What's New in Axonius 3.0
  • 12 Feb 2024
  • 12 Minutes to read
  • Dark
    Light
  • PDF

What's New in Axonius 3.0

  • Dark
    Light
  • PDF

Article Summary

Release Date: Feb-11-2020


Adapters

New Adapters

The following new adapters have been added in this release:

  1. Eclypsium - Protects the foundation of the computing infrastructure, controlling risks and stopping threats to enterprise firmware and hardware devices.
  2. Ivanti Service Manager - Is a cloud based ITSM solution that provides workflows automation, IT help desk and support ticket features, and ITIL service management processes.
  3. Invanti Unified Endpoint Manager (Landesk) - Helps IT administrators gather detailed device data, automate software and OS deployments, personalize workspace environments, and fix user issues.
  4. JSON - Is able to import .json files with information about devices, users, or installed software.
  5. Microsoft Defender ATP - Helps enterprise networks prevent, detect, investigate, and respond to advanced threats.
  6. Observium - An auto-discovering network monitoring platform supporting a wide range of device types, platforms and operating systems.

For more details, explore the entire list of supported and integrated adapters.

Updated Adapters

The following Adapters have been enhanced:

  • Amazon Web Services (AWS) - The Amazon Web Services (AWS) adapter has been enhanced to fetch:

    • Amazon Virtual Private Cloud (VPC) tags as part of devices assets data.
    • Information about the root user for each AWS account, including access token status, MFA status, and more.

  • Claroty - Multiple enhancements:

    • Added a new Tenant Tag field to the Add Connection dialog for this adapter.
      • This new field lets you automatically tag all devices discovered by the specific adapter connection.
      • The tag value can be used in future queries.
      • This field is optional.
      • The default value for this field is empty.
    • Added a new Virtual zone exclude list field to the Claroty Configuration tab in the Advanced Settings for this adapter.
      • This new field lets you specify a comma-separated list of Claroty virtual zones.
      • If supplied, all connections for this adapter will not fetch devices from virtual zones which are any of the comma-separated list of Claroty virtual zones that have been defined in this field.
      • If not supplied, all connections for this adapter will fetch devices regardless of their Claroty virtual zone.
      • This field is optional.
      • The default value for this field is empty.
    • Added a new Exclude devices with no MAC address checkbox to the Claroty Configuration tab in the Advanced Settings for this adapter.
      • If enabled, all connections for this adapter will not fetch devices if they do not have a MAC address.
      • If disabled, all connections for this adapter will fetch devices even if they do not have a MAC address.
      • The default value for this checkbox is False.

  • 'File-based' Adapters - All adapters that import files have been aligned with the CSV Serials adapter parameter list and functionality:

  • CSV Serials (Connection Configuration) - The CSV Serials adapter parameter list and functionality have been enhanced to support all adapters that import files:

