Firewall Analyzer - Readme

  • Release Overview

    1. 12.8 Build 12.8.401 - October 25, 2024

      Issues Fixed:

      1. General : Previously, in versions 128399 and later, there was an issue while restoring backup data. This issue has now been fixed.

      New features and Enhancements:

      1. General: Failover support is now extended to Linux environment as well with MSSQL and Remote PgSQL databases.
      2. General: Failover now allows configuration across multiple subnets, with new connection type: Virtual Hostname (usable for both the same and different subnets).
    2. 12.8 Build 128400 - October 17, 2024

      New features and Enhancements:

      1. SupportIDs : 9813975, 9865372, 9258121, 10316973 : Rule Exclude support for all Rule Management reports has now been introduced.

      Issues Fixed:

      1. SupportIDs : 10374606 - Disabled rules in firewalls were incorrectly included in the Risky Rules report in Firewall Analyzer. This issue has now been resolved.
      2. SupportIDs : 10412280 - Security Audit report displayed a blank page when the device display name was modified. This issue has now been resolved.
      3. SupportIDs : 10064013 - Fortigate Anomaly fix: ICMP services in rules were previously excluded from anomaly report generation. This issue has now been resolved.
      4. SupportIDs : 10294664 - Previously, there were issues in handling of preemptive action inputs during CLI connections for SonicWall firewalls. This has been fixed now.
      5. SupportIDs : 10324242 - Device rule commands were not properly executed due to issues with pager commands. This has now been fixed.
      6. SupportIDs : 10013330 - Tunnel interfaces in Fortigate firewalls can now be utilized in rule definitions under Rule Administration.
      7. SupportIDs : 10462252 - Rule failures on Cisco Meraki devices occurred when multiple organizations were managed under a single authentication token. This issue has now been resolved.
      8. SupportIDs : 10013330 - Using the Fortigate interface alias name in rule definitions caused an error in Rule Administration. This issue has been fixed, and the actual interface name is now used in rule definitions.
      9. SupportIDs : 9883807 - Fortigate VDOM - Rule Administration CLI fix: CLI connections for VDOMs are now established using root credentials.
      10. SupportIDs : 9585304 - Device rule API actions failed because of the API token size limit. This issue has been resolved.
    3. 12.8 Build 128344 - September 10, 2024

      Issues Fixed:

      1. The Policy Optimization report was not loading correctly when using the 'Fetch Config' option. This issue has now been resolved.
      2. Previously, due to an issue, the total count of NAT rules was inaccurately displayed on the Overview page for Device Group cases. This has now been fixed.
    4. 12.8 Build 128333 - August 30, 2024

      New features and Enhancements:

      1. Now, Firewall Analyzer supports 'Risky Rules' report for all supported firewall devices.
      2. SupportIDs : 9641762 : A new consolidated 'Rule Management Executive Summary' report is available for devices and device-groups.
      3. SupportIDs : 9750248 - Schedule support for Rule Expiry, Risk and NAT rules report for device-groups is now available.
      4. SupportIDs : 10115740 - Rule Expiry support for Cisco, Firepower and SRX devices has now been introduced.
      5. SupportIDs : 9799567, 7587170, 10009948 - You can now generate Rule change history report for all firewalls.
      6. SupportIDs : 9789895, 5808266 - Customers can now monitor specific rule changes with new alert options.
      7. SupportIDs : 9789895, 8669414 - Support for rule-based change management notifications alongside existing version-based change management notifications.
      8. SupportIDs : 6380438 - Firewall Analyzer will now trigger an additional alert with the subject 'Syslog Monitoring Alert: Firewall Availability Back to Normal' if the customer has configured 'Availability Alerts' and all firewalls have resumed receiving syslogs.
      9. SupportIDs : 9735534 - If the syslog contains 'Source Hostname' information, it will be displayed in the reports by default. However, if the customer prefers to view the reports using 'Source IP,' a hidden option is available to switch to 'Source IP.' This feature allows you to view reports with either 'Source Hostname' or 'Source IP' for future syslog data.

      Issues Fixed:

      1. SupportIDs : 10195524 - The SonicWall rule change count was not functioning correctly in the change management report. This issue has now been resolved.
      2. SupportIDs : 9931186 - Custom-created object entries have been removed from the security audit report.
      3. SupportIDs : 9931186 - The issue with data inaccuracies in HTTP enabled/disabled details in the security audit report for Clavister devices has been resolved.
      4. SupportIDs : 9931186 - The issue with inaccuracies in logging status data for Firepower security rules has been resolved.
    5. 12.8 Build 128319 - July 30, 2024

      Issues Fixed:

      1. SupportID : 9946191 - The Syslog parsing issue for the F5 Firewall device has now been resolved.
      2. SupportID : 10086321 The Syslog parsing issue for the Squid proxy device has been resolved.
      3. SupportID : 10078118 - Syslogs with subtype="anomaly" should be considered as "Attack events." This issue has now been addressed.
      4. SupportID : 10107063, 9644651 A duplicate device was added for the Fortigate Firewall in the HA and VDOM case. This issue has now been resolved.
      5. SupportID : 9707505, 9976041 - An error occurred while running the registerWithAdminServer.bat script. This issue has now been fixed.
      6. SupportID : 9962547, 10084072 - The Firepower device was added with a ":" due to a Syslog parsing issue. This has now been fixed.
    6. 12.8 Build 128262 - June 19, 2024

      New Features and Enhancements:

      1. SupportID : 9381579 - Support for NAT Rules, Risky Rules and all RuleManagement and Compliance reprots has been extended for Clavister - Netwall and NetShield devices.
      2. SupportId : 8376475 - Firewall Analyzer now supports a new GSMA (Global System for Mobile Communications) compliance standards report for all firewalls.
      3. SupportID : 9450364 - The option to configure a 'Footer image' in PDF files is now available.
      4. SupportID : 8660934 - The option to set a 'Custom Rowcount' for each 'Report Profile' schedule is now available.
      5. SupportID : 9750248 - A scheduling option has been added for 'Device Groups' in Policy overview and anomaly reports.
      6. Customers can now use the 'Log Search' option under the Support > Logs page to debug or view log prints in any files from the 'logs' folder.
      7. Now, the PCI-DSS compliance report has been upgraded to the latest PCI DSS Version 4.0.
    7. Issues Fixed:

      1. SupportID : 9381629 - The parsing issue with SonicWall configurations, which occurred when Service and ServiceGroup objects had the same names, has been resolved.
      2. SupportID : 9172945 -A parsing issue in Palo Alto devices caused 'Logging Enabled Rules' to be incorrectly displayed as 'logging disabled.' This issue has now been fixed.
      3. SupportID : 9172945 - 'Destination objects' defined with country codes are now correctly parsed for Palo Alto devices.
      4. SupportID : 9739928 - The parsing issue with ISDB objects on Fortigate devices has been fixed.
      5. SupportID : 9895870 - Security Audit schedules were disabled, the scheduled emails were still being received. This issue has now been resolved.
      6. SupportID : 9565250 - The 'localhost' URL has been updated with the proper hostname in both scheduled and on-demand export reports.
      7. SupportID : 9731259 - The issue of being unable to generate a standards report for Cisco Meraki devices has been resolved.
      8. SupportID : 9612230 - The display issue with "Assigned IP" in VPN Reports, caused by syslog parsing problems in SonicWall Firewalls, has been successfully resolved.
      9. SupportID : 9930095 - The syslog parsing issue in URL logs for Juniper SRX firewalls has been resolved.
      10. SupportID : 9945420 - The timestamp parsing issue in Squid device syslog has been rectified.
      11. SupportID : 9936955 -The issue with syslog parsing in the "Protocol" field for Barracuda firewall resulted in reports not populating. This issue has been resolved.
      12. SupportID : 9983972 - The issue with updating the interface speed for interfaces containing the "/" symbol in their names has been resolved.
      13. SupportID : 9677444 -The Syslog parsing issue in Cisco Firepower devices led to the addition of duplicate devices. This problem has been rectified.
      14. SupportID : 9946191 - The syslog parsing issue in F5 Firewall devices has been resolved.
      15. SupportID : 9703593 - The issue of slowness in syslog parsing for Squid device logs has been resolved.
      16. SupportID : 9826877 - Previously, the devices of converted probes running on the MSSQL database had issues syncing with the central server. This has now been fixed.
    8. 12.8 Build 128249 - May 31, 2024

      New Features and Enhancements:

      1. Added a 'Task Audit' feature that logs all task level changes within the Firewall Analyzer software.

      Issues Fixed:

      1. Support ID: 9641762 - Previously, Cisco Meraki had a device rule parsing issue. This has now been fixed.
    9. 12.8 Build 128247 - May 14, 2024

      Security Issue Fixed:

      1. General: Previously, CSRF vulnerability (ZVE-2024-1132) was detected where the external users were able to utilize the network tools without authentication to perform ping or SNMP ping on network devices. This has now been fixed. (Reported by Jayateertha Guruprasad).
    10. 12.8 Build 128236 - April 26, 2024

      New Features and Enhancements:

      1. Support ID : 9685842, 9704305 - Risk Analysis support has been extended for Cisco & FirePower devices.
      2. Support ID : 9671474 - "Source MAC Address" is available in FortiGate syslog. Firewall Analyzer now provides an option to show the "Source MAC Address" instead of "Source IP Address" in Reports and RAW search report.
      3. Support ID : 9446760 - Now, customers can map "Multiple IPAddress" for single user in 'Manual Mapping' under 'Username-IP Mapping' settings.
      4. Support ID : 9770587 - Source Country and Destination Country values have been included in "Alarm Notification Mail" message now.

      Issues Fixed:

      1. Support ID : 9487881 : Standards Compliance reports now support the 'send-syslog' field for Palo Alto devices.
      2. Support ID : 9270699 : Previously, Palo Alto has API login issues when the password had special characters. This has been fixed.
      3. Support ID : 9468495 : Previously, there were issues in generating scheduled raw search reports with custom time. This has been fixed.
      4. Support ID : 9148646 : Unresolved object parsing issue for SonicWall device has been fixed.
      5. Support ID : 9100321 : Sophos UTM Policy Optimization report was not working properly. This issue is fixed now.
      6. Support ID : 9262633, 9446760, 9537893, 9494986, 9677444 - Previously, Active Directory was not added under "Username IP Mapping". This issue has been fixed now.
      7. Support ID : 9612474 - Rulename parsing issue in Sophos XG firewall has been fixed.
      8. Support ID : 9687900 - Previously, URL information was not displayed in the Alarm mail. This issue has been fixed now.
      9. Support ID : 9843348 - Duplicate device addition issue in WatchGuard firewall has been fixed.
      10. Config backup schedule was not working when we changed the device display name value. This issue is fixed now.
      11. Anomaly findings were not properly generated in the 'Impact Analysis' report. This issue is fixed now.
      12. 'Associated Rules' drill down in 'Objects Overview' page for Firepower device is not working properly. This issue is fixed now.
      13. Previously, WatchGuard Policy Parsing took a long time. We have optimizing some parser code and fixed this issue.
    11. 12.8 Build 128181 - March 15, 2024

      New Features and Enhancements:

      1. NAT rules support for pfSense devices.
      2. ISDB Objects are now considered for anomaly calculations of FortiGate devices.
      3. Support ID: 8850292, 8123291, 9092816 - Alert feature support for the Rule Management reports with template based notification.
      4. Support ID: 9599027 - Rule Administration support for VDOM devices added in Device Groups.
      5. Support ID: 9189213 - Application field support for FirePower devices in Rule Management reports.
      6. Support ID: 9508405 - Real time change management trigger based on Add, Edit and Delete actions for FortiGate firewalls.
      7. Support ID: 8043527 - Source and Destination port based criteria option in 'RAW Search' reports.
      8. Support ID: 9589785 - We now support a new timestamp format for F5 BIG-IP Firewalls.

      Issues Fixed:

      1. Support ID: 9450988 - Sophos XG - The issue of credential validation failure has been fixed in the Device Rule page.
      2. Support ID: 9585625 - Check Point device rule API access issue fixed.
      3. Support ID: 8580609 - Real time configuration fetch for MikroTik devices is supported considering the user logout entry available in the syslog.
      4. Support ID: 9270699 - Palo Alto sub interfaces not displayed in Standards page - Network Details tab.
      5. Support ID: 9516359 - pfSense 'Shell option' issue has been fixed.
      6. Support ID: 9498814 - Events are not cleared when we click 'Clear Alarm' under Alarm Profiles. This issue is fixed.
      7. Support ID: 9529733 - Syslog parsing issue in WatchGuard firewall is fixed.
      8. Support ID: 9450364 - Rebranding under General Settings is not working properly for 'Firewall Reports'. This issue is fixed.
      9. Support ID: 9565250 - PDF export is not working, if 'localhost' is used. This issue is fixed.
      10. Support ID: 9446592 - The issue of FortiGate address group creation in the case of selecting 150+ member objects was fixed in the Rule Administration page.
      11. Support ID: 9655736 - SOC 2 TYPE II standard report schedule was not working. Fixed the issue.
      12. General: Previously there was an issue in PGSQL to MSSQL migration due to data discrepancies in FirewallRecords table. This issue is fixed.
    12. 12.8 Build 128151 - January 24, 2024

      New Features and Enhancements:

      1. Support ID: 9198940 - CJIS compliance standards report supported for all firewalls.
      2. Support ID: 9198940 - CIS Critical Security Controls v8 compliance standards report supported for all firewalls.
      3. Support ID: 9330410 - XLS and CSV export option have been provided for all widgets in 'Risk Analysis' report pages.
      4. Support ID: 9225764 - Cisco provided new Syslog ID '199017' for Admin event is supported.
      5. XLS and CSV on-demand mail option made available for all widgets in Risk Analysis reports.
      6. PDF export of Rule table under 'Risk Analysis' page is enhanced to show all drill down details.

