- 24 Mar 2022
- 17 Minutes to read
- Print
- DarkLight
- PDF
Coming Soon - Axonius 4.2
- Updated on 24 Mar 2022
- 17 Minutes to read
- Print
- DarkLight
- PDF
Expected Release Date: April-2021
Release Highlights
- Adapters Fetch History - Terminate Fetch
- Added a new Actions menu with a Terminate Fetch option to the Adapters Fetch History page. Terminate Fetch lets you terminate Fetch for adapters.
- Terminate Fetch is only applicable to adapters with the status 'Fetch Started'.
- Fetch Terminated status was added to the list of statuses.
- Enforcement Tasks Page - Terminate Task - Multiple enhancements:
Added a new Actions menu with a Terminate Task option. Terminate Task lets you terminate a running enforcement task.
Terminate Task is only applicable to tasks with the status 'In progress'.
Completed status - is now displayed as either ‘Completed Successfully' or 'Completed with Errors’ to view the and filter the status of enforcement tasks more easily.
Added filter by status and filter by date to the Enforcement Task table.
- Refresh Space - Added the capability to update all of the charts in a dashboard space simultaneously.
- Cloud Asset Compliance - Excluding Rules - Multiple enhancements:
- You can exclude rules from being included when Cloud Compliance runs. You can exclude a rule on a single account, or on all accounts. Excluded rules will not be calculated on the selected accounts as part of the benchmark score.
- Added a new status - Excluded to the Benchmark Results table.
- The Comments field in the Rule Details Drawer has been renamed to Exclusions and Comments.
- Rules that are excluded appear in the Exclusions and Comments section.
New Adapters
The following new adapters have been added in this release:
- Atlassian Jira Software
- Atlassian Jira Software is a work management tool for various use cases, from requirements and test case management to agile software development.
- This adapter fetches the following types of assets: Users.
- baramundi
- baramundi provides organizations with cross-platform management of networked endpoints in IT and manufacturing environments.
- This adapter fetches the following types of assets: Devices.
- Nectus
- Nectus is a network discovery, monitoring and visualization software.
- This adapter fetches the following types of assets: Devices.
- Rapid7 InsightIDR
- Rapid7’s InsightIDR is a security center for incident detection and response, authentication monitoring, and endpoint visibility.
- This adapter fetches the following types of assets: Devices.
- Schneider Electric EcoStruxure IT
- Schneider Electric EcoStruxure IT provides software and services for IT and Data Center teams to monitor and manage critical IT infrastructure on-premise, in the cloud, and at the edge.
- This adapter fetches the following types of assets: Devices.
For more details:
- Explore the entire list of supported and integrated adapters.
- View the adapter enhancements in this release, under the Updated Adapters section in this article.
Adapters Interface Updates
The following updates have been made to the common functionality across all adapters:
- Added a new Actions menu with a Terminate Fetch option to the Adapters Fetch History page. Terminate Fetch lets you terminate Fetch for adapters.
- Terminate Fetch is only applicable to adapters with the status 'Fetch Started'.
- Fetch Terminated status was added to the list of statuses.
Dashboard Updates
The following updates have been made to the Axonius Dashboard:
Refresh Space - Added the capability to update all of the charts in a dashboard space simultaneously.
Field Segmentation Chart - Multiple enhancements:
Added a new Exclude adapters field to the Field Segmentation chart.
- This new option allows you to select one or more adapters that will not be included in the data used to create this chart.
- This new option allows you to select one or more adapters that will not be included in the data used to create this chart.
Added the capability to duplicate filter rows.
Added a new Use case-sensitive segmentation toggle button to the Field Segmentation chart.
- This new toggle button allows you to define whether case will be considered in the data used to create this chart.
- This new toggle button allows you to define whether case will be considered in the data used to create this chart.
Query Timeline Chart - Added a new Date Range Indication to the Query Timeline Chart.
Device and User Tables Interface Updates
The following updates have been made to the device and user table related capabilities in Axonius:
- Add Custom Fields
Adding Custom Fields has been made more streamlined.
From the Devices page, Action menu Add Custom Data was renamed to Add Custom Fields.
The Edit Fields button on the Adapter Connections tab on the Devices Profile page was renamed to Manage Custom Fields.
Added a new option to delete fields from a device.
- Copying a Link to Saved Queries
- You can now copy a link to a saved query from the Devices and Users pages and then share it with others.
- You can now copy a link to a saved query from the Saved Queries drawer on the Saved Queries page, and then share it with others.
- You can now copy a link to a saved query from the Devices and Users pages and then share it with others.
- Query Wizard - Field Comparison - You can now make a Field Comparison with a preferred field when you choose Aggregated in the Device drop-down box.
