What's New in Axonius 3.10

Release Date: September-29-2020

Adapters

New Adapters

The following new adapters have been added in this release:

1. Awake Security
   • Awake Security is a network traffic analysis solution that's capable of detecting and visualizing behavioral, mal-intent and compliance incidents.
   • This adapter fetches the following types of assets: Devices.
2. Gigamon GigaVUE-FM (Fabric Manager)
   • Gigamon GigaVUE-FM (Fabric Manager) delivers management and monitoring of all physical and virtual nodes across your on-premises, virtual and public-cloud deployments.
   • This adapter fetches the following types of assets: Devices.
3. PingOne Directory
   • PingOne Directory provides a hosted directory service that developers can use to store user authentication and profile data.
   • This adapter fetches the following types of assets: Users.
4. Thycotic Secret Server
   • Thycotic Secret Server is a Privileged Access Management (PAM) solution for protecting your privileged accounts, available both on premise or in the cloud.
   • This adapter fetches the following types of assets: Users.
5. Uptycs
   • Uptycs is an osquery-powered security analytics platform pairs a universal agent with analytics for fleet visibility, intrusion detection, incident investigation, vulnerability management & compliance for Linux, macOS, Windows, containers, and cloud workloads.
   • This adapter fetches the following types of assets: Devices.

For more details, explore the entire list of supported and integrated adapters.

Updated Adapters

The following adapters have been enhanced:

• Add Connection Dialog - Added a new Active connection toggle button.

  • If switched on, the configured connection will be considered as active.
    • The connection can be saved and fetch data from its source. Therefore:
      • The Check Network Connectivity button will be enabled.
      • The Save and Fetch button will be enabled.
      • During a discovery cycle, data will be fetched from the source of this connection.
  • If switched off, the configured connection will be considered as inactive:
    • The connection can be saved, but it will not fetch data from its source. Therefore:
      • The Check Network Connectivity button will be disabled.
      • The Save and Fetch button will be disabled.
      • During a discovery cycle, this connection will be ignored and no data will be fetched from its source.
    • Inactive connection is displayed as
  • The default value for this toggle button is On.

  

• 'File-based' Adapters (Connection Configuration) - Modified the Path to Resource (SMB/URL) field in the Add Connection dialog for all 'file-based' adapters.
  • Added authentication for SFTP and FTPS in addition to FTP.
  • If an FTP URL is supplied, all URLs must start with FTP:// or with SFTP:// or with FTPS://
    • The default port for each method is as follows:
      • FTP: 21
      • SFTP: 22
      • FTPS: 990
    • A custom port can be specified in the supplied path, for example: ftps://my.host.in.axonius.com:21/path/to/file.ext
      
      
• BlueCat Enterprise DNS (Advanced Settings) - Added a new Exclude no 'Last Seen' devices checkbox to the BlueCat Enterprise DNS Configuration tab in the Advanced Settings for this adapter.
  • This new checkbox lets you select whether to exclude devices that do not have 'last seen' indication.
  • If enabled, all connections for this adapter will not fetch devices that do not have 'last seen' indication.
  • If disabled, all connections for this adapter will fetch devices, even those do not have 'last seen' indication.
  • This new checkbox is required.
  • The default value for this checkbox is False.
    
    
• Cisco (Advanced Settings) - Added a new Fetch ARP data checkbox to the Cisco Configuration tab in the Advanced Settings for this adapter.
  • This new checkbox lets you select whether to fetch ARP data from the Cisco server.
  • If enabled, all connections for this adapter will fetch ARP data from Cisco.
  • If disabled, all connections for this adapter will not fetch ARP data from Cisco.
  • This new checkbox is required.
  • The default value for this checkbox is True.
    
    
• DNS Made Easy (Advanced Settings) - Added a new Fetch all record types checkbox to the DNS Made Easy Configuration tab in the Advanced Settings for this adapter.
  • This new checkbox lets you select whether to fetch only 'A' records or all the record types from DNS Made Easy.
  • If enabled, all connections for this adapter will fetch all available record types from DNS Made Easy.
    • The available record types are:
      • A
      • AAAA
      • ANAME
      • CAA
      • CNAME
      • HTTP Redirection
      • MX
      • NS
      • PTR
      • SPF
      • SRV
      • System NS
      • TXT
  • If disabled, all connections for this adapter will fetch all 'A' records from DNS Made Easy.
  • This new checkbox is required.
  • The default value for this checkbox is False.
    