      Issues Fixed:

      1. Support ID: 9368520 - Security Audit report generation failed for FirePower device. This issue is fixed.
      2. Support ID: 9384877, 9270699, 9239088 - VDOM devices mapping handled properly to resolve the issues in adding the device rule.
      3. Support ID: 9110989 - Garbled characters in device name field of FortiGate syslogs causes duplicate device addition. Need to validate the device name field to avoid duplicate device addition. This issue is fixed.
      4. Support ID: 9222152 - VPN syslog parsing issue related to Session duration for SonicWall firewall. This issue is fixed.
      5. Support ID: 9424640 - Failed VPN user report showing IP as '0.0.0.0' eventhough the syslog contains the IP address. This issue is fixed.
      6. Support ID: 9264636 - URL syslog paring issue in Juniper SRX firewall. This issue is fixed.
      7. FirePower device unassigned objects report shows incorrect object details. This issue is fixed.
      8. FirePower firewall device rules related to parsing issue fixed.
    13. 12.8 Build 128100 - January 17, 2024

      New Features and Enhancements:

      1. NAT Rules support for Palo Alto, FortiGate and SonicWall devices.
      2. Informative pages related to Firewall Analyzer’s add-on trial is now displayed in the OpM, OpM Plus and OpM-EE 'Firewall Log Analysis' modules.
      3. General: Accessing the RestAPI via the Api key in the request parameter, is currently being deprecated and will be removed in a future release. Users with existing integrations using apiKey in the request parameter are advised to migrate the apiKey in the request headers to avoid any future impact.

      Issues Fixed:

      1. Support ID: 8188533, 8346926, 8205452, 7944452, 9156474 - Palo Alto device managed by Panorama cases, pushed and shared configuration based rule management report data population changes included.
      2. Support ID: 9172945 - Check Point REST API access code has been updated to handle timeout cases.
      3. Support ID: 8580609 - For MikroTik devices, SNMP status in Security Audit report and rule parsing is done.
      4. Support ID: 9156474 - Watch Guard Policy Optimization report issue is fixed.
      5. Support ID: 9203532 - Issue in Cisco Router Rule parsing is fixed.
      6. Support ID: 9225764 - Issue in FirePower Rule parsing is fixed.
      7. Support ID: 9227849 - SonicWall API based device rule action not working issue fixed.
      8. Support ID: 9294725 - Cisco Router schedule configuration fetch not working issue fixed.
      9. Support ID: 9164723 - On demand PDF export and mail generated file in Linux machine is larger in size. This issue is fixed.
      10. Support ID: 8824909 - The XLS report exported on the Object Usage page is not similar to the PDF report exported. This issue is fixed.
      11. Support ID: 9156046 - Unable to open a report downloaded from the 'Last Generated Report' on the Custom Report page.
      12. Support ID: 9164641 - Unable to export an XLS report on the Expiry Notification page, and a span tag is shown in the CSV file exported. This issue is fixed.
      13. Support ID: 9164876 - Unable to export an XLS report on the Object Usage page, and Japanese translation was missing in the exported CSV file. This issue is fixed.
      14. Support ID: 9165331 - The colors of the Risk Level do not match with the colors used in the chart on the Risk Analysis page. This issue is fixed.
    14. 12.7 Build 127261 - December 22, 2023

      Security Issue Fixed:

      1. General: The Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.
    15. 12.7 Build 127260 - December 11, 2023

      Security Issue Fixed:

      1. Previously, path traversal vulnerability [CVE-2023-47211] (https://nvd.nist.gov/vuln/detail/CVE-2023-47211) was detected for MIB browser. This issue has now been fixed by implementing path sanitization, ensuring a new MIB is stored exclusively under the 'OpManager/mibs' directory.
    16. 12.7 Build 127257 - October 20, 2023

      New Features and Enhancements:

      1. Enterprise : Firewall EE summary dashboard is now available in OPM EE Lite Central Edition and OPMPLUS Enterprise Edition.

      Issues Fixed:

      1. Support ID: 9225764, 8857354 - Issue while adding DeviceRule due to banner prompt and banner input has been fixed.
    17. 12.7 Build 127244 - September 28, 2023

      New Features and Enhancements:

      1. Support ID: 8306567, 8317051, 8612227 - 'Rule Change History Reports': Customers can find out who made, what operation, (add, modify, delete) and when on any of the firewall rule during various time periods and the trend.
      2. Support ID: 8887965 - 'Rule Management reports' (Policy Overview, Optimization, Change Management, Security Audit, Config Backup) are now supported for Cisco Routers.
      3. Support ID: 8948139 - 'Risk Analysis report' is now supported for Palo Alto firewalls.
      4. Support ID: 8580609 - Policy Optimization support for MikroTik devices.
      5. Support ID: 8399927 - 'Allowed URL' report is now supported for Huawei firewalls.
      6. Support ID: 8948139 - SOC-II Compliance support is now available for all firewalls.
      7. Support ID: 9079992 - 'Risk Analysis report' complete export has been provided while selecting 'Show by Risk' option from UI.
      8. Support ID: 8948139 - Option to customize the report name and description for all Standards/Compliance reports.
      9. Support ID: 8910202 - 'Policy Optimization report' population is considered with different accept and deny actions like 'deny', 'drop', 'reject' and 'accept', 'allow', 'permit' for different vendor cases.
      10. Firewall Analyzer server's disc space information (Total disk space, Free disk space, Table size in GB and redirection to cleanup settings) is shown as warning in 'Change Management report' page when the installation folder goes below the configured one to avoid disk full issue.

      Issues Fixed:

      1. Support ID: 8601828, 8814706 - Fixed the Cisco Firepower rules count mismatch issue comparing with the vendor GUI.
      2. Support ID: 8808655, 8797006 - Unable to add user in 'Probe server' while selecting multiple firewalls. This issue is fixed.
      3. Support ID: 8605633 - Fixed the Sophos XG device rule data population issue.
      4. Support ID: 8705545 - Fixed the Cisco device rule data population issue.
      5. Support ID: 8956460 - Fixed the issue with device rule commands executed in the reverse order randomly.
      6. Support ID: 8949016 - Fixed the Palo Alto firewalls device rule data parsing issue.
      7. Support ID: 8925777 - Firepower detected as Cisco firewall due to timestamp parsing issue.This issue is fixed.
      8. Support ID: 5945358 - Bandwidth Alert GUI made to look similar to the Email notification from Firewall.
    18. 12.7 Build 127198 - September 11, 2024

      Issues Fixed:

      1. Firewall: Support ID : 9843348 - Duplicate device addition issue in WatchGuard firewall has been fixed.
      2. Firewall: Support ID : 9945420 - The timestamp parsing issue in Squid device syslog has been rectified.
      3. Firewall: Support ID : 9851397 - If we import Configuration file with text file format while adding the device-rule, It is not working. This issue is fixed now.
      4. Firewall: Support ID : 9891222 - The issue with the object details link not being shown for an object in SRX has been fixed.
      5. Firewall: Support ID : 9655565 - The issue with the Watchguard optimization page loading has been fixed.
      6. Firewall: Support ID : 9810936 - The "processing many requests" error that occurred when importing logs via a remote host has been resolved.
      7. Firewall: Few I18N key values updated as per Japan team request.
      12.7 Build 127187 - August 18, 2023

      New Features and Enhancements:

      1. SupportID : 8846697 - Rule Expiry Notification feature support extended for PFsense firewall.
      2. SupportID : 8846697 - Rule Tracking ID is now displayed in Policy overview & Cleanup reports for Pfsense firewall.
      3. SupportID : 8856344 - Real-time change detection based on "Install policy" syslog is now supported for Checkpoint firewalls.
      4. SupportID : 8784836 - Translated source IP, Translated source port, Translated destination IP, Translated destination port information are parsed in Sonicwall enhanced syslog format and these details are showing in RAW search report.
      5. SupportID : 8958939 - In Custom reports, we were previously showing "Resource name" for newly added Report types. It has been replaced with "Display name".
      6. Multibyte characters support is now available for all user specific input report pages.
      7. Enterprise : Now, Firewall EE summary dashboard in the OPM-Enterprise Edition "Scalability & Unified-Console" modes has been made available with Firewall add-on data.

      Issues Fixed:

      1. SupportID : 8918114 - Incorrect logging disabled rules were displayed in security audit report of Firepower device. This issue is fixed now.
      2. SupportID : 8909486 - For Netscreen firewalls, even when device rule is success, no data is displayed for policy overview and policy optimization. This issue is fixed now.
      3. SupportID : 8846697 - All Objects were displayed under Rule cleanup - unassigned objects report for Pfsense firewall. This issue is fixed now.
      4. SupportID : 8757385 - NIST section 2.10.1 is showing Failed for Fortigate firewall even when it has explicit deny rules. This issue is fixed now.
      5. SupportID : 8965053 - VPN sessions report showing "Total bytes" as 0 MB for all VPN transaction for Sonicwall firewall. This issue is fixed now.
      6. SupportID : 8885931 - Audit Logs report is empty for Sophos XG firewall due to parsing issue. This issue is fixed now.
      7. SupportID : 8901512 - Active VPN Users Report showing empty under Device summary page in Inventory for Checkpoint firewalls. This issue is fixed now.
      8. SupportID : 8846697 - pfSense device rule parsing issue has been fixed.
      9. SupportID : 8996020 - VPN parsing issues in Barracuda firewalls has been fixed.
      10. SupportID : 8977066 - Unable to generate standards report in some specific cases. This issue is fixed now.
    19. 12.7 Build 127142 - January 04, 2024

      Security Issue Fixed:

      1. General : Now, the Maverick package has been updated to version 1.7.56 in response to CVE-2023-48795.
    20. 12.7 Build 127131 - July 18, 2023

      New Features and Enhancements:

      1. Optional FIPS compliance mode can be enabled for fresh installations from version 12.7.131.
    21. 12.7 Build 127130 - July 05, 2023

      New Features and Enhancements:

      1. Support ID: 8734240 - New device support: Barracuda Web Application Firewall (WAF).
      2. Support ID: 8580609 - Rule Management and Compliance support for 'Mikrotik' firewalls using CLI.
      3. Support ID: 8813703 - Auth token based 'Device rule' support is provided for FortiGate firewalls to generate Rule Management and Compliance reports.
      4. Support ID: 8828880 - XLS and CSV export options provided for 'Rule Expiry' reports.
      5. Support ID: 8747495 - New 'Proxy server settings' page is introduced under 'Settings' tab.
      6. Support ID: 8736773 - Translated source IP, Translated source port, Translated destination IP, Translated destination port details are included in RAW search report.
      7. Support ID: 8751288, 7920841 - Option to delete the configuration version data from database is provided to manage the hard disk optimally.
      8. Support ID: 8359204, 8674177 - New 'Device Group' based Rule Management and Compliance Report support for multiple firewalls.
      9. Support ID: 8674177, 8741045 - Customers can push 'Network objects' and 'Security rules' to multiple firewalls simultaneously.
      10. Support ID: 8035530, 8583897, 8010805 - Rule and Object search across firewalls.

      Usability Enhancements:

      1. Compliance Standards summary and details page has been revamped for better usability.
      2. All graphs shown under 'Reports' and 'Rule Management' tabs are now loaded with 'Data labels' for all charts types (Bar, Line, and Area).