Enforcement Center Updates
The following updates have been made to the Axonius Security Policy Enforcement Center:
- Enforcement Tasks Page - Multiple enhancements:
- Added a new Actions menu with a Terminate Task option. Terminate Task lets you terminate a running enforcement task.
- Terminate Task is only applicable to tasks with the status 'In progress'.
- Completed status - is now displayed as either ‘Completed Successfully' or 'Completed with Errors’ to view the and filter the status of enforcement tasks more easily.
- Added filter by status and filter by date to the Enforcement Task table.
New Actions
Added the following Actions:
- Reset Users' Password - Added a new enforcement action called Reset User's Password under the Manage Microsoft Active Directory (AD) Services category.
- This new action causes Active Directory to prompt users to change their password the next time that they try to login to their system.
- This new action causes Active Directory to prompt users to change their password the next time that they try to login to their system.
Updated Actions
The following Actions have been enhanced:
- Create ServiceNow Asset - Added a new Create ServiceNow asset for each installed software checkbox to the Add Action dialog for this action.
- This new checkbox lets you select whether to create a new ServiceNow asset for each of the devices' installed software.
- If enabled, an asset will be created in ServiceNow also for each of the devices' installed software.
- If disabled, an asset will be created in ServiceNow only for the device.
- This checkbox is required.
- The default value for this checkbox is False.
Cloud Asset Compliance Updates
The following updates have been made to the Axonius Cloud Asset Compliance:
Excluding Rules - Multiple enhancements:
- You can exclude rules from being included when Cloud Compliance runs. You can exclude a rule on a single account, or on all accounts. Excluded rules will not be calculated on the selected accounts as part of the benchmark score.
- Added a new status - Excluded to the Benchmark Results table.
- The Comments field in the Rule Details Drawer has been renamed to Exclusions and Comments.
- Rules that are excluded appear in the Exclusions and Comments section.
General Enhancements
The following general enhancements have been made in Axonius:
- Login Page - Multiple enhancements:
The look and feel for the login page was updated.
The Login for LDAP and SSO has been redesigned so that the SAML/LDAP login buttons are side-by-side to the internal login.
The LDAP login flow has been updated.
It is now possible to add a custom message that will appear on the Login page.
Updated Adapters
The following adapters have been enhanced:
- Amazon Web Services (AWS) (Advanced Configuration File) - Multiple enhancements:
- Added a new roles_for_account_name option to the Advanced Configuration File field in the Add Connection dialog for this adapter.
- This new option is part of the key/value pairs that can be specified in the Advanced Configuration File.
- This option adds the 'Account name' to the AWS Organization data that is populated in every AWS device and user.
- Added a new fetch_roles_from_organization option to the Advanced Configuration File field in the Add Connection dialog for this adapter.
- This new option is part of the key/value pairs that can be specified in the Advanced Configuration File.
- This option allows the user to set a role in the advanced configuration that allows Axonius to discover all member accounts in an AWS Organization.
- Added a new roles_for_account_name option to the Advanced Configuration File field in the Add Connection dialog for this adapter.
- CloudHealth (Advanced Settings) - Multiple enhancements:
Added a new Fetch AWS accounts checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch AWS accounts.
- If enabled, all connections for this adapter will fetch AWS accounts.
- If disabled, all connections for this adapter will not fetch AWS accounts.
- This checkbox is required.
- The default value for this checkbox is False.
Added a new Fetch AWS RDS instance checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch AWS RDS instances.
- If enabled, all connections for this adapter will fetch AWS RDS instances.
- If disabled, all connections for this adapter will not fetch AWS RDS instances.
- This checkbox is required.
- The default value for this checkbox is False.
Added a new Fetch AWS VPC checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch AWS VPCs.
- If enabled, all connections for this adapter will fetch AWS VPCs.
- If disabled, all connections for this adapter will not fetch AWS VPCs.
- This checkbox is required.
- The default value for this checkbox is False.
Added a new Fetch AWS Load Balancer checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch AWS Load Balancers.
- If enabled, all connections for this adapter will fetch AWS Load Balancers.
- If disabled, all connections for this adapter will not fetch AWS Load Balancers.
- This checkbox is required.
- The default value for this checkbox is False.
Added a new Fetch AWS S3 bucket checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch AWS S3 buckets.
- If enabled, all connections for this adapter will fetch AWS S3 buckets
- If disabled, all connections for this adapter will not fetch AWS S3 buckets.
- This checkbox is required.
- The default value for this checkbox is False.
Added a new Fetch AWS NAT gateway checkbox to the CloudHealth tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch AWS NAT gateways.
