out
LUM-3798 - DOPS | Queries | CloudMon_Security_Group query errors out
LUM-3799 - Unable to create user from MSSP CC
LUM-3800 - Qualys | API | Integration not retrieving Network IDs
LUM-3803 - Connections | Tables | Updating existing table keeps previous table configuration due to cache
LUM-3805 - Upgrade not running stigs correctly
LUM-3807 - stigs script error checking ntp.conf
LUM-3809 - Qualys | API | Regression Testing on QG3 and BC
LUM-3817 - Qualys | API | Global Asset Group not created when no zones are selected