      Issues Fixed:

      1. Support ID: 8608159 - Admin log parsing issue for SonicWall firewalls. This issue is fixed.
      2. Support ID: 8789522 - VPN syslog parsing issue for OPNsense firewall is fixed.
      3. Support ID: 8832821 - Unable to save the 'Archived files' in collector server of Firewall Analyzer Enterprise edition. This issue is fixed.
      4. Support ID: 8683616 - Device delete from the 'Inventory snapshot' page is not properly deleting the manual device add entries. This issue is fixed.
      5. Support ID: 8824909 - Exported data of 'Object Usage report' in XLS, PDF, and CSV formats is not matched which is populated under 'Rule Management > Optimization' page. This issue is fixed.
      6. Support ID: 8737441 - User specific filter is not applied properly in 'Custom Report' for Active VPN users and VPN sessions report.This issue is fixed.
      7. Support ID: 8774945 - VPN type showing as 'SSL VPN' for all VPN sessions by default for Sophos XG firewalls. This issue is fixed to show the proper VPN type (i.e., SSL VPN or IPsec VPN).
      8. Support ID: 5982896 - Hourly Trend Comparison reports of 'Traffic trend report', 'Event trend report' and 'Protocol trend report' are not showing the data in the correct order. This issue is fixed.
      9. Support ID: 8837110 - Username value having more than 200 characters for few users when we fetch from Active Directory. So this value is skipped for proper reporting.
      10. Support ID: 8733217 - Byte value in IPsec tunnel traffic syslog is huge, because it is accumulated value. Now the 'Byte' calculation for IPsec tunnel traffic is properly handled.
      11. Alarm generation stopped working after sometime due to an internal issue. This issue is fixed.
      12. Support ID: 7881006 - Firewall Dynamic option has been removed under Device Snapshot settings.
    22. 12.7 Build 127124 - January 04, 2024

      Issues Fixed:

      1. Support ID: 8816473, 9156166, 9164551 - The Japanese translation wasn't working for few tabs, values were shown in English. This issue is fixed.
      2. Support ID: 9157136 - When enabling the config backup schedule, the success message shown as 'disable' has been fixed.
      3. Support ID: 9164579, 9156194 - Japanese translation was missing for Duplicate Objects tab name and the Rule Admin enable option while creating Administrator privilege user in User Management. This issue is fixed.
      4. Support ID: 8824909 - The XLS report exported on the Object Usage page is not similar to the PDF report exported.This issue is fixed.
      5. Support ID: 9156046 - Unable to open a report downloaded from the 'Last Generated Report' on the custom report page. This issue is fixed.
      6. Support ID: 9164641 - Unable to export an XLS report on the Expiry Notification page, and a span tag is shown in the CSV file exported. This issue is fixed.
      7. Support ID: 9164876 - Unable to export an XLS report on the Object Usage page, and Japanese translation was missing in the CSV file exported. Both issues are fixed.
      8. Support ID: 9165331 - The colors of the Risk Level do not match the colors used in the chart on the Risk Analysis page. This issue is fixed.
      9. Support ID: 9164723 - Compliance Standards report export and on-demand mail failed on Linux machines when the generated PDF file is larger in size. This issue is fixed.
      10. Support ID: 8747495 - Proxy server settings has been added now in General settings.
      11. Support ID: 8664950 - The import of Protocol group files failed when the file size was greater than 50 KB. This issue is fixed.
      12. Support ID: 5982896 - The Hourly and Weekly trend comparison graphs of the 'Traffic Trend Report,' 'Event Trend Report,' and 'Protocol Trend Report' were not displaying the data in the correct order. This issue is fixed.
      13. Exporting the raw logs report in the Raw search custom report failed. This issue is fixed.
    23. 12.7 Build 127101 - May 11, 2023

      New Features and Enhancements:

      1. Support ID: 6540464, 7494865, 8186738 - Risky rules analysis and reporting for FortiGate firewalls.
      2. Support ID: 8627050 - SSL VPN log Report is now supported for Cisco Meraki firewalls.
      3. Support ID: 8634992 - New timestamp format is now supported for pfSense firewalls.
      4. Webhook integration has now been added to Firewall Analyzer's Notification Templates. With this, users can configure Webhook calls to be made based on certain trigger criteria.
      5. Empty email subject has been replaced with report name for 'Send Mail' options in Inventory, Reports, Rule Management and Standards report pages

      Issues Fixed:

      1. Support ID: 8743128 - pfSense firewall's 'Policy Overview' report shows wrong interface name. This issue is fixed now.
      2. Support ID: 5982896 - Weekly trend comparison reports of 'Traffic trend report' and 'Event trend report' is not showing the data in the correct order. This issue is fixed now.
      3. Support ID: 8638646 - VPN syslog parsing issue in Check Point Log Exporter CEF format is fixed now.
      4. Support ID: 8608159 - Parsing issue of SonicWall device is fixed to populate the report under Admin Reports > Successful Login.
      5. Support ID: 8605633 - Parsing issue in the Sophos XG configuration file have been fixed.
      6. Support ID: 8523005 - Policy overview report is not populated for FortiGate devices due to 'null' value in ISDB service data is fixed.
      7. Support ID: 8297281 - VPN type showing 'SSLVPN' for all VPN session by default for SonicWall firewall. This issue has been fixed to show the proper VPN type (i.e. SSLVPN or IPsec VPN).
      8. Support ID: 8698521 - In Alarms, we are showing the Resource name in Alarm pop-up and Alarm Mail. Now, we are showing the Display name of the device in Alarm pop-up and Alarm Mail.
      9. Support ID: 8670029 - After applying the extended license, unable to add more than two devices manually during the evaluation period. This issue has been resolved.
      10. Support ID: 8666012 - Login prefix handling changes done for 'Device Rule' configuration for CLI based configuration fetch cases.
      11. Check Point LEA server configuration for Log monitoring support has been removed to avoid 32-bit dependency.
    24. 12.7 Build 127007 - September 25,2024
      1. General: Previously, Upgrade failures were caused by Firewall Analyzer table corruption and missing tables in the database. This issue has now been resolved.
      12.7 Build 127000 - April 26, 2023

      Issues Fixed:

      1. General : PostgreSQL version has been upgraded to 14.7. The PostgreSQL vulnerability issues from version 10.21 have been fixed now.
      2. General : JRE version 1.8.0_362 will be used in fresh installations(exe / bin).
      3. General : Earlier, from version 12.5.415 there was an issue in "Remember Me". This has now been fixed.
      4. General : Tomcat, Wrapper and various product-specific components have been updated.
    25. 12.6 Build 126329 - June 21, 2023

      Issues Fixed:

      1. Support ID: 8747495 - Proxy server settings added in 'General' settings.
      2. Support ID: 8664950 - The import of 'Protocol group' files failed when the file size was greater than 50 KB. This issue is fixed.
      3. Support ID: 5982896 - The 'Hourly' and 'Weekly' trend comparison graphs of the 'Traffic Trend Report', 'Event Trend Report', and 'Protocol Trend Report' were not displaying the data in the correct order. This issue is fixed.
      4. Support ID: 8828880 - The export of report to XLS format in the 'Expiry notification failed'. This issue is fixed.
      5. Exporting the raw logs report in the 'Raw search' custom report failed. This issue is fixed.
    26. 12.6 Build 126307 - March 14, 2023

      New Features and Enhancements:

      1. Support IDs: 8416974, 8285818, 8411305 - 'Source Country' column has been added extra in 'Active VPN Users' and 'VPN Sessions' reports.
      2. Support ID: 8446080 - New timestamp and syslog format supported for VMware NSX firewall.
      3. Support ID: 8475348 - The CLI based device rule page now supports a new prompt ("]") value.
      4. Support ID: 8590688 - Dynamic configuration path changes have been included for the pfSense firewalls in device-rule configuration page.
      5. Support ID: 7289486 - Export to 'XLS' option has been provided for 'Configuration Comparison Report'.

      Firewall Analyzer Enterprise Edition:

      1. Customers will receive notifications, if the Probe to Central communication is lost for long time.
      2. Automatically shutdown of Probe server, if the communication has been lost over 15 days with Central server.

      Issues Fixed:

      1. Support ID: 8378102 - Rule fetching actions skipped for root device for FortiGate Split-task VDOM enabled cases.
      2. Support ID: 8378363 - Updated the access code for Sophos XG Rest API.
      3. Support ID: 8590688 - Dynamic configuration path changes have been included for the pfSense firewalls.
      4. Support ID: 8590688 - Shell option handling done for the pfSense firewalls.
      5. Support ID: 8590688 - pfSense device rule parsing issue has been fixed.
      6. Support ID: 8590688 - pfSense schedule configuration is not working issue has been fixed.
      7. Support ID: 8188533 - Parsing issue in the commit syslog for Palo Alto firewall is fixed.
      8. Support ID: 8439266 - VPN logout syslog '721018' event is parsed now and the Active VPN Users report showing properly for Cisco firewall.
      9. Support ID: 8476306 - Fixed the issue to show the VPN type as 'VPN tunnel name' instead of IPSEC for tunnel based VPN sessions for FortiGate firewall.
      10. Support IDs: 8080124, 8489754 - Syslog parsing issue in Watch Guard firewalls has been fixed.
      11. Few I18N keys were missing, when 'Rule Suggestion Report' was exported to 'XLS' or 'CSV'. This issue is fixed.
      12. PDF on demand and mail export options were not working, if both HTTP and HTTPS were enabled on a server. This issue is fixed.
    27. 12.6 Build 126290 - February 10, 2023

      New Features and Enhancements:

      1. Support ID: 8330448 - 'Rule Management and Compliance' support for Cisco Meraki devices with REST API.
      2. Offline Configuration Analysis: Support IDs: 6150641, 5943889, 6959349, 6993627, 5742450, 6995857, 6178747, 7053351, 7522093, 6242880, 5485646, and 7986830 - Customers can now generate 'Rule Management and Compliance Reports' with device configuration files (or) CLI/API options by manually adding devices without Syslog dependency to meet their auditing requirements.

      Issues Fixed:

      1. Support ID: 8276993 - Palo Alto device rule report population issue fixed.
      2. Support ID: 8198153 - Offline device rule support changes for the Check Point firewalls.
      3. Support ID: 8251535 - Unmanaged vdom devices list issue fixed in device rule pages.
      4. Support ID: 8522861 - Scheduled 'VPN Sessions' report with CSV, XLS type has missed some columns in the received reports. Fixed the issue.
    28. 12.6 Build 126283 - March 21, 2023

      New Features and Enhancements:

      1. Support ID: 7289486 - Export to 'XLS' option has been provided for 'Configuration Comparison Report'.

      Issues Fixed:

      1. Few I18N keys were missing, when 'Rule Suggestion Report' was exported to 'XLS' or 'CSV'. This issue has been fixed.
      2. PDF on demand and mail export options were not working, if both HTTP and HTTPS were enabled on a server. This issue has been fixed.
    29. 12.6 Build 126275 - January 12, 2023

      New Features and Enhancements:

      1. Support ID: 8378662 - Security audit report support for pfSense devices.
      2. Support ID: 8275613 - 'Rule Suggestion' and "Object Usage' reports for Check Point firewalls are now populated based on UUID.
      3. Support ID: 8123291 - Customers can now configure threshold based notification for the following Regulatory Compliance reports: PCI-DSS, ISO, NIST, NERC-CIP, SOX, GDPR, Basel-II, SANS, HIPAA, and GLBA.
      4. Usability Enhancement:  On-demand and scheduled PDF layout has been enhanced for more usability.

      Issues Fixed:

      1. Support ID: 8378662 - pfSense device rule interface and URL table objects parsing issue is fixed.
      2. Support ID: 8336003 - Default 'Exclude Criteria' added for FortiGate password changes in 'Change Management'. This issue is fixed.
      3. Support ID: 8236143 - 'Rule Management > Inactive Rules' gives empty report in scheduled mail in MS SQL setup for Cisco devices is fixed.
      4. Support ID: 8273272 - Rule comparison failed for Cisco firewalls. This issue is fixed.
      5. Support ID: 8381404 - 'Raw Search' is not working for operator and custom role users is fixed.
      6. Support ID: 8360702 - 'Object Details' table in scheduled overview report comes as undefined in MS SQL build. This issue is fixed.
      7. Support ID: 8297501 - Issue while adding 'Intranet Settings' with some special characters is fixed.
    30. 12.6 Build 126262 - January 04, 2023

      New Features and Enhancements:

      1. Object overview with associated rules report support for all firewall devices.
      2. Support ID: 8163066 - Rule Management, Compliance and Configuration backup support provided for FortiGate VDOM devices with API mode.
      3. Support ID: 7946876 - Remote Access VPN type logs support for Juniper SRX firewall device.
      4. Support ID: 8043068 - Option to change the IP address in SNMP settings.
      5. Support ID: 7954995 - New Timestamp format support for Cisco ASA firewall.

      Issues Fixed:

      1. Support ID: 7941797, 8089961 - Unused rule data population issue for the Cisco firewalls while using the configuration file is fixed.
      2. Support ID: 8175244, 8089961 - For the FortiGate rule name value empty cases, rule id population changes to be done in the device rule parsing code. This issue is fixed.
      3. Support ID: 8067039 - Cisco device rule parsing issue fixed.
      4. Support ID: 8021274 - Sophos UTM device rule processing issue fixed.
      5. Support ID: 8163066 - Palo Alto device rule failed due to special character availability in the Palo Alto device configuration file issue fixed.
      6. Support ID: 8186738 - Check Point firewall cases, standard reports show undefined values in few cases. This issue is fixed.
      7. Support ID: 7981069 - When any new API access code included for the Sophos UTM firewalls, facing the error in the primary API access code. This issue is fixed.
      8. Support ID: 8163066 - FortiGate API access not working issue fixed.
      9. Support ID: 7794632 - Email ID field having '&' symbol. Customer wants to create a custom report profile with notification for Email with '&' symbol. This issue is fixed.
      10. Support ID: 7921661 - Sent byte, Received byte, Duration values are null in web filter logs for Sophos XG firewall device is handled.
      11. Support ID: 8017870 - RAW search for denied logs showing no data for Cisco Meraki firewall. This issue is fixed.
      12. Support ID: 8021274 - Logout event is not showing in Admin Reports and Audit Logs report for Sophos UTM firewalls. This issue is fixed.
      13. Support ID: 8159724 - 'Active VPN users' report under 'Custom Reports' is not generated for MS SQL. This issue is fixed.
      14. Support ID: 8163818 - Unable to create schedule for security audit report as device name contains more than 50 characters. This issue is fixed.
      15. Support ID: 8216879 - Date and time is not correct under Duplicate Objects. This issue is fixed.
    31. 12.6 Build 126165 - October 14, 2022

      Issue Fixed:

      1. General: To enhance security, changes have been done in the InstallShield for Linux builds.
    32. 12.6 Build 126150 - September 28, 2022

      New Features and Enhancements:

      1. Support IDs: 7857601, 6196721, 5882965, 6398963, 6196721 - Policy/Rule change approval for rule and it's objects add, delete, modify in firewalls.
      2. Support IDs; 7768852, 7167427, 7317538, 7422953, 6886374, 6739954, 6684735, 6018457, 5545795 - Check Point 'Compliance Standard' report support when no zones are available in logs and configuration files.
      3. Support ID: 6695851 - Rule Management and Compliance support for FortiGate NGFW devices.
      4. Support ID: 5584803 - Alert option for Device-Rule failure cases.
      5. Support ID: 7889991 - 'Unused rule reports' support for pfSense devices.
      6. On demand scroll option has been provided in expand page of 'Firewall Reports', 'Proxy Reports' and 'Country Reports'.