- If enabled, all connections for this adapter will fetch AWS NAT gateways
- If disabled, all connections for this adapter will not fetch AWS NAT gateways.
- This checkbox is required.
- The default value for this checkbox is False.
Google Workspace (G Suite) (Advanced Settings) - Added a new Fetch user groups checkbox to the Google Workspace Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch user group memberships for each user from Google Workspace.
- If enabled, all connections for this adapter will fetch user group memberships for each user.
- If disabled, all connections for this adapter will not fetch user group memberships for each user.
NOTEFetching user group memberships requires an additional privilege to your Google Workspace (G Suite) admin account: https://www.googleapis.com/auth/admin.directory.group.readonly
- This checkbox is required.
- The default value for this checkbox is False.
Infoblox NetMRI (Connection Configuration) - Added a new Fetch Neighbors checkbox in the Add Connection dialog for this adapter.
- This new checkbox lets you select whether to fetch neighbor devices.
- If enabled, Axonius will fetch neighbor devices for this device.
- If disabled, the neighbor devices will not be fetched for this device.
- This checkbox is required.
- The default value for this checkbox is False.
KnowBe4 (Advanced Settings) - Added a new Ignore archived users checkbox in the Add Connection dialog for this adapter.
- This new checkbox lets you choose whether to fetch archived users from KnowBe4.
- If enabled, all connections for this adapter will fetch archived users from KnowBe4.
- If disabled, all connections for this adapter will not fetch archived users from KnowBe4.
- This checkbox is required.
- The default value for this checkbox is False.
Microsoft Defender ATP (Advanced Settings) - Added a new Fetch recommendations checkbox to the Defender ATP Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch security recommendations from Microsoft Defender ATP.
- If enabled, all connections for this adapter will fetch security recommendations data from Microsoft Defender ATP.
- If disabled, all connections for this adapter will not fetch any security recommendations data from Microsoft Defender ATP.
- This checkbox is required.
- The default value for this checkbox is False.
Microsoft Azure Active Directory (Azure AD) (Advanced Settings) - Added a new Fetch mobile devices checkbox to the Azure AD Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch mobile devices.
- If enabled, all connections for this adapter will also fetch mobile devices.
- If disabled, all connections for this adapter will not fetch mobile devices.
- This checkbox is required.
- The default value for this checkbox is True.
Netskope (Advanced Settings) - Added a new Fetch mobile devices checkbox to the Netskope Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch mobile devices.
- If enabled, all connections for this adapter will fetch also mobile devices.
- If disabled, all connections for this adapter will not fetch mobile devices.
- This checkbox is required.
- The default value for this checkbox is True.
Orca Cloud Visibility Platform (Advanced Settings) - Added a new Asset type exclude list field to the Orca Configuration tab in the Advanced Settings for this adapter.
- This new field lets you specify a comma-separated list of asset types.
- If supplied, all connections for this adapter will not fetch devices whose asset type is any of the comma-separated list of asset types that have been defined in this field.
- If not supplied, all connections for this adapter will fetch devices with any asset type.
- This field is optional.
- The default value for this field is empty.
Qualys Cloud Platform - Multiple enhancements:
- This adapter now fetches users as well as devices.
- Added a new Fetch users checkbox to the Qualys Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch user account date from Qualys.
- If enabled, all connections for this adapter will fetch user account data from Qualys.
- If disabled, all connections for this adapter will not fetch user account data from Qualys.
- This checkbox is required.
- The default value for this checkbox is False.
- Added a new Fetch QID CVE ID checkbox to the Qualys Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch additional CVEs for each QID in the vulnerability list from the next URL API.
- If enabled, all connections for this adapter will fetch additional CVEs.
- If disabled, all connections for this adapter will not fetch additional CVEs.
- This checkbox is required.
- The default value for this checkbox is False.
ServiceNow (Advanced Settings) - Multiple enhancements:
- Added a new Fetch upstream related Certificate information checkbox to the ServiceNow Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you select whether to fetch the certificate information of device assets from ServiceNow.
- If enabled, all connections for this adapter will fetch the certificate information of device assets from ServiceNow.
- If disabled, all connections for this adapter will not fetch the certificate information of device assets from ServiceNow.
- This checkbox is required.
- The default value for this checkbox is False.
- Added a new last_discovered' device field exclusively as 'last_seen' checkbox to the ServiceNow Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you define how to compute the 'last_seen" field in Service Now.
- If enabled, all connections for this adapter will compute the 'last_seen' field from the 'last_discovered' raw field, if this field does not exist 'last_seen' will not exist.
- If disabled, all connections for this adapter will use
max('last_discovered', ‘sys_updated_on’)
to compute last_seen. - This checkbox is required.