    • The Is Users CSV File field has been renamed to File contains users information, to clarify this field is now applicable for multiple different adapters supporting different file types.
    • The Is Installed Software File field has been renamed to File contains installed software information, to clarify this field is now applicable for multiple different adapters supporting different file types.
    • Modified and consolidated the CSV URL Path field and the CSV Share Path field to a single Path to Resource (SMB/URL) field in the Add Connection dialog for all adapters.
      • This new field lets you specify a HTTP(S) URL or an SMB share path where a CSV file can be fetched for this connection.
      • If an SMB share path is supplied, the path must start with double-backslashes ("\\").
      • If a URL is supplied:
        • The endpoint must support the HTTP GET method.
        • All URLs must start with HTTP:// or with HTTPS://.
      • The default value for this field is empty.
    • Modified the CSV Share Username field in the Add Connection dialog for all adapters:
      • This field has been renamed to User name for online resource (Share/URL), to clarify this field is now applicable for multiple different adapters supporting different file types.
      • If supplied for an SMB path, the user name will be used for authentication for this connection.
      • If supplied for a URL, the user name will be used for BASIC authentication for this connection.
      • The default value for this field is empty.
    • Modified the CSV Share Password field in the Add Connection dialog for all adapters:
      • This field has been renamed to Password for online resource (Share/URL), to clarify this field is now applicable for multiple different adapters supporting different file types.
      • If supplied for an SMB path, the password will be used for authentication for this connection.
      • If supplied for a URL, the password will be used for BASIC authentication for this connection.
      • The default value for this field is empty.
    • Added a new Encoding field to the Add Connection dialog for all adapters.
      • This new field lets you specify the file encoding type.
      • If supplied Axonius will try to encode the CSV file based on the specified the file encoding type (for example, utf-8) for this connection.
      • If not supplied, Axonius will try to encode the CSV file based on common file encoding types for this connection.
      • The default value for this field is empty.
    • Added a new Verify SSL field to the Add Connection dialog for all adapters.
      • If HTTP(S) URL is supplied, verify the SSL certificate offered by the host supplied in the Path to Resource (SMB/URL) field. For more details, see SSL Trust & CA Settings.
      • If enabled, the SSL certificate offered by the host will be verified against the CA database inside of Axonius. If it fails validation, the connection will fail with an error.
      • If disabled, the SSL certificate offered by the host will not be verified against the CA database inside of Axonius.
      • The default value for this field is False.
    • Added a new HTTP proxy field to the Add Connection dialog for all adapters.
      • This new field lets you specify a HTTP proxy to use when connecting to a HTTP(S) URL specified in Path to Resource (SMB/URL)
      • If supplied, Axonius will utilize the HTTP proxy when connecting to the host defined for this connection.
      • If not supplied, Axonius will connect directly to the host defined for this connection.
      • This field is optional.
      • The default value for this field is empty.
    • Added a new HTTPs proxy field to the Add Connection dialog for all adapters.
      • This new field lets you specify a HTTPs proxy to use when connecting to a HTTP(S) URL specified in Path to Resource (SMB/URL)
      • If supplied, Axonius will utilize the HTTPs proxy when connecting to the host defined for this connection.
      • If not supplied, Axonius will connect directly to the host defined for this connection.
      • This field is optional.
      • The default value for this field is empty.
    • Added a new Additional HTTP headers field to the Add Connection dialog for all adapters.
      • If supplied Axonius will pass additional information with the HTTP request (for example, {"Accept": "text/csv"}) for this connection.
      • If not supplied, Axonius will not pass additional information with the HTTP request for this connection.
      • The default value for this field is empty.

  • Endgame (Advanced Settings) - Added a new Endgame status exclude list field to the Endgame Configuration tab in the Advanced Settings for this adapter.

    • This new field lets you specify a comma-separated list of Endgame statuses.
    • If supplied, all connections for this adapter will not fetch devices whose Endgame status is any of the comma-separated list of Endgame statuses that have been defined in this field.
    • If not supplied, all connections for this adapter will fetch devices with any Endgame status.
    • This field is optional.
    • The default value for this field is empty.

  • Google Cloud Platform (GCP) (Advanced Configuration) - Multiple enhancements:

    • Added a new Fetch all Google Cloud Storage buckets checkbox to the Google Cloud Storage Configuration tab in the Advanced Settings for this adapter.
      • If enabled, all connections for this adapter will fetch the Google Cloud Storage buckets.
      • If disabled, all connections for this adapter will not fetch the Google Cloud Storage buckets.
      • The default value for this checkbox is False.
    • Added a new Fetch Object metadata in Google Cloud Storage buckets checkbox to the Google Cloud Storage Configuration tab in the Advanced Settings for this adapter.
      • If enabled, all connections for this adapter will fetch Object metadata in Google Cloud Storage buckets.
      • If disabled, all connections for this adapter will not fetch Object metadata in Google Cloud Storage buckets.
      • This settings, even if checked, is only applicable when Fetch all Google Cloud Storage buckets is enabled, otherwise this setting is ignored.
      • The default value for this checkbox is False.

  • Splunk (Advanced Settings) - Multiple enhancements:

    • Added a new Splunk search macros list field to the Splunk Configuration tab in the Advanced Settings for this adapter.
      • This new field lets you specify a comma-separated list of Splunk search macro names. For details on Splunk search macros, see Splunk Knowledge Manager Manual - Define search macros in Settings.
      • Axonius will run the Splunk search macros names and will consider the results as if those were received from a CSV file. This means the search macros must include at least one column of required data as specified in the CSV Serials adapter - Which fields will be imported with a devices file?.
      • If supplied, all connections for this adapter will run the specified search macros and will fetch devices from the results.
      • If not supplied, all connections for this adapter will not include any search macros results in the fetched data.
      • This field is optional.
      • The default value for this field is empty.
    • Added a new Fetch devices from Cisco checkbox to the Splunk Configuration tab in the Advanced Settings for this adapter.
      • If enabled, all connections for this adapter will fetch the devices data from Cisco data in Splunk.
      • If disabled, all connections for this adapter will not fetch the devices data from Cisco data in Splunk.
      • The default value for this checkbox is True.