    
• Juniper Junos (Connection Configuration) - Added a new SSH Configurations File field to the Add Connection dialog for this adapter..
  • This new field provides the ability to upload and use a custom SSH config file.
  • If supplied, the connection for this adapter will use the uploaded custom SSH client configuration file.
  • If not supplied, the connection for this adapter will use default configurations.
  • This new field is optional.
    
    
• Juniper Junos Space (Advanced Settings) - - Added a new Fetch Vlans and interfaces information checkbox to the Juniper Junos Space Configuration tab in the Advanced Settings for this adapter.
  • This new checkbox lets you select whether to fetch Vlans and interfaces information from Juniper Junos Space.
  • If enabled, all connections for this adapter will fetch Vlans and interfaces information.
  • If disabled, all connections for this adapter will not fetch Vlans and interfaces information.
  • This new checkbox is required.
  • The default value for this checkbox is True.
    
    
• Okta (Advanced Settings) - Added a new Email domain whitelist field to the Okta Configuration tab in the Advanced Settings for this adapter.
  • This new field lets you specify a comma-separated list of email domains.
  • If supplied, all connections for this adapter will only fetch users whose email domain is in the specified list.
  • If not supplied, all connections for this adapter will fetch all users.
  • This new field is optional.
  • The default value for this field is empty.
    
    
• phpIPAM (Connection Configuration) - Added a new Fetch Users checkbox to the Add Connection dialog for this adapter.
  • This new checkbox lets you select whether to fetch user data from the phpIPAM server.
  • If enabled, the connection for this adapter will fetch user data. Each user will be added as a unique user in Axonius.
  • If disabled, the connection for this adapter will not fetch user data.
  • This new checkbox is required.
  • The default value for this checkbox is False.
    
    
• Qualys Cloud Platform (Advanced Settings) - Multiple enhancements:
  • Added a new Do not fetch devices with no MAC address and no hostname checkbox to the Qualys Configuration tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to exclude fetching devices without MAC address and without hostname.
    • If enabled, all connections for this adapter will only fetch devices having MAC address or hostname.
    • If disabled, all connections for this adapter will fetch devices even if those do not have MAC address and no hostname.
    • This new checkbox is required.
    • The default value for this checkbox is False.
  • Added a new Fetch PCI Flag checkbox to the Qualys Configuration tab in the Advanced Settings for this adapter.
    • This new checkbox lets you select whether to add a PCI Flag to fetched vulnerabilities.
    • If enabled, all connections for this adapter will add a PCI Flag to fetched vulnerabilities.
    • If disabled, all connections for this adapter will not add a PCI Flag to fetched vulnerabilities.
    • This new checkbox is required.
    • The default value for this checkbox is False.
      
      
• ServiceNow (Advanced Settings) - Added a new RAM from source in GB checkbox in the Advanced Settings for this adapter.
  • This new checkbox enables you to select whether the RAM data fetched from ServiceNow is in GB memory units.
  • If enabled, all connections for this adapter will consider the RAM data fetched from ServiceNow is in GB memory units.
  • If disabled, all connections for this adapter will consider the RAM data fetched from ServiceNow is in MB memory units.
  • This new checkbox is required.
  • The default value for this checkbox is False.
    
    

Dashboard Updates

The following updates have been made to the Axonius Dashboard:

• Dashboard Spaces - Multiple enhancements:

  • Replaced the add space '+' button with an Add Space button.
  • Added new '<' and '>' buttons to navigate between dashboard spaces.

• Adapter Connections Status Chart - Added inactive adapter connections to the Adapter Connections Status chart.

• All Custom Charts - added a new Chart Filters dialog.

  • This new dialog lets you specify filters on the chart data.
  • Moved the Select historical date date picker under the new Chart Filters dialog.
  • Moved the Search name filter for Field Segmentation Bar Chart under the new Chart Filters dialog.
  • Added a new Show Results button to the Chart Filters dialog.
    • This new buttons lets you view the chart results based on the supplied filters.
  • Added a new Clear Filters button to the Chart Filters dialog.
    • This new buttons lets you clear the supplied filters and view the chart results based on its configuration.