- The default value for this checkbox is False.
- Added a new Fetch users updated in ServiceNow in the last X hours' field to the ServiceNow Configuration tab in the Advanced Settings for this adapter.
- This new field lets you define how to fetch users in ServiceNow.
- If a value is set, all connections for this adapter will fetch only users seen in the last X hours.
- If not set, all connections for this adapter will fetch all users.
- This field is optional.
- The default value for this field is 0 which is all.
- Added a new Fetch only parsed fields for users checkbox to the ServiceNow Configuration tab in the Advanced Settings for this adapter.
- This new checkbox lets you define how to fetch users in ServiceNow.
- If False, all connections for this adapter will fetch all fields from ServiceNow, show them all in “view advanced” section and parse only the fields required.
- If True - only specific fields are brought.
- If disabled, all connections for this adapter will fetch all users.
- This checkbox is required.
- The default value for this checkbox is False.
- Added a new Fetch upstream related Certificate information checkbox to the ServiceNow Configuration tab in the Advanced Settings for this adapter.
Splunk - Moved the Splunk search macros list field and the Splunk installed software search macros list field from the Advanced Settings to the Add Configuration dialog on this adapter.
Tenable.io - Moved the Tag key whitelist field from the Advanced Settings to the Add Configuration dialog and renamed it Tenable.io Tags whitelist on this adapter.
Workday (Connection Configuration) - Added a new Fetch Events Effective X Days Forward field to the Add Configuration dialog for this adapter.
- This new field lets you enter a value to set an effective future date to ensure information about future hires is accurate.
- If a value is set, this adapter will fetch information relating to future events up to the number of days set in the future.
- If this field is left empty, this adapter will not fetch any information relating to future events.
- This field is optional.
- The default value for this checkbox is Empty.
Administrator Settings Interface Updates
The following updates have been made to the administrator settings in Axonius:
Global Settings - Added a new Number of enforcement tasks that can run in parallel field to the Global Settings under the Aggregation Settings section.
- This new setting lets you specify the number of enforcement tasks that can run simultaneously.
- This setting is required.
- The default value is 10.
- This new setting lets you specify the number of enforcement tasks that can run simultaneously.
GUI Settings - Added a new Custom Message field to the GUI Settings under Login Page Settings section.
- Custom Message - This new setting lets you define a custom message that will appear on the Login page.
- If supplied, the Login page will display that message on the Login page.
- If not supplied, the Login page does not display a custom message.
- The maximum number of characters a custom message can display is 3000 characters.
- This field is optional.
- The default value for this fields is empty.
- Custom Message - This new setting lets you define a custom message that will appear on the Login page.
Permission List - Added the following new permissions:
- View notifications permission in the System and User Management permission category.
- This new permission lets you select whether the role allows seeing the notifications on the system.
- If enabled, the users assigned to that role can see all system notifications.
- If disabled, the users assigned to that role will not be able to see system notifications.
- The default value for this permission is True for Admin and Viewer roles and False for Restricted and for No Access roles.
- Refresh Dashboard space permission in the Dashboard permission category.
- This new permission lets you select whether the role allows to refresh the dashboard space.
- If enabled, the users assigned to that role can refresh all charts in a dashboard space.
- If disabled, the users assigned to that role will not be able to refresh all charts in a dashboard space.
- The default value for this permission is True for Admin, Viewer and Restricted roles and False for the No Access role.
- Terminate connection permission in the Adapters permission category.
- This new permission lets you select whether the role allows terminating the Fetch process for selected adapters on the system.
- If enabled, the users assigned to that role can terminate Fetch for selected adapters.
- If disabled, the users assigned to that role will not be able to terminate Fetch for selected adapters.
- The default value for this permission is True for Admin roles and False for Viewer, Restricted and for No Access roles.
- Manage Exclusions and Comments permission in the Cloud Asset Compliance permission category.
- The Manage Comments permission was renamed to Manage Exclusions and Comments.
- This updated permission lets you select whether the role allows adding, editing and deleting exclusions and comments for compliance rules for selected accounts on the system.
- If enabled, the users assigned to that role can manage exclusions and comments for selected accounts on the system.
- If disabled, the users assigned to that role will not be able to manage exclusions and comments for selected accounts on the system.
- Terminate Enforcement Tasks permission in the Enforcement Center permission category.
- This new permission lets you select whether the role allows terminating enforcement.
- If enabled, the users assigned to that role can terminate enforcement tasks.
- If disabled, the users assigned to that role will not be able to terminate enforcement tasks.
- The default value for this permission is True for Admin and Viewer roles and False for Viewer, Restricted and No Access roles.
- View notifications permission in the System and User Management permission category.