      Issues Fixed:

      1. Support ID: 7885029 - Device rule configuration file contains IPv6 object cases, parsing issue fixed for the FirePower firewalls.
      2. Support ID: 7918065 - For the Check Point firewalls, fixed Security audit report not listed issue.
      3. Support ID: 7793245 - For the SonicWall firewalls, fixed Device rule configuration file parsing issue.
      4. Support ID: 7928967 - Compliance Standards reports, PCI-DSS and NERC-CIP were not generated for FortiGate vdom devices. Fixed the issue.
      5. Support ID: 8091681 - On demand report for 'Security Audit' not getting generated for FortiGate device. Fixed the issue.
      6. Support ID: 7885029 - 'Anomaly' report shows the rules as redundant even though the interfaces are different for FirePower devices. Fixed the issue.
      7. Support ID: 7982480 - Palo Alto configuration processing has been optimized for report generation.
      8. Support ID: 7998219 - No data is showing for 'Firewall Live Report' under 'Custom Report'. This issue is fixed.
    33. 12.6 Build 126133 - August 19, 2022

      New Features and Enhancements:

      1. CSV and XLS report type options are provided in Policy Overview, Optimization and Cleanup Schedules.
      2. 'Country Reports' is enhanced with new Geographical map view.

      Firewall Analyzer - Enterprise Edition:

      1. Enterprise edition of Firewall Analyzer's Central and Probe server default communication has been changed as HTTPS.
    34. 12.6 Build 126118 - July 27, 2022

      Issues fixed:

      1. General: A vulnerability resulted in unauthenticated access of the user API key. This issue has been fixed now. (Reported by Anonymous working with Trend Micro Zero Day Initiative. Refer: CVE-2022-36923)
    35. 12.6 Build 126116

      Enhancement:

      1. SHA-256, SHA-512 support for Authentication protocol and AES-256 support for Encryption protocol in SNMP v3.
    36. 12.6 Build 126115 - July 13, 2022

      New Device/Log format support:

      1. Support ID: 7738902 - New device support - ContentKeeper proxy device.

      New Features and Enhancements:

      1. Security audit report supported for Huawei firewalls.
      2. New 'Basel II' compliance audit report is supported for all firewalls.
      3. Support ID: 7771759 - Application Report for WatchGuard firewalls.
      4. Support ID: 7790516 - TFTP support provided for Hillstone firewalls for Rule management functionalities and reports.
      5. Support ID: 7810056 - Option to exclude the archive storage for the syslogs with the IPs given in the Exclude host settings.
      6. Support ID: 7769738 - Provided an option to customize the Duration column in HH:mm:ss format in Reports.
      7. Support ID: 7778839 - Severity Level field is parsed and shown in RAW search report.

      Firewall Analyzer - Enterprise Edition:

      1. Option to update Central server details in Probe UI has been provided.

      Issues Fixed :

      1. Support ID: 7773520 - Fixed PaloAlto device rule parsing issue.
      2. Support ID: 7748969 - SSH and VPN relation section details are corrected in the Sophos-XG security audit reports.
      3. Support ID: 7757786 - Device rule data population issue fixed for the FortiGate firewalls.
      4. Support ID: 7752707 - Application control logs are falling under Attack Reports for SonicWall Firewall. This issue is fixed.
      5. Support ID: 7698475 - Configuration backup 'monthly' schedule was not working properly. This issue is fixed.
      6. Support ID: 7766446 - URL log parsing issue for Juniper SRX firewalls is fixed.
      7. Support ID: 7776576 - URL log parsing issue for FortiGate firewall is fixed.
      8. Support ID: 7764286 - VPN log parsing issue in SonicWall SSL-VPN SMA appliances is fixed.
      9. Support ID: 7793554 - PCI DSS 1.1.7 section got failed when schedule is configured case. This issue is fixed.
      10. Support ID: 7823846 - Huawei device unused rule shows garbled character. This issue is fixed.
      11. Support ID: 7647221 - File import failed for PaloAlto vsys devices in Device Rule. This issue is fixed.
      12. Support ID: 7737753 - 'log enabled' status is shown as failed in ISO compliance report for Cisco device. This issue is fixed.
      13. Support ID: 7586558 - IP address is changed to Management IP for Check Point Firewall Log Exporter CEF format. This issue is fixed.
      14. Support ID: 7757136 - Cisco syslog ID '733100' got stuck while parsing. Due to this, Reports generation was not working as expected. This issue is fixed.
      15. Support ID: 7761858 - In the Security audit report, the SSH check was removed in the 'clear text protocol services' and 'access allowed dangerous services' sections. This issue is fixed.
      16. Support ID: 7729448, 7700328 - Duplicate vdom devices got added for FortiGate firewall. This issue is fixed.
      17. Report export failed in non-English OS machines. This issue is fixed.
      18. Total and Others value included in Scheduled CSV report.
      19. When export CSV report with custom time frame, Start time and End time shown twice in CSV report .This issue is fixed.
      20. Configuration Change Notification report name starts as Chart. Proper naming done.
    37. 12.6 Build 126108 - December 13, 2022

      Issues Fixed:

      1. Support ID: 8050406 - Export of 'Report' failed due to special character in filename. This issue is fixed.
      2. Support ID: 8216879 - Month in 'Duplicate Objects Report', generated time is wrong. This issue is fixed.
      3. In Standards dashboard, GLBA compliance widget name is not properly displayed in the Japanese language. This issue is fixed.
    38. 12.6 Build 126107

      Issues Fixed:

      1. Firewall Analyzer: Report export failed in non-English OS machines. This issue is fixed.
      2. Firewall Analyzer: Total and Others value included in Scheduled CSV report.
      3. Firewall Analyzer: When export CSV report with custom time frame, Start time and End time shown twice in CSV report. This issue is fixed.
      4. Firewall Analyzer: Configuration Change Notification report name starts as Chart. Proper naming done.
    39. 12.6 Build 126101 - June 23, 2022

      Security Issue Fixed :

      1. General: Unauthorized creation of files lead to high resource consumption. This has been fixed now. (Reported by Tenable. Refer: CVE-2022-35404)
    40. 12.6 Build 126000 - June 14, 2022

      Security Issue Fixed :

      1. General: Antisamy has been upgraded to version 1.6.4.
    41. 12.5 Build 125659 - August 11, 2022

      Issues fixed:

      1. General: There was an issue with loading the NOC page in Embed view. This issue has been fixed now.
    42. 12.5 Build 125656 - July 25, 2022

      New features and Enhancements:

      1. General: Users have the option to skip TFA now. Option to disable Two Factor Authentication is now available.
    43. 12.5 Build 125648

      Security Issue Fixed :

      1. General: Low privilege users were able to access Server machine files using Report generation API. This issue has been fixed now.
    44. 12.5 Build 125647 - May 12, 2022

      New Features and Enhancements:

      1. Firewall specific log flow rate and option to stop/start flow processing for individual firewalls.
      2. Support ID: 7680401 - 'Previous Day' schedule option is provided for Change Management schedules.

      Issues Fixed :

      1. Support ID: 7602649 - In ISO Compliance, 'logging enable section' is failed for FortiGate devices due to parsing issue. Fixed the issue.
      2. Support ID: 7577847 - For Huawei devices, Rule name is not properly shown in Policy optimization and Anomaly reports. Fixed the issue.
      3. Support ID: 7586558 - Anomaly details are not populated on 'Rule Impact Report' for Check Point. Fixed the issue.
      4. Support ID: 7647827 - Rule suggestion failed due to different format in destination port;.Fixed the issue.
      5. Support ID: 7636560 - Update widget action is not working for "Firewall live interface traffic" widget. Fixed the issue.
      6. Support ID: 7618894 - Search action in Raw log search result page is not working. Fixed the issue.
      7. Support ID: 7604024 - Sophos XGS 3100 logs are not added due to different syslog fields are introduced. Fixed the issue.
      8. Support ID: 7579021 - Trend Report is not populated properly in Custom Report. Fixed the issue.
      9. Support ID: 7507077 - VPN log parsing issue for WatchGuard firewall. Fixed the issue.
      10. Support ID: 7629496 - Compliance schedule with LAN not configured case is not working. This issue is fixed.
      11. Support ID: 7448099 - Fixed the 'Unused Rules' showing no data issue is fixed for SonicWall firewalls.
      12. Support ID: 7480045 - Multiple configuration backup tasks executed at same time has failed. Fixed the issue.
      13. Support ID: 6077724 - Check Point device rule data parsing issue fixed.
      14. Support ID: 7682053 - Security Audit report date not updated issue fixed.
      15. Support ID: 7599157 - Device rule command status update code corrected.
      16. Support ID: 7726555 - Unable to delete any created 'Rule Suggestion' report. Fixed the issue.
      17. Support ID: 7573416 - Alarm Drill down is not happening. Fixed the issue.
      18. Support ID: 7692706 - Date Filtering added for OpManager issue is fixed.
      19. Support ID: 7693770 - Rule fetch failed issue fixed for FortiGate firewalls.
      20. Support ID: 7660785 - Issue fixed while getting Change Management related data.
      21. Support ID: 7712253 - The policy overview data not populated issue fixed for SRX firewall.
      22. Support ID: 7727424 - Vdom device rule commands execution time dynamic values update changes in status view page. Fixed the issue.
      23. Support ID: 7624246 - Anchor link removed in Security Audit PDF export. This issue is fixed.
      24. Support ID: 7672560 - For WatchGuard devices, when rules are fetched using file, API, CLI, rule name in rule file and configuration file are different, so all rules are populated under 'Unused Rules' report. Fixed the issue.
      25. Support ID: 7663655 - 'TCP Xmas Tree dropped' logs are not parsed properly to populate under 'Attack Reports' for SonicWall firewalls. Fixed the issue.
      26. Support ID: 7672560 - If Destination is reserved port value throws error while calculating anomaly for WatchGuard devices. Fixed the issue.
      27. Support ID: 7448099 - Unused object is not populated due to parsing issue in SonicWall device if source, destination and service is configured as NA for some rules. Fixed the issue.
      28. Support ID: 7480650 - Device Rule configuration got failed for Huawei devices, because the subnet mask contains description details in it. Fixed the issue.
      29. Support ID: 7674428
        1. CSV and XLS export under 'Policy Optimization' is not working, This issue is fixed.
        2. CSV export not working for ACE view of Cisco devices in 'Unused Rules' page. This issue is fixed.
      30. Support ID: 7682811,7582577 - VPN log parsing issue for Check Point Log Exporter CEF format. This issue is fixed.
      31. Support ID: 7531779, 7626091 - Palo Alto API based device rule configured VSYS cases, logout based configuration fetch failure issue fixed.
      32. Support ID: 7744105 - Password protection missing issue fixed for XLS report type in 'Custom Report' page.
    45. 12.5 Build 125621 - May 20, 2022

      Security Issue Fixed :

      1. General: Low privilege users were able to access Server machine files using Report generation API. This issue has been fixed now.
    46. 12.5 Build 125615 - March 24, 2022

      New Features and Enhancements:

      1. A new 'Firewall NAT Rules' report support under Policy Overview for Cisco devices.
      2. Support ID: 7585886 - Bidirectional Rules report supported in Policy Overview page.
      3. Support ID: 7518462 - Unused rules data population is now supported for Palo Alto VDOM firewalls using configuration file import.
      4. Support ID: 7506571, 7488133 - Firewall Analyzer now supports security audit reports for NetScreen devices.
      5. General: Log4j upgraded to version 2.17.2

      Issues Fixed :

      1. Support ID: 7437520 - Palo Alto log status value wrongly listed issue in the Policy Overview page is fixed.
      2. Support ID: 7454142 - Rule Expiry data population issue fixed for the Check Point firewalls.
      3. Support ID: 7488133 - FortiGate VDOM with TFTP cases, global configuration include changes are populated correctly.
      4. Support ID: 7488133 - ISDB service name population related parsing issue fixed.
      5. Support ID: 7488133 - 'DeviceCommand.xml' based ISDB command execution changes handled properly.
      6. Support ID: 7488133 - FortiGate VDOM cases, ISDB command values corrected.
      7. Support ID: 7400676 - FortiGate rule name based rule management/rule administration data population is done.
      8. Support ID: 7488133, 7506571 - ISDB data is not fetched properly from FortiGate devices using CLI when it has more ISDB objects in rules. This issue is fixed.
      9. Script option in Firewall Availability alert and Collector Availability alert has been removed.
      10. Nipper tool dependency has been removed for generating Security Audit reports for few firewalls.
    47. 12.5 Build 125606 - August 04, 2022

      Security Issue Fixed :

      1. General: A vulnerability resulted in unauthenticated access of the user API key. This issue has been fixed now. (Reported by Anonymous working with Trend Micro Zero Day Initiative. Refer: CVE-2022-36923 )
      2. General: Earlier, there was a Remote Code Execution (RCE) vulnerability in IPv6 address management (CVE-2022-37024) and IPv4 address management (CVE-2022-38772) reported by an anonymous working with Trend Micro Zero Day Initiative. This has been fixed now.
    48. 12.5 Build 125605 - June 21, 2022

      Security Issue Fixed :

      1. General: Low privilege users were able to access Server machine files using Report generation API. This issue is fixed.
    49. 12.5 Build 125582 - January 17, 2022

      New Features & Enhancements:

      1. Rule Management and Compliance support for Juniper SRX devices using vendor API.
      2. Support ID: 6390296 - Security audit report support for Juniper SRX firewalls.
      3. Support ID: 7066724 - Redundant/Duplicate object report similar to Redundant policy report.
      4. Support ID: 7184640 - PDF as attachment in the Change Management Notification mail instead of mail content.
      5. Support ID: 7083639 - Others and Total row are now shown in CSV and XLS for custom report.
      6. Support ID: 7434018, 7490537 - Admin report is supported for Check Point Log Exporter CEF format.

