まっちゃだいふくの日記

セキュリティのこと、ITの気になった記事をリンクしています。

EdgeIPS Pro 1.2.11 公開のお知らせ:サポート情報 : トレンドマイクロ@ 新機能と累積修正対応

EdgeIPS Pro 1.2.11 公開のお知らせ:サポート情報 : トレンドマイクロ

EdgeIPS Pro 1.2.11 を以下の通り公開いたしました。

■公開開始日
2021年09月30日 (木)
■新機能
EdgeIPS Pro 1.2.11 の新機能等につきましては Download Center よりダウンロードできる Release Note(英語)をご覧ください。
■入手方法
Download Center からファームウェア更新用パッケージをダウンロードすることができます。

■導入手順
導入手順につきましては Online Help Center からダウンロードできる管理者ガイド(英語)をご参照ください。
■製品サポート
製品に関してご不明な点がございましたら、製品をご購入された販売代理店までお問合せください。

サポート情報 : トレンドマイクロ

A. New Features

  • [IPS Pattern] Download release notes
  • [IPS Pattern] Download rules meta
  • [System Page] Add a time series chart of network traffic bandwidth
  • [System Page] Add per-port connection status
  • [System Page] Add per-port stats
  • [Antivirus Pattern] Download release notes
  • HA LED turns on when HA is enabled and turns off when HA is disabled.
  • [Protocol Filter] Protocol support by signature update
  • Streaming Antivirus Detection
  • Network visibility enhancement(MAC OUI)
  • SNMP modification(SysID)
  • Add Mitre ID (TID)
  • Bandwidth utilization widget (In/outbound/transmission quality (Session/Packet)
  • EdgeIPS/EdgeFire//EdgeIPS Pro client UI (From ODC to Device)
  • Default IPS profile
  • Viewer access permission change- available for enable packet capture
  • meta info download in IPS Rule
  • Release note download in the pattern update page
  • Support CLI cmd

B. Improvement

  • Modify the audit log message of antivirus file exceptions.
  • [All][FileExceptions] Change the wording from "Exception Files" to "File Exceptions"
  • Add disk info to diag tarball
  • Add 'reset asset' command in debug vshell
  • Support NVME disk commands in x86_64 platform of debug
  • [AVDB] Limit the maximum number of SHA1 records.
  • Collect device status periodically
  • [Real Time Session Status][Dashboard] Suggest to adjust the circle's size
  • [Bandwidth Utilization][Dashboard] Suggest to adjust the location of "0"
  • [Syslog] Modify the name of available logs.
  • Reorg Asset Search Flow
  • [Pacp] Allow viewer to download pcap files
  • [Port Security] layout broken
  • [Signature Info] Add a new field for mitre techniques
  • [System/Audit Log] Modify some messages.
  • [Policy Ruleset] Remove Advanced Action
  • Port Security – Support batch update
  • [Port Status] Change "hwBypassEnabled" to "forceOpen"
  • Support more USB disks (Industrial grade vendors: Innodisk and Apacer)

C. Bug Fix

  • The Word in Create Policy Enforcement Rule Screen could not be Appropriate
  • [IPS][mgmtplane]fatal error: runtime: out of memory
  • Hostname could not display successfully.
  • When user incorrectly use wrong port and switch back, some asset still appears and won't age out.

D. Known issue

  • Win10 SMB client
    • When using Win10 SMB client to connect to a SMB server, just browsing the folder could generate some file filter logs
      • The windows' SMB client will download partial contents of files even if users don't download them
        • [File Filter]Show others file name via SMB protocol
    • When Win 10 SMB client tries to copy a file from SMB server, the client might issue the read request command twice for the same file but with different file Id / uuid
    • When Win 10 SMB client tries to delete a file from SMB server, it will also create file filter log
  • [IPS] Cannot apply new rules in default pattern for dataplane to inspect traffic
  • After switch standby partition not upgraded partition, if “Management Method” is different from running partition (ex: HTTP,HTTPS) then login page will not be redirect correctly.
https://files.trendmicro.com/documentation/Trend_Product/TXone_Networks/EdgeIPSPro/IPSP_1.2.11/TXOne%20EdgeIPS%20Pro%20Release%20note_V1.2.11.pdf