  

• Bar Charts - Modified the pagination control of Bar Charts.

  • The new control lets you also specify a specific page and display that page.

  

Enforcement Center Updates

The following updates have been made to the Axonius Security Policy Enforcement Center:

• Enforcement Center Page - Multiple enhancements:
  • The Main Action column has be renamed to Main Action Name.
  • Added a new Main Action Type column.
    • This column displays the enforcement set main action type.
  • Added a new Trigger Schedule column.
    • This new column displays the trigger schedule type, if configured.
• Enforcement Tasks Page - Multiple enhancements:
  • The Main Action column has be renamed to Main Action Name.
  • Added a new Main Action Type column.
    • This column displays the enforcement set main action type.
  • Added a new Trigger Conditions column.
    • This new column displays the trigger schedule type and additional conditions, if configured.

New Actions

The following Actions have been added:

• Create Ivanti Service Manager Computer - Added a new enforcement action called Create Ivanti Service Manager Computer under the Manage CMDB Computer category.
  • This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and creates a computer in Ivanti Service Manager for each of the query result entities.
    
    
• Update Ivanti Service Manager Computer - Added a new enforcement action called Update Ivanti Service Manager Computer under the Manage CMDB Computer category.
  • This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) with devices fetched by Ivanti Service Manager and update those devices' details in Ivanti Service Manager.
    
    
• Manage Computer in ManageEngine Desktop Central SoM - Added a new enforcement action called Manage Computer in ManageEngine Desktop Central SoM under the Execute Endpoint Security Agent Action category.
  • This new action takes the saved query supplied as a trigger (or devices that have been selected in the asset table) and lets you Install/Uninstall desktop central agent and remove details of a computer managed by ManageEngine Desktop Central.
    
    

Updated Actions

The following Actions have been enhanced:

• Create ServiceNow Incident - Added a new Table name field to the Add Action dialog for this action.
  • This new field lets you specify the ServiceNow table name in which the incident will be created.
  • If supplied, the incident will be created in the specified table name.
  • If not supplied, the incident will be created in the 'incident' table.
  • This new field is optional.
  • The default value for this field is incident.
    
    

Cloud Asset Compliance Updates

The following updates have been made to Cloud Asset Compliance:

• CIS Microsoft Azure Foundations Benchmark v1.1 - Added Affected Assets for relevant rules in the Identity and Access Management and Networking categories.
• Manage comments on Benchmark rules - Add a new Comments section to the Rule drawer that provides the capability of adding comments on benchmark results so anybody looking at the results would have the benefit of understanding the full context.
  • The new section enables to Add, Edit or Delete comments on benchmark rules for a specific account or for all accounts.
    

Administrator Settings Interface Updates

The following updates have been made to administrator settings in Axonius:

• Lifecycle Settings - Added a new Save entity advanced view data under the Historical Snapshot Data Settings section.
  • This new checkbox lets you select whether to save entities advanced view data (the raw data fetched from the adapter connection source) as part of the historical collected data. This setting is only relevant if the Enable daily historical snapshot is enabled.
  • If enabled, the saved historical collected data will include all the entities advanced view data.
  • If disabled, the saved historical collected data will not include any of the entities advanced view data.
  • This new checkbox is required.
  • The default value for this checkbox is False.

• Global Settings - Multiple enhancements:

  • Added AWS Secrets Manager as a new option to the Password Manager field under the Enterprise Password Management Settings section.

    • The integration between Axonius and AWS Secrets Manager enables Axonius to securely pull privileged credentials from AWS Secrets Manager. The integration helps ensuring that privileged credentials are secured in the AWS Secrets Manager, rotated to meet company guidelines, and meet complexity requirements.

  • Added a new Remove domain from preferred host name checkbox under the Aggregation Settings section.

    • This new checkbox lets you select whether to include the domain value in the Preferred Host Name field.
    • If enabled, the Preferred Host Name field value will not include the domain value.
    • If disabled, the Preferred Host Name field value will include the domain value.
    • This checkbox is required.
    • The default value for this checkbox is False.