      Issues Fixed :

      1. Support ID: 7298872 - Assigned IP is not updated in VPN Reports for FortiGate firewall. This issue is fixed.
      2. Support ID: 7452984 - Traffic syslog parsing issue in WatchGuard firewall is fixed.
      3. Support ID: 7446312 - PaloAlto SCP commands not working. This issue is fixed.
      4. Support ID: 7318354 - Stormshield firewall device rule parsing issue fixed.
      5. Support ID: 7194876 - Garbled characters shown in URL Report for non-English installations. This issue is fixed.
      6. Support ID: 7066724 - IPv6 support related Firewall Analyzer device rule security XML regex issue fixed.
      7. Support ID: 7452984 - WatchGuard device rule service protocol parsing issue is fixed.
      8. Support ID: 7463171 - PaloAlto interface is not listed fully in standards page. This issue is fixed.
      9. Support ID: 7289484 - In non-English installations, Security Audit report name garbled characters issue is fixed.
      10. Support ID: 7275763 - Cannot disable schedule under custom schedule list when schedule name contains native language characters. This issue is fixed.
      11. Support ID: 7290303 - Garbled characters are shown when Alert profile name is given as native language character. This issue is fixed.
      12. Support ID: 7275254 - When Japanese character is included in custom report profile name, in Schedule list page, Japanese character is shown as ?. This issue is fixed.
      13. Support ID: 7430658 - While importing a configuration file through file import native language character are garbled in total Rules pages under Overview. This issue is fixed.
      14. Support ID: 7465202 - 'User Connected' report using Reports > Custom Reports option occasionally shows like 'Problem while generating data'. This issue is fixed.
      15. Support ID: 7450412, 7153068 - Performance tuning on syslog processing for PaloAlto firewall.
      16. Sensitive data like password/community fields are masked in Security Audit reports.
    50. 12.5 Build 125568 - February 24, 2022

      Security Issue Fixed :

      1. General: The upgrade process failed in secondary failover setup due to an issue. This issue occurs when upgrading from builds below 125561. This issue has been fixed.
    51. 12.5 Build 125557 - November 26, 2021

      New Features & Enhancements:

      1. Support ID: 6892855 - Security audit support for Hillstone firewall.
      2. Support ID: 7201671, 6280295, 6280299 - Rule administration support for Juniper SRX with CLI.
      3. Support ID: 7095687 - Change Management report schedule options for everyday and current day changes (today).
      4. Support ID: 6840434 - Option to configure custom service like network objects in 'Rule Impact Analysis' feature.

      Issues Fixed :

      1. Support ID: 7320674 - Cisco security audit report shows rules related service value as any instead of any ICMP is fixed.
      2. Support ID: 7201326 - Cisco device rule object groups and access-list configured with user object value parsing issue is fixed.
    52. 12.5 Build 125490 - November 26, 2021

      Security Issue Fixed :

      1. General (OpUtils): The authentication issue in few of OpUtils modules' audit directories has been fixed. (Refer CVE-2021-44514).
    53. 12.5 Build 125488 - October 29, 2021

      Security Issue Fixed :

      1. General (Network Configuration Manager): There was a Remote Code Execution (RCE) vulnerability in the Ping functionality (Reported by Ma3i). This issue is fixed.
    54. 12.5 Build 125485 - October 21, 2021

      Enhacements:

      1. General: We have introduced a password reset policy for default SCP password.

      Issue Fixed:

      1. General: Two-Factor Authentication, when enabled, will be applicable for Mobile App login also.
    55. 12.5 Build 125484 - October 21, 2021

      Vulnerability Fixes :

      1. Previously, low privileged users had access to multiple modules of unauthorized devices (Reported by Ranjit Pahan). This issue is fixed.
      2. Previously, low privileged users were able to view device details of disabled devices (Reported by Ranjit Pahan). This issue is fixed.
    56. 12.5 Build 125483

      Security Issue Fixed :

      1. General: Low privileged users were able to access Audit reports and mail server details (Reported by Ranjit Pahan). This issue is fixed.
    57. 12.5 Build 125482

      New Features and Enhancements:

      1. SupportID : 7049907 : Key-Value pair syslog format support extended for F5 BIG-IP ASM Firewall.
      2. SupportID : 7131166 : URL logs support extended for PFsense firewall.

      Issues Fixed:

      1. SupportID : 7156600 : When Admin users edit an alarm profile created by an operator user, it was not visible to the operator users. This issue has now been fixed.
      2. SupportID : 7029478 : The VPN session report for Paloalto firewall was showing 0 bytes for all VPN connections. This issue is fixed.
      3. SupportID : 7133356 : Previously, duplicate interfaces were added for SonicWall firewall for SNMP configured case due to ifDesc having the interface name with its alias name. This issue is fixed.
      4. SupportID : 7170172 : System Events of Fortigate firewall were parsed and added under Admin Reports. This issue is fixed.
      5. SupportID : 7147606 : When 'Custom' time period was selected, no data was shown in Live Report. This issue is fixed.
      6. SupportID : 7156600 : When the Admin user creates an Alarm profile and assigns the alert-ower as 'operator', the generated alarms were not displayed for the operator user. This issue is fixed.
    58. 12.5 Build 125475

      Issues Fixed:

      1. Firewall Analyzer: Support ID: 6989267 - Exporting Standard Compliance report in Japanese language was not working and couldn't send mail. This issue is fixed.
      2. Firewall Analyzer: Support ID: 7275763 - Under Schedule List, the status of a schedule couldn't be updated. When tried to disable it, a wrong message was thrown. This issue is fixed.
      3. Firewall Analyzer: Support ID: 7290303 - Alert Profile Name was not shown properly if the profile name was in Japanese. This issue is fixed.
      4. Firewall Analyzer: Support ID: 7275254 - Report Profile Name with Japanese character was not shown properly under Schedule List page. 'Add Report Profile' was not translated properly. Both issues are fixed.
      5. Firewall Analyzer: Support ID: 7289486 - While exporting Rule Comparison to XLS, few keys were not translated to Japanese. This issue is fixed. XLS export is not supported for Configuration Comparison. So removed the icon.
      6. Firewall Analyzer: Support ID: 7275993 - adv_log_srch shown in PDF export of Raw Search Report is changed to meaningful content and Aggregated Search Report is modified to show proper Device List.
      7. Firewall Analyzer: Support ID: 7289487 - When creating Administrator user, the option 'Allow Firewall Rule Administrator for this user' was not shown and Operator user was having Edit Device option under Inventory which should be restricted. Both the issues are fixed.
      8. Firewall Analyzer: Support ID: 7285818 - When exporting Policy Optimization to CSV or XLS, Information about Rule used for comparison was not shown. This issue is fixed.
      9. Firewall Analyzer: Support ID: 7285910 - When Rule Reorder was exported to XLS, Device Info was duplicated to multiple cells and few i18n keys were missing. Both the issues are fixed.
      10. Firewall Analyzer: Support ID: 7275227 - Previously, Others and Total values were not there in CSV and XLS export of Firewall Reports. These have been included now.
      11. Firewall Analyzer: Support ID: 7289484 - Previously, On demand mail option was not working in Security Audit page. This has been fixed along with a few i18n and garbled character issues.
      12. Firewall Analyzer: Support ID: 7289515 - Blank page was shown when logged-in as Read Only Custom User. This has been fixed.
      13. Firewall Analyzer: Support ID: 7457280 - Garbled characters found in Policy Optimization, Alarm Profile and Custom Report Profile pages are fixed.
      14. Firewall Analyzer: Support ID: 7285958 - Under Rule Comparison, Device Name was displayed in Chinese language instead of Japanese language. Also when report was exported as PDF or XLS, INVALID_CSRF_TOKEN error was thrown. These issues have been fixed along with a few i18n issues.
      15. General: While submitting a username using the 'Enter' key in the Forgot Password option, an error occurred. This issue is fixed.
      16. General: Previously, there was an issue in creating and updating 'Roles' in user management when the web client language was Japanese. This issue is fixed.
      17. General: Low privileged users were able to access Support Module (Reported by Ranjit Pahan). This issue is fixed.
      18. General: Previously, there was an issue with displaying the product name in the message field for the configured mail notification. This issue is fixed.
    59. 12.5 Build 125467

      Security Issue Fixed:

      1. Firewall: CSRF vulnerability in Cloud Repository page reported by Ranjit Pahan has been fixed.
    60. 12.5 Build 125464

      New Features and Enhancements:

      1. Firewall Analyzer now supports audit report generation for one more industry standard compliance, GLBA.
      2. Rule expiry feature support for Sophos XG firewalls.
      3. Support ID: 6959349 - Security audit support for
        1. Sophos UTM
        2. WatchGuard M270 (M series)
      4. Support ID: 7229923 - Security audit report schedule and on-demand mail options are now available.
      5. Support ID: 6067997 - New 'VPN connection status' report for individual VPN users.
      6. Support ID: 7220396 - Cisco policy name add option support provided for Rule Administration feature.
      7. Support ID: 6013763 - 'Any User' option for Anomaly alert threshold criteria is available now.
      8. Support ID: 6046758 - Week Days and Week Ends options provided under time criteria in Normal alert profile.

      Issues Fixed:

      1. Support ID: 7024499 - In Policy Optimization report of Palo Alto, 'userid' field is not taken into account under source field. This issue is fixed.
      2. Support ID: 7113622 - Sophos UTM policy optimization report shows no data issue is fixed.
      3. Support ID: 7117739 - WatchGaurd device rule partial configuration fetch issue is fixed.
      4. Support ID: 7107305 - Cisco policy optimization report shows no data issue is fixed.
      5. Support ID: 7157156 - Customer is unable to open the PDF attachment received in email of the Scheduled Standards Compliance report issue is fixed.
      6. Support ID: 7199808 - Cisco device rule IP v6 rules parsing issue is fixed.
      7. Support ID: 7092596 - Parsing issue in Syslog ID 302304 for Cisco ASA firewall is fixed.
      8. Support ID: 7083091 - Parsing issue in Virus Syslog of Cisco FirePower firewall is fixed.
      9. Support ID: 7206889 - FortiGate security audit report is not generated properly. The issue is fixed.
      10. Support ID: 7113622 - Based on the default rules, rule number population changes are done for Sophos UTM firewalls.
      11. Support ID: 7214550 - If the firewall display name contains " " value cases, any report on the security audit page is not listed. This issue is fixed.
      12. Support ID: 7180068 - Change Management PDF not working for 'custom' time frame and CSV, XLS export has a column missing. This issue is fixed.
      13. Support ID: 6824997 - SNMP based live report is not showing properly for Check Point devices. Because, It is added with Management Server IP address. This issue is fixed.
      14. Support ID: 7083639,6962782 - Edit option for 'Aggregate Search' report has been provided. In 'Aggregate Search' Save option, profile is not saved under 'Custom' report. This issue is fixed. 'others' and 'total' info is added in CSV and XLS report export.
      15. Support ID: 7028931, 6989163 - Edit option for 'Rule Suggestion report' has been provided. Rule information is added in CSV and XLS report export. PDF file name which is sent by using mail option is number context starting with chart. This issue is fixed. If report created with same report name for different devices error occurs This issue is fixed.
    61. 12.5 Build 125459 - December 24, 2021

      Security Issue Fixed:

      1. General: Low privileged users were able to access Support Module (Reported by Ranjit Pahan). This issue has been fixed.
    62. 12.5 Build 125447 - August 17, 2021

      New Features:

      1. Support ID: 7052467 - Firewall Analyzer based Security Audit report is available for FortiGate firewalls.
      2. Support ID: 6825516 - Rule Expiry report support for Check Point firewalls.
      3. Support ID: 6892855 - Rule Management and Compliance support for Hillstone firewalls with CLI and file import options.
      4. XLS and CSV attachment for On-demand 'Send Mail' option from UI has been provided for below reports:
        1. Policy Anomalies.
        2. Rule Suggestion.
        3. Policy Fine Tuning.
        4. Rule Cleanup.
        5. Rule Reorder.

