- 24 Mar 2022
- 6 Minutes to read
- Print
- DarkLight
- PDF
What's New in Axonius 2.9
- Updated on 24 Mar 2022
- 6 Minutes to read
- Print
- DarkLight
- PDF
Watch the two-part video series, “What’s New in Axonius 2.9 ”, or read the product release notes below.
Adapters
New Adapters
The following new adapters have been added in this release:
- Automox - A cloud-based patch and configuration management solution for Windows, Linux, Mac, and third-party software.
- Indegy Industrial Cybersecurity Suite - Protects industrial networks from cyber threats, malicious insiders, and human error, including threat detection and mitigation, asset tracking, vulnerability management, configuration control, and device integrity checks.
- F5 BIG-IP iControl - A Web services-enabled open API providing granular control over the configuration and management of F5's application delivery platform, BIG-IP.
- IBM MaaS360 - A Unified Endpoint Management (UEM) platform covering endpoints, end-users, apps, content, and data. It also gives visibility and control to manage mobile devices running iOS, macOS, Android, and Windows.
- Kaspersky Security Center - Is an administration console for Kaspersky Labs security solutions and systems management tools.
- Signal Sciences - A web protection platform that protects on-premise, multi-cloud and hybrid-cloud apps, within containers and serverless functions.
- Symantec Endpoint Protection 12.x - Manages events, policies, and registration for the client computers that connect to customer networks.NOTEThe Symantec Endpoint Protection 12.x adapter has been added as a new adapter due to the different API calls and credentials it requires. Symantec Endpoint Protection 14.x still exists as its own adapter.)
- VMware vCloud Director - Is a cloud service-delivery platform to operate and manage cloud-service businesses.
For more details, see the entire list of supported and integrated adapters.
Updated Adapters
The following Adapters have been enhanced:
Amazon Web Services (AWS) (advanced settings) - Added a new Fetch Information about RDS checkbox in the Advanced Settings in the AWS Settings tab in in the adapter. Enabling this checkbox will tell the adapter to collect instances of Amazon RDS (Relational Database Service) in addition to the other instance types.
Have I Been Pwned (connection configuration) - Added a new Have I Been Pwned Domain field to the Add Server dialog. This new field allows you to use the domain of a proxy for this adapter instead of connecting directly to the server using the default domain of https://haveibeenpwned.com.
Microsoft Azure and Microsoft Azure Active Directory (Azure AD) (connection configuration) - Added a new Account Tag field to the Add Server dialog. This new field lets you assign a nickname per server for this adapter that can be used in future queries.
MobileIron EMM (connection configuration) - Added a new Is MobileIron Cloud checkbox to the Add Server dialog. This adapter now supports both MobileIron Core and MobileIron Cloud solutions. You can use this checkbox to let the adapter know which product you are connecting to.
Rapid7 Nexpose: Token (for 2FA only) (connection configuration) - Added a new Token (for 2FA only) field. This new field allows you to use a Two Factor Authentication token if you have configured Rapid7 Nexpose to utilize 2FA.
UX Enhancements
The following UX updates have been made to the adapters configurations related screens:
- Added a new toggle called Configured Only: If enabled the adapters page will only show adapters that have servers configured.
- Added a number to the left of each adapter displaying the number of configured servers that have no connection issues with a green circle above it.
- Added a number to the left of each adapter displaying the number of configured servers that have connection issues with a red triangle above it.
- Test Reachability button in the Adapter Server Connection screen - The Test Connectivity button has been renamed to Test Reachability in order to make it clearer that using this button only tests the connection to the supplied domain or IP address and does not test the credentials or the fetch workflow.
Dashboard Updates
The following updates have been made to the Axonius Dashboard:
- Added a Last cycle started at information field. This entry shows the start timestamp of the last discovery cycle that was initiated automatically or manually by a user.
- Added a Last cycle completed at information field. This entry shows the end timestamp of the last discovery cycle that was initiated automatically or manually by a user.
Field Segmentation panels with bar charts
- Added the ability to page through all of the results for Device Discovery, User Discovery, and custom panels of this type.
- Added an Export to CSV icon to the upper right corner of panels of this type.
Enforcement Center Updates
The following updates have been made to the Axonius Security Policy Enforcement Center:
New Actions
The following new Actions have been added:
- Enrich Device Data with Portnox - Added a new enforcement action called Enrich Device Data with Portnox to the Enrich Device or User Data action category.
This new action will enrich devices returned from a query with additional data from Portnox.
- Create BMC Helix Remedy Ticket - Added a new enforcement action called Create BMC Helix Remedy Ticket to the Create Incident action category.
This new action will create a ticket in BMC Helix Remedy for device or user objects returned from a query.
Add Custom Data - Added a new enforcement action called Add Custom Data to the Axonius Utilities action category.
This new action allows you to add a single custom string field to each user or device returned from a query that can be used in future queries.
Updated Actions
The following Actions have been enhanced:
- Add IPs to Tenable.sc Asset - Added a new Exclude IPv6 checkbox in the Add Action dialog. This checkbox allows you to exclude IPv6 addresses when adding the IP addresses of each device returned from a query to the Tenable.sc desired asset. This defaults to enabled.
- Add IPs to Tenable.io Target Group - Added a new Exclude IPv6 checkbox in the Add Action dialog. This checkbox allows you to exclude IPv6 addresses when adding the IP addresses of each device returned from a query to the Tenable.io desired target group. This defaults to enabled.
- Enrich User Data with Have I Been Pwned - Added a new Have I Been Pwned Domain field to the Add Action dialog. This field allows you to use the domain of a proxy for this adapter instead of connecting directly to the server using the default domain of https://haveibeenpwned.com.
Device and User Interface Updates
The following updates have been made to device and user-related capabilities in Axonius:
Devices and Users Tables Updates
Filtered fields to show only specific values.
Multi-field columns can now be:
- Added to the columns shown in a table.
- Filtered to show complex data in a single field. For example the Installed Software field or the Agent Versions field.
CSV exports have been modified to support the new filters for multi-field columns.
Query Wizard Updates
The following updates have been made to the Query Wizard:
The adapter source of a General Data field can now be specified. By default, all adapter sources are queried.
- Added the ability to build a query with the new Agent Versions section in the General Data tab. In addition to searching for devices that are missing an agent, you can now build a query that searches for devices that have an outdated agent version.
Device Details Interface Updates
The following updates have been made to Device Details:
- General Data Tab - A new Agent Versions section has been added that displays a list of agents installed on the device. The information for each agent is split into name, version, and status columns. A status of Not Provided is shown when no status has been provided.
Axonius Instances Interface Updates
- Hostname and IP details of each Axonius node - The hostname and IP address information has been added to the details of each connected instance of Axonius.