  • SQL Server (Connection Settings) - Modified the Database Type field in the Add Connection dialog for this adapter.

    • This field now lets you choose Oracle DB as the SQL server database type.

  • Tanium (Connection Settings) - Multiple enhancements:

    • Added a new Fetch devices from Tanium System Status checkbox to the Add Connection dialog for this adapter.
      • If enabled, Axonius will fetch all assets from the Administration > System Status page.
      • If disabled, Axonius will fetch not fetch assets from the Administration > System Status page.
      • The default value for this field is False.
    • Modified the Saved Question Name field in the Add Connection dialog for this adapter.
      • Renamed the field to Saved Question Names (comma separated)
      • This field now takes a comma separated list of Tanium Saved Questions to fetch assets from.
    • Modified the logic of the Add Connection dialog for this adapter.
      • An error will be returned if at least one of the following parameters are not supplied:
        • Fetch devices from Tanium System Status
        • Fetch devices from Tanium Discover Module
        • Saved Question Names (comma separated)
        • Tanium Asset Module Report Name

  • Tenable.io (Advanced Settings) - Added a new Do not fetch devices with no 'Last Scan' checkbox to the Tenable.io Configuration tab in the Advanced Settings for this adapter.

    • If enabled, all connections for this adapter will not fetch devices if they do not have a last scan indication.
    • If disabled, all connections for this adapter will fetch devices even if they do not have a last scan indication.
    • The default value for this checkbox is False.

  • VMware ESXi (Advanced Settings) - Added a new Fetch only turned on machines checkbox to the VMware ESXi Configuration tab in the Advanced Settings for this adapter.

    • If enabled, all connections for this adapter will only fetch ESXi devices in which their power state is turned on.
    • If disabled, all connections for this adapter will fetch all ESXi devices, regardless of their power state.
    • The default value for this checkbox is False.

Dashboard Updates

The following updates have been made to the Axonius Dashboard:

  • Field Segmentation Charts - Added the option to search for specific segments within the Field Segmentation chart displayed results.
    • Hover over the chart panel to display the search box.
    • The search behaves as 'contains' and it is case-insensitive.

image.png

Enforcement Center Updates

The following updates have been made to the Axonius Security Policy Enforcement Center:

New Actions

The following Actions have been added:

  • Add IPs to Qualys Cloud Platform - Added a new enforcement action called Add IPs to Qualys Cloud Platform to the Add Device to VA Scan category.

    • This new action adds IP addresses as host assets to an existing asset group or creates a new one.

    image.png


Device and User Tables Interface Updates

The following updates have been made to the device and user tables related capabilities in Axonius:

  • Query Wizard - Added the ability to drag and drop expressions.
    image.png


Administrator Settings Interface Updates

The following updates have been made to administrator settings in Axonius:

  • Lifecycle Settings - Modified the Schedule Rate (hours) setting in the Discovery Settings section.

    • This setting has been renamed to Discovery schedule, to clarify it also allows to schedule the daily discovery time.
    • This setting lets you select from two values:
      • Interval (Default) - When this option is selected, Discovery cycles will run in intervals according to the value defined in the Hours between discovery cycles field.
      • Daily - When this option is selected, Discovery cycles will run daily at the time specified in Daily discovery time field.

    image.png


  • Global Settings - Multiple enhancements:
    • Modified the Adapters errors email address setting in the Notifications Settings section to also send emails when a node hasn't communicated for over 3 hours.
    • Added a new Correlate users by AD display name setting in the Correlation Settings section.
      • If enabled, Axonius correlates users also by Microsoft Active Directory (AD) display name.
      • If disabled, Axonius users correlation logic ignores Microsoft Active Directory (AD) display name.
      • The default value for this setting is True.
    • Added a new Correlate users by user name and domain only setting in the Correlation Settings section.
      • If enabled, Axonius correlates users by user name and domain only.
      • If disabled, Axonius use its default correlation logic to correlate users.
      • The default value for this setting is False.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.