      Usability Enhancements:

      1. Support ID: 5502408 - Page loading animation is shown for all firewall reports.
      2. Support ID: 7052467 - Security Audit front page usability has been improved.

      Issues Fixed:

      1. Support ID: 7039340 - Sophos UTM device rule data parsing issue fixed.
      2. Support ID: 6989163 - Rule Information in Rule Suggestion page is provided.
      3. Support ID: 6985242 - Add 'Alarm Profile' is not working in other than English language. Fixed the issue.
      4. Support ID: 6628822 - FortiGate SANS Section 15 'Block unwanted ICMP traffic' shows wrong data. Fixed the issue.
      5. Support ID: 7032640 - Cisco FirePower policy overview rules count mismatch issue is fixed.
      6. Support ID: 6840434 - Cisco security audit rule 'To' interface value is wrongly identified issue is fixed.
      7. Support ID: 6891130 - SonicWall device rule partial configuration fetching issue is fixed.
      8. Support ID: 6695851 - FortiGate vdom device rule issue due to same root and vdom device name configuration issue is fixed.
      9. Support ID: 6924941 - Juniper SRX global network objects IP range parsing issue is fixed.
      10. Support ID: 6897821 - Palo Alto rule reorder issue that Firewall Analyzer is suggesting to move the Deny All rule to position 1 due to high hit-count is fixed.
      11. Support ID: 6689149 - Device rule status failed frequently for Cisco FirePower device issue is fixed.
      12. Support ID: 6874460 - Device rule issue for Cisco - partial configuration fetching issue is fixed.
      13. Support ID: 6713122 - Compliance standards report drill down on specific report is showing 'Device rule not configured' message for FortiGatevdom device is fixed.
      14. Support ID: 6989214 - 'Action' column under 'Audit Logs' page is showing wrong value in exported PDF, CSV and XLS. This issue is fixed.
    63. 12.5 Build 125429 - July 13, 2021

      New Device Support:

      1. Support ID: 6892855 - Hillstone Firewall - Traffic and Security reports based on Syslog data supported now.

      New Features:

      1. Support ID: 6980870 - Firewall Analyzer based Security Audit report is now available for SonicWall firewall.
      2. Support IDs: 6274799, 6701721, 6881444, 6881288, 6888535 - Firewall Analyzer based Security Audit report is available for Check Point firewalls.

      Enhancements:

      1. In Policy Overview page, CSV and XLS exports are enhanced to match with PDF format to show complete Object details in the report. These export options are included in 'On Demand Mail' option too.
      2. DHCP under User Name IP Mapping is enhanced with Import option to populate User Name vs Host Name mapping at very first time.
      3. Support ID: 6781799 - NERC-CIP Compliance Standard Sections have been upgraded to Version 6.

      Issues Fixed:

      1. Support ID: 7025575 - Syslog parsing issue in Traffic logs of Watch Guard firewall has been fixed.
      2. Support ID: 6926265 - Embed widget is not working properly. This issue has been fixed.
      3. Support ID: 6975481 - VPN log parsing issue in Cisco ASA firewall has been fixed.
      4. Support ID: 6967584 - VPN Failed login report is not populated for SonicWall Firewall. This issue has been fixed.
      5. Support ID: 6689149 - For FirePower devices, unwanted banner message was listed in the change management diff page. This issue is fixed.
      6. Support ID: 6949084 - Previously, there was an issue while downloading API response from Sophos XG. This issue has been fixed.
      7. Support ID: 5452928 - Garbled characters were found in 'Top Denied Categories' report when language is set to Japanese. This issue is fixed.
      8. Support ID: 6824200 - Page hangup issue of 'Polciy Finetune Report' is fixed.
      9. Support ID: 6376637 - In VPN tab, VPN Session and Top Users data can be searched across device now.
      10. Support ID: 7053597 - Previously, Change Mangement report was not selected when customer edits 'Custom' report. This issue is fixed.
    64. 12.5 Build 125410

      New Device/Log Format Supported:

      1. Support ID: 6897821 - Traffic and Security reports based on Syslog data is supported for Palo Alto VSYS.

      New Features and Enhancements:

      1. Support ID: 6897821 - Rule Management & Compliance support for Palo Alto VSYS with CLI and API options.
      2. Support ID: 6897821 - Security Audit report support for Palo Alto VSYS.
      3. Support ID: 6840434 - Security Audit report support for Cisco FirePower devices.
      4. Support ID: 6689149 - Scheduled PDF report for Change Management supported.
      5. Support ID: 6980691 : Check Point Management server policy support for 'Install target' based options.
      6. Option to provide Terminal (SSH/TELNET) settings in user-configuration page.

      Issue Fixed:

      1. Support ID: 6715155, 6851245 - Fixed FortiGate VPN log parsing issue for FortiGate FGT100E firewalls.
      2. Support ID: 6716343, 5772716 - SNMP based Live traffic report is not populated due to "IF_DESC" field is empty when fetch from SNMP for FortiGate Firewall, because we have added the interface using "IF_NAME" field. This issue is fixed.
      3. Support ID: 6955963 - Sophos XG Security audit related configuration parsing issue fixed.
      4. Support ID: 6689149 - Fixed parsing issue of Cisco Firepower FTD logs.
      5. Support ID: 6802312 - Fixed parsing issue of Cisco ASA logs.
      6. Support ID: 6813913 - Few users are missing in 'Active VPN Users' report under Reports > VPN Reports tab. This issue is fixed.
      7. Support ID: 6868586 - Fixed StromShield Firewall log parsing issue.
      8. Support ID: 6980691 - Rule cleanup page count mismatch issue fixed for Check Point firewalls.
      9. Support ID: 6980691 - Rule cleanup page, UID based rule data population changes done for Check Point firewalls.
      10. Support ID: 6790141 - Duplicate device added for Check Point Firewall CEF log format. This issue is fixed.
      11. Support ID: 6805374 - FortiGate global command execution in logout Syslog case, VDOM condition was not included. This issue is fixed.
      12. Support ID: 6851345 - Customer having SNMP v3 configuration without encryption password. Firewall Analyzer doesn't allow the customer to save the SNMP v3 settings without encryption password field due to Security XML restriction. This issue is fixed.
      13. Support ID: 6989731 - In Sophos XG devices, Firewall Analyzer uses encrypt password Sophos XG API option to get device rule information. In case of any set up, if the encrypted password is not working, rule fetching did not happen. This issue is fixed.
    65. 12.5 Build 125399 - June 1, 2021

      New Features and Enhancements:

      1. General : User Management now supports custom role creation.
      2. General : Previously, Add-On Modules were enabled/disabled globally. Enabling/disabling Add-On Modules is now user specific.
      3. General : Users can now choose to show/hide Add-On Modules for which they have been authorized.

      Issue Fixed:

      1. General : There was an issue when restoring backup during MSSQL installation after the 125301 upgrade. This has now been fixed.
    66. 12.5 Build 125381 - April 30, 2021

      New Features and Enhancements:

      1. Alarm profiles notifications can be sent to 'Jira Service Desk' as a new support ticket with 'Notification Template' option.
      2. CSV, XLS export option for 'Rule Object Usage' reports made available.
      3. Support ID: 6638937, 6176288, 6825279 - Security Audit report support for Sophos XG device.

      Issue Fixed:

      1. Support ID: 6805745 - On-demand PDF export alignment issue in Compliance Standard reports page is fixed.
    67. 12.5 Build 125376 - April 12, 2021

      New Features and Enhancements:

      1. ManageEngine ServiceDesk Plus On-Demand integration support in 'Notification Template'.
      2. Most, Least and Unused rule object reporting based on traffic usage.
      3. Support ID: 6691033 - Security Audit report support for PaloAlto device.
      4. Support ID: 6272805 - Traffic related dashboard widgets to show the data in GB/MB/KB based on its value instead of showing it in MB by default.

      Issue Fixed:

      1. Support ID: 6701721 - Rule comparison parsing issue for Check Point device is fixed.
      2. Support ID: 6744849 - FortiGate security audit report TACACS+ user configuration data is shown wrongly. This issue is fixed.
      3. Support ID: 6699258 - FortiGate security audit report shows wrong data for section 'Not All Firewall Policy Accept Rules Log Access'. This issue is fixed.
      4. Support ID: 6654103 - Unable to add multiple IP networks in Intranet settings due to restriction in Security XML This issue s fixed.
      5. Support ID: 5296865 - Security Event report is not populated for Check Point device due to parsing issue. This issue is fixed.
      6. Support ID: 6780741 - When schedule is disabled in 'Raw Search', it is not properly displayed under 'Edit' page of that report. This issue is fixed.
    68. 12.5 Build 125362 - March 26, 2021

      Security Issue Fixed:

      1. OpManager:The SparkGateway package has been upgraded to the latest version (SparkGateway 5.9.0) due to a path traversal vulnerability reported by David. (Refer CVE-2021-20078).
    69. 12.5 Build 125361

      Security Issue Fixed:

      1. Multiple privilege escalation vulnerabilities reported by Ranjit Pahan have been fixed.
    70. 12.5 Build 125357 - March 04, 2021

      New Device/Log format support:

      1. Support ID: 6582267 - VPN Report support for Palo Alto LEEF format logs.
      2. Support ID: 6447812 - New timestamp format support for Cisco FirePower FTD firewall.

      New Features/Enhancements:

      1. 'Rule Administration' support for Cisco FirePower-FTD device using vendor API.
      2. Forcepoint device rule support using configuration file exported from Forcepoint GUI.
      3. Schedule option for 'Rule Expiry Notification' reports.
      4. Device based filter for 'Used Rules' reports page in 'Inventory' tab.
      5. 'Last Hour', 'Last Month', 'Last Quarter' time criteria options provided in 'Reports' and 'Inventory' Snapshot pages.
      6. Support ID: 6634485 - XLS export option for 'Rule Comparison Reports'.
      7. Support ID: 5708903, 6604293 - Adding extra new 'Search Columns' in 'Raw Search' for Source Country, Destination Country, Source Interface, Destination Interface, Cloud Name, Cloud Category, From Mail, To Mail.
      8. Support ID: 6144258 - Below criteria to be given for 'Alarm' profiles criteria,
        • not starts with
        • not ends with.

      Issues Fixed:

      1. Support ID: 6669364 - Cisco ASA IPv6 network objects device rule parsing issue is fixed.
      2. Support ID: 6673849 - Juniper SRX rule comparison report parsing issue is fixed.
      3. Support ID: 6645557 - FortiGate global configuration fetch while logout syslog is handled properly.
      4. Support ID: 6646926 - Sophos firewall version 18 cases, device rule data not populated issue fixed.
      5. Support ID: 6684307 - Sophos device not listed in 'Exclude Criteria' devices list issue fixed.
      6. Support ID: 6675965 - 'CSV' and 'XLS' Export from 'Last Generated Report' in custom reports tab is not happening in Firefox browser of latest version, this issue is fixed.
      7. Support ID: 5296865 - When we click 'View Report' from 'Imported Logs' page, the data is showing for 'Today' in time period by default. This issue is fixed.
      8. Support ID: 6511599 - Parsing issue in Sophos UTM web filter logs is fixed.
      9. Support ID: 6589076 - Parsing issue in Cisco IronPort proxy (Web security appliance) logs is fixed.
      10. Support ID: 6538919 - VPN log parsing issue in Palo Alto Firewall PAN OS version 9 is fixed.
      11. Support ID: 6622443, 6521619 - Duplicate entries in 'Active VPN Users' report for SonicWall NSA 3600 Firewall due to multiple login event logs are received for single VPN login attempt. This issue is fixed.
      12. 'On Demand' mail is not triggered in Distributed Edition Central Server if 'Mail Server' setting is not configured in Collector Server issue is fixed.
    71. 12.5 Build 125329 - February 04, 2021

      General:

      1. There was an Unauthenticated Remote Code Execution (RCE) vulnerability due to general bypass for the deserialization class, as reported by Johannes Mortiz. This has now been fixed. (Refer CVE-2021-3287)

      New Device/Logs Supported:

      1. Support ID: 6453957,6267843 - Cisco FMC firewall device support.

      New Features & Enhancements:

      1. 'Rule Expiry Notification' for any Rule Schedules using configuration data.
      2. Rule Management and Compliance support for Cisco FirePower FTD using vendor API.
      3. Predefined alerts for Anomaly alert profile.
      4. Schedule custom report profiles have another report option XLS in-addition to PDF and CSV.
      5. Raw search report schedule has another report option XLS.
      6. Option to copy Alarm Profiles to create a new alarm profiles with same or additional criteria.
      7. Option to send CSV/XLS in addition to PDF for On demand mailing for all reports and inventory pages.
      8. On demand mail attachments will be sent as zipped PDF/CSV/XLS file instead direct files.
      9. Usability Enhancements:
        1. Alarm Profiles UI revamped to combine multiple pages into single page to improve the usability.
        2. Redirecting to snapshot traffic and report pages from Inventory page for devices, Interfaces, Users and Cloud Services.
        3. Report details are shown clearly like PDF in on-demand export and on-demand mail export of CSV, XLS files of Firewall, Proxy and Custom reports.
      10. Support ID: 6413012 - Option to export all records in CSV and XLS for aggregated and raw search reports.
      11. Support ID: 6376637 - Search option made to work properly for VPN reports page

      Issues Fixed:

      1. Support ID: 6380742 - pfSense device rule interface parsing issue fixed.
      2. Support ID: 6430765 - FortiGate vdom device rule schedule failed because of no rules available in the root context. This issue is fixed.
      3. Support ID: 6516201 - For Check Point devices, only top 500 rules are shown in reports. Fixed this issue.
      4. Support ID: 6499357 - Partial configuration data fetching of few FortiGate firewalls which have huge number of rules is fixed.
      5. Support ID: 6380742 - pfSense device rule add failed in few cases. This issue is fixed.
      6. Support ID: 6401963 - Attack log parsing issue in Sophos XG firewall has been fixed.
      7. Support ID: 6605606 - Device rule FortiGate isdb name objects configuration parsing is handled.
      8. Support ID: 6589127 - FortiGate ISO Sec13.1.2 failed due to default implicit deny rule is not handled properly. The issue is fixed.
      9. Support ID: 6644799 - Device rule export config failed status message is not shown in red colour. The issue is fixed.
      10. Support ID: 6440012 - FortiGate device rule fails for HA cluster device using credential profile. The issue is fixed.
      11. Support ID: 6477250 - Username shown as unknown in VPN User Transaction Report for FortiGate IPSEC VPN case. The Host IP address is shown as username instead of Unknown.
      12. Support ID: 6416472 - Assigned IP address showing the same as 'Host IP' in active VPN users report for Palo Alto PAN OS 9 version.
      13. Support ID: 6077724 - Rule name parsing issue in Check Point Log Exporter CEF format. This issue is fixed.
      14. Support ID: 6474479 - Parsing issue in F5 BIG-IP firewall has been fixed.
      15. Support ID: 6446762 - Archive and Index location update action under Archive settings is not working for 'Network path' which contains 'IP address' in it. It is fixed.
      16. Support ID: 6314243 - Date and Time displayed in 'Raw Log Search' is not proper. This issue is fixed.
      17. Support ID: 6436465 - Garbled character are shown as 'Raw search' result output, randomly. This isssue is fixed.
      18. Support ID: 6582267, 6520398 - Palo Alto device rule add failed because of the column size of application tables. This issue is fixed.
      19. Support ID: 6499086, 6393407 - SonicWall rule comparison report is showing data based on priority value. The issue is fixed.
      20. Support ID: 6780409 - The widget title is displayed incorrectly in the exported CSV and XLS format under 'Firewall Report'. This issue is fixed.
    72. 12.5 Build 125323 - January 05, 2021

      New Features and Enhancements:

      1. Rule Administration support for Cisco ASA using CLI.
      2. Alarm Profiles notification has been enhanced with 'Notification Templates' feature,
        • Raise new trouble tickets in ManageEngine ServiceDesk Plus, ServiceNow.
        • Get notified by Slack.
        • Get notified with a sound alert (Web alarm) in web UI.
        • Send 'Syslog' messages with event details.
        • Send 'SNMP traps' with criteria and event details.
        • Run a system command when an alarm is triggered.
        • Alarms can be notified via, Email, SMS and Email based SMS template configurations.
      3. Two new Industry compliance standards support based on firewall configuration data,
        • GDPR
        • HIPAA
      4. Backup files can be compared between latest and any configuration backup file.
      5. Predefined alert configuration for 'Normal' alert profiles.
      6. Rule Suggestion report generation and save for multiple time periods.
      7. Alarm Profiles UI is revamped and merged multiple configuration pages into single page for more usability.
      8. Support ID: 6401389 - On-demand 'Mail' and 'PDF Export' option for Change Management difference reports.
      9. Support ID: 6253246 - Customer can generate 'Raw Search' reports with 'URL Category' and 'Application' criteria now.

      Issues Fixed:

      1. Support ID: 6450788 - OutOfMemory Exception issue while generating Change Management difference reports for PaloAlto, WatchGuard, Sophos XG firewalls is fixed.
      2. Support ID: 6268243 - Fortigate device rule ISDB data parsing issue is fixed.
      3. Support ID: 6350784 - WatchGuard device rule ICMP service objects parsing issue is fixed.
      4. Support ID: 6104702 - Scheduled report Save Location option is not working properly. This issue is fixed.
      5. Support ID: 6398383 - Custom report is not working properly when Intranet settings are configured. This issue is fixed.
      6. Support ID: 6302212 - Parsing issue in SonicWall logs is fixed.
      7. Support ID: 6305551 - FirePower deny log parsing issue is fixed.
      8. Support ID: 6300962 - Failed VPN login report is not showing for Fortigate firewall. This issue is fixed.
      9. Support ID: 6254628 - URL log parsing issue of Fortigate firewall is fixed.
      10. Support ID: 6108516 - Unused objects data is not populated for rule suggestion drill down report issue is fixed.
    73. 12.5 Build 125232 - October 23, 2020

      General:

      1. Firewall Analyzer as add-on in OpManager - 'Security' tab is added in OpManager device snapshot page which contains Firewall Analyzer device snapshot widgets if the category of that device is firewall.
    74. 12.5 Build 125221

      Issues Fixed:

      1. Support ID: 6683150 - Scheduled report Save Location option is not working properly. This issue is fixed.
      2. Support ID: 6540894 - Failed VPN login report is not showing for Fortigate firewall. This issue is fixed.
      3. Support ID: 6675965 - Empty page shown in Standards report drill down pages. The issue is fixed.
      4. Support ID: 6673849 - Rule comparison report issue for SRX firewall device has been fixed now.
    75. 12.5 Build 125217 - September 30, 2020

      New Device/Log Format supported:

      1. Support Ticket ID: 6232295 - SSL VPN logs support for Huawei firewall.

      New Features and Enhancements:

      1. New 'SOX Compliance' report based on firewall configuration analysis.
      2. Scheduled configuration backup (daily, weekly, monthly and once-only).
      3. Rule-Administration (policy add, edit, delete) support for FortiGate firewalls using vendor API.
      4. 'Firewall Policy Fine Tuning' report based on network traffic learning (syslog analysis) for different time periods.
      5. A new VPN report 'VPN Usage' to view active users count for various interval over custom time period.
      6. Users can establish device terminal connections using Spark gateway terminal.

      Issues Fixed:

      1. Support Ticket ID: 6249040 - Change Management report is not generated for custom time period. The issue is fixed.
      2. Support Ticket ID: 6093916 - Custom Report Edit option is not working properly for non-English language installations. The issue is fixed.
      3. Support Ticket ID: 6175209 - VPN Session Report is not showing proper data. The issue is fixed.
      4. Support Ticket ID: 6216934 - VPN log parsing issue for SonicWall SMA firewall device. The issue is fixed.
      5. Support Ticket ID: 6276594 - Empty page shown in Standards report dirll down pages. The issue is fixed.
      6. Support Ticket ID: 6280717 - Standards report export isn't working. The issue is fixed.
      7. Support Ticket ID: 6282911 - Traffic reports are not populated properly for WatchGuard firewall. It is fixed.
      8. Support Ticket ID: 6254628 - User bandwidth report in 'Inventory' is not showing due to Security XML issue. It is fixed.
      9. Support Ticket ID: 6245363 - VPN log format has been changed in PaloAlto PAN OS 9.1.3 version. Due to this, VPN Reports are empty. The issue is fixed.
      10. Support Ticket ID: 6180774 - VPN, AD, and Other Authentication logs are having the similar pattern of Admin event logs in Sophos XG. So, itfalls under 'Admin' reports.The issue is fixed.
      11. Support Ticket ID: 6281259 - Single user connected in two VPN session with same public IP address and different assigned IP addresses 'Active VPN User' report showing only one VPN session. It is fixed.
    76. 12.5 Build 125213 - September 14, 2020

      OpManager

      1. General: Previously, there was a thread lock issue that sometimes caused the product to not function as intended. This issue has been fixed.
    77. 12.5 Build 125212 - September 9, 2020

      Enhancement:

      1. jQUERY has been migrated to version 3.5.1 to avoid vulnerabilities.
    78. 12.5 Build 125200 - August 28, 2020

      New Features & Enhancements:

      1. Failover: Users will be able to configure Firewall Analyzer Failover as AddOn with virtual IP address. This helps you achieve 24x7 monitoring of your standalone and distributed network.
      2. Rule Administration (add, edit, delete rules) feature supported for FortiGate device using CLI.
      3. Rule management and Compliance reports support for FortiGate devices using vendor API.
      4. Support ticket ID: 6190253 - Policy Fine Tuning - Rule optimization recommendations based on the history of rule usage for the overly permissive rules.
      5. Support ticket ID: 6000751 - IPSec VPN report support for pfSense firewall.
      6. Support ticket ID: 6189643 - Dial-up VPN type logs supported for Juniper SRX firewall.
      7. Support ticket IDs: 6106756, 6237183, 6162257 - Policy Comparison reports:
        • Between two configuration files.
        • Between a file with last fetched configuration available in Firewall Analyzer database.
        • Between running configuration versions available in Firewall Analyzer database.

      Issues Fixed:

      1. FortiGate VDOM device rule ISDB data is not handled properly. This issue is fixed.
      2. Device added but not listed under Inventory issue is fixed.
      3. Support ticket ID: 6180774 - Sophos XG Policy overview filters not working issue fixed.
      4. Support ticket ID: 6045174 - Huawei device rule failed due to improper error message handling is fixed.
      5. Support ticket ID: 6179063 - WatchGuard device rule action field parsing issue is fixed.
      6. Support ticket ID: 6179063 - WatchGuard unused rule parsing issue is fixed.
      7. Support ticket ID: 6206195 - SonicWALL device rule name field parsing issue is fixed.
      8. Support ticket ID: 6142635 - VPN sessions report is not showing properly for PaloAlto firewall device. This issue is fixed.
      9. Support ticket ID: 6152347 - Parsing issue in PaloAlto firewall logs is fixed.
      10. Support ticket ID: 6189643 - URL report is not showing the data properly for Juniper SRX firewall issue is fixed.
      11. Support ticket ID: 6115896 - Date, time text is formatted in UI for all report pages and the exported PDF reports.
      12. Support ticket ID: 6182198 - Assigned IP address showing the same as Source IP address in Active VPN Users report for SonicWALL firewall issue is fixed now.
    79. 12.5 Build 125194

      Issue Fixed:

      1. Support ID - 6203301: Squid device was not getting added due to timestamp parsing issue. This issue has been fixed.
    80. 12.5 Build 125180 - July 24, 2020

      New Device/Log format support:

      1. Support-Ticket : 5945804 : New customized timestamp format supported for squid devices
    81. 12.5 Build 125179 - July 22, 2020

      New Device/Log format support:

      1. Support-Ticket : 5945804 : New customized timestamp format supported for squid devices

      New Features & Enhancements:

      1. Firewall Rule Administration supported for 'Vyatta' device using CLI.
      2. Support-Ticket : 6111176 : Policy Overview and Policy Optimization report supported for 'Forcepoint' device using configuration file import.
      3. Support-Ticket : 5995459 : Included an option to change file date format in Schedule report
      4. New custom time period option available for custom reports while scheduling it once.
      5. Option to configure SCP username and password from application user interface.
      6. Option to configure below parameters from UserConfig page to 'Settings' page,
        • PDF Report Row Count
        • Nipper Location
        • Scheduled Reports Save Location
        • Start/Stop TFTP Service
        • Start/Stop SSHD Service

      Issues Fixed:

      1. Support-Ticket : 5971232 : Policy Overview and Policy Optimization report was not populated for Checkpoint with ipv6 object. This issue has been fixed.
      2. Support-Ticket : 6079836 : Stormshield configuration file with special characters had an issue, this has been fixed.
      3. Support-Ticket : 6054503 : Checkpoint device rule parsing issue has been fixed.
      4. Support-Ticket : 6006164 : Vyatta device rule parsing issue has been fixed.
      5. Support-Ticket : 6061621 : Time period option hidden for all trend reports.
      6. Support-Ticket : 6088574 : SRX device rule ip-range and network objects parsing issue has been fixed.
      7. Support-Ticket : 6092052 : FortiGate device 'Security Audit' report, user group configuration was not handled properly. The issue has been fixed.
      8. Support-Ticket : 6082857 : Firepower device rule parsing issue has been fixed.
      9. Support-Ticket : 6092561 : Few users who connected to VPN with AAA authentication log (113009) and IP assign log (722051), were not shown in "Active VPN Users". This issue has been fixed.
      10. Support-Ticket : 6010922 : VPN type was not reflected in "Top VPN Traffic" widget for Fortigate firewall. This issue has been fixed.
      11. Support-Ticket : 6093916 : Sophos UTM HA device with same IP and same host name discovered as two different devices. Now, we have handled it as single device.
      12. Support-Ticket : 6100855 : Assigned IP was shown as Source IP in Active VPN user widget for pfsense firewall. This issue has been fixed.
      13. Support-Ticket : 6119276 : SonicWall Enhanced syslog format parsing issue has been fixed.
      14. Support-Ticket : 6130550, 6080371, 5950522, 6056057, 6061435 : OutOfMemory issue occurring in Change Management report has been fixed.
    82. 12.5 Build 125160 - June 19, 2020

      New device/Log format supported:

      1. Support ID - 6012127: New VPN log format supported for Palo Alto PANOS Version-9.

      New features and enhancements:

      1. Support ID - 5635866: 'Unused Rules' report based on ACEs as separate view is available under 'Rule Cleanup' for Cisco ASA devices.
      2. Support ID - 6044231: Option to configure 'row count' for scheduled exports if number of rows > 10.
      3. Support ID - 5965247, 5843882: Time filter option has been provided for 'Normal Alert' profiles.
      4. A new 'Review Us' tab is provided under 'Support' page.

      Issues fixed:

      1. Support ID - 5573528: Rule reorder position for Cisco ASA is not following the actual rule position mentioned in firewall configuration. This issue is fixed.
      2. Support ID - 6062468: FortiGate VDOM devices change management failed for active-active cases. This issue is fixed.
      3. Support ID - 6092052: FortiGate device 'Security Audit' report showing wrong data under the section 'user is configured with no password'. This issue is fixed.
      4. Support ID - 6082857: Cisco device rule parsing issue is fixed.
      5. Support ID - 6043992: Clavister device logs parsing issue is fixed.
      6. Support ID - 6034187: Attack log parsing issue in SonicWALL device is fixed.
      7. Support ID - 6074602: VPN log parsing issue in Check Point Log Exporter Format (CEF) is fixed.
      8. Support ID - 6015906: 'Active VPN User' report is not showing properly in case of two VPN login events for single user with different assigned IPs from FortiGate firewall is received. Fixed this issue.
      9. Support ID - 6049687, 6052964: Few VPN disconnected users are showing in 'Active VPN Users' report. This issue is fixed.
      10. Custom dashboard and expanded widget page for Excel export drill down is not working. This issue is fixed.
      11. Graph drill down not redirecting to proper device snapshot from dashboard issue is fixed.
      12. Security of authentication and communication between 'Admin' and 'Collector' servers in Enterprise edition is tightened.
    83. 12.5 Build 125150 - August 13, 2020
      1. Support ID - 6203301: Squid device was not getting added due to timestamp parsing issue. This issue has been resolved.
    84. 12.5 Build 125149 - July 21, 2020

      Issue Fixed:

      1. OpManager: An issue while viewing the short summary page of an alarm in the external monitor is fixed.
      2. OpManager: Unable to redirect to Device Snapshot Page from the Short Summary page of an alarm. This issue has been fixed.
    85. 12.5 Build 125142

      Issue Fixed:

      1. In ‘Device Rule’ page, when the device credential is validated the status is shown as ‘Failed’, if the language selected is other than English for Firewall Analyzer. Fixed the issue.
    86. 12.5 Build 125141 - May 21, 2020

      New device/Log format supported:

      1. Support ticket ID: 6001827 - New device support - WinGate proxy server.
      2. Support ticket ID: 5851232 - New timestamp format is supported in FirePOWER 6.4 or later version.

      New features and enhancements:

      1. Rule administration support (Add, Edit, Delete rules) for the below devices:
        • Sophos XG
        • Sophos UTM
      2. Report profiles widget selection option given for all reports.
      3. Individual report scheduling (on demand) with widget selection as custom report from report pages.
      4. New separate 'VPN Reports' tab to view all VPN reports with more VPN statistics.
      5. On demand and report profile schedule option for 'Active VPN Users' report for devices.
      6. Store VPN session details in separate tables to maintain individual connections to get more VPN reports.
      7. Customers can get more granular VPN data like start-time, end-time, duration, server and client IP addresses for each VPN connection without crunching.
      8. Support ticket ID: 5981132 - VPN report support for Cisco Meraki device.
      9. Support ticket ID: 5957139 - VPN report support for Stormshield device.
      10. Support ticket ID: 6011399 - Internet service objects based policy handling supported for FortiGate device.
      11. Support ticket ID: 6019522 - Rule management support for Juniper SRX logical systems.
      12. Support ticket ID: 5844575 - NAT and WAF object supported for Sophos XG devices.

      Issues fixed:

      1. Support ticket ID: 6012236 - VPN log parsing issue in Cyberoam device has been fixed.
      2. Support ticket ID: 6017044 - VPN user transaction report shows all the VPN traffic logs for SonicWall. The issue has been fixed.
      3. Support ticket ID: 6036968 - Fixed the Sophos XG device 'Policy Optimization' shows inappropriate redundant rules issue.
      4. Support ticket ID: 5844575 - Handled the Sophos XG case rule position support changes.
      5. Support ticket ID: 5937364 - Handled the Check Point case, access layers containing empty values case exception.
      6. Support ticket ID: 5958716 - Handled Check Point cases, cluster name based device rule data population changes.
      7. Support ticket ID: 5785893 - Juniper SRX device cases partial configuration, rule fetched issue fixed for bigger configuration from device.
      8. Support ticket ID: 5993848 - SonicWall case security audit report contains duplicated wrong rules list issue fixed.
      9. Support ticket ID: 5988050 - Not able to edit and save the daily schedule report profiles issue fixed.
      10. Support ticket ID: 6011399 - Cisco device rule service group parsing issue fixed.
      11. Support ticket ID: 6019019 - Change management report is not generated for SonicWall device. Fixed the issue.
      12. Support ticket ID: 6020245 - NetScreen device rule parsing issue fixed.
      13. Support ticket ID: 6036387 - Juniper SRX device rule IPv6 address objects parsing issue fixed.
      14. Support ticket ID: 5847978 - Archive zip handled for 'Schedule import' case.
      15. Support ticket ID: 6036968 - Time value parsing issue in Cyberoam device has been fixed.
      16. Support ticket ID: 5993441 : Change Management report has included additionally in the Scheduled PDF report even it is not selected. Fixed the issue.
      17. Support ticket ID: 6000518, 5995440 - URL log parsing issue in Cisco ASA and Juniper SRX has been fixed.
      18. Support ticket ID: 6010922, 6006728 - IPSec VPN parsing issue in FortiGate device has been fixed.
      19. OpManager Issue ID: 26814 - Import of encrypted log file (.enc file) is not working properly. This issue is fixed.
      20. Issue manager ticket ID: 29873 - Firewall Analyzer version 8.x to 12.5 migrated cases, Sophos UTM device rule add failed issue fixed.
      21. Fixed the Check Point security audit report not getting generated issue.
      22. Check Point interface details population code correction issue fixed.
      23. Alarm profile name parameter is restricted to "alphanumeric_basic" with few special characters. Fixed the issue.
      24. 'VPN Trend report' drill-down related issue fixed.
    87. 12.5 Build 125129 - July 6, 2020
      1. General : After upgrading the product, there was an "Unable to start the product" error. This issue has now been fixed.
      2. General: Previously, the backup functionality was not working for non-English installations. This issue has now been fixed.
    88. 12.5 Build 125125 - April 29, 2020

      Security Issue Fixed:

      1. General : Path Traversal vulnerability in URLs starting with has been fixed. (Refer CVE-2020-12116)
    89. 12.5 Build 125122 - April 21, 2020

      New Features:

      1. Graphs and tables in scheduled PDF report generation are modified to match with client.
      2. Scheduled CSV report generation is modified to get more no of rows.

      Enhancements:

      1. 'Raw Search' page is enhanced with more search criteria, 'not contains' and 'not starts with'.
      2. Custom reports saved in 'Raw Search' result page is enhanced with 'Edit' option.
      3. In 'Raw Search' result page, if the 'Columns' are customized, it will be retained for the entire session.
      4. Support ID: 5852482 - User IP mapping - Single firewall can be associated with multiple AD now..

      Issues Fixed:

      1. Cisco VPN disconnection log parsing issue fixed.
      2. SonicWall VPN log parsing issue fixed.
      3. Syslogs timestamp with 'No Year' are handled.
      4. Standard pages refresh icon was missing if PCI zone was not configured. This issue is fixed.
      5. Raw Proxy Log search result showed traffic as Bytes. This issue is fixed to show proper value.
      6. SonicWall default Service list has been updated and fixed the some configuration parsing issues.
      7. Support ID: 5950522 - SonicWall policy optimization issue is fixed.
      8. Support ID: 5998072, 5981314 - Palo Alto VPN log parsing issue is fixed.
      9. Support ID: 5964530 - Compliance standards - SANS - Section 15 did not detect rules with ICMP protocol. This issue is fixed.
      10. Support ID: 5891108 - Unable to generate PCI-DSS compliance for FortiGate firewall due to nested object group. This issue is fixed.
      11. Support ID: 5978910 - Cisco ASA - Single VPN user with two different IP addresses shown as one login in Active VPN Users.This issue is fixed.
      12. Support ID: 5938539 - Default Exclude Criteria has been added for Encrypted Keys to avoid invalid change management in SonicWall configuration.
    90. 12.5 Build 125120 - April 16, 2020

      Issues Fixed:

      1. General : Unauthenticated access to API key disclosure from a servlet call.
        CVE-2020-11946 - @kuncho, an independent Security Researcher, has reported this vulnerability to SSD Secure Disclosure program. The issue has been fixed.
    91. 12.5 Build 125115 - March 31, 2020

      Issues Fixed:

      1. PostgreSQL connection close issue due to CopyManager is fixed.
      2. Vulnerability in Import log page is fixed.
      3. In OpM Plus, 'Rule Reorder' page was overlapped with FAQ contents. This issue is fixed.
      4. In OpM Plus, 'Fetch now' button was missing in 'Unused Rules' page. It is fixed now.
    92. 12.5 Build 125109 - March 5, 2020

      New device/log format support:

      1. New Log Support - VMware NSX Edge Firewall.

      New Feature/Enhancements:

      1. Rule Management and Compliance reports support for Linux iptables.
      2. On-demand PDF report generation using JasperReports changed to PhantomJS for Search, Compliance and Rule Management reports.
      3. Support ID: 5654552 - Resolve DNS option provided in RAW Search page.
      4. Support ID: 5826180 - Cisco FirePOWER Device Rule support enhanced to use TFTP protocol.
      5. Support ID: 5847978 - Schedule Remote Host log import enhanced to use FTP protocol.
      6. Support ID: 5555538 - Time stamping of Archive files handled properly.
      7. Support ID: 5683114 - PaloAlto 'Panorama' config download enhanced to handle in API mode.
      8. Time period selection is enhanced as drop down.
      9. Enhanced 'From' and 'To' time period shown near 'Time' selection box.

      Issues Fixed:

      1. Support ID: 5780720 - Active VPN trend report graph shows multiple points for single day. This issue is fixed.
      2. Support ID: 5314890 - If log import is scheduled with 24 hours gap, schedule will run with fixed interval. Fixed the issue.
      3. Support ID: 5811442 - Alarm profile specific drill down page is empty. Fixed the issue.
      4. Support ID: 5683114 - Issue in PaloAlto auth token based 'device rule'/'rule administration' support is fixed.
      5. Support ID: 5842665 - For PaloAlto device SCP configuration cases, occasionally password prompt value missing in CLI response. Fixed the issue.
      6. Support ID: 5871724 - Column chooser not reflecting in CSV and XLS export in Policy Overview tab. Fixed the issue.
      7. Support ID: 5697672 - FortiGate policy optimization and rule re-order shows wrong data due to improper handling of security policies. Fixed the issue.
      8. Support ID: 5827994 - Fixed the Cisco FirePOWER trust rules parsing issue.
      9. Support ID: 5866185 - In the SonicWALL scheduled configuration fetch cases, Security Audit report is not generated. Fixed the issue.
      10. Support ID: 5844575 - Fixed the Sophos XG configuration parsing issue.
      11. Support ID: 5314890 - In Imported logs, for FTP connection failed cases, 'Processing logs' status is shown. Fixed the issue. This has been changed to 'Connection refused' status and added an entry in Audit report.
      12. Support ID: 5778181 - In case of configuration download via TFTP, Firewall Analyzer was not waiting till full configuration transfer, because of that partial data is downloaded in configuration file and device rule data is not populated properly. Fixed the issue.
      13. In the case of adding FortiGate VDOM devices and not restarting Firewall Analyzer, if device rule is created, reports are populated only for physical firewall devices. This issue is fixed.
      14. In Rule Administration, earlier validation was not done before deleting Objects. Issue fixed by validating before deleting Objects.
      15. In some Cisco ASA webVPN cases, wrong source IP was shown. This has been fixed.
      16. FortiGate device rule add, edit cases VDOM data is populated for main physical device. This has been fixed now.
      17. Cisco Admin and SonicWALL VPN log parsing issues fixed.
      18. Action Column removed from Archive Files page.
      19. Loading icon added, while generating Rule Impact report.
      20. Showing 'No data' message beside widget name during on-demand export.
    93. 12.5 Build 125108 - March 4, 2020
      • General : The obsolete code causing Remote Code Execution vulnerability in Mail Server Settings v1 APIs have been removed.
    94. 12.5 Build 125003

      Issues Fixed:

      1. PostgreSQL connection close issue has been fixed.
    95. 12.5 Build 125000 - February 19, 2020
      • General : PostgreSQL has now been migrated to version 10.10.
      • General : The PostgreSQL vulnerability issues from version 9.2.4 have now been fixed.
    96. 12.5 Build 124196

      Security Issue Fixed:

      • General : Path Traversal vulnerability in URLs starting with has been fixed. (Refer CVE-2020-12116).
    97. 12.5 Build 124188
      • General : Unauthenticated access to API key disclosure from a servlet call.
        CVE-2020-11946 - @kuncho, an independent Security Researcher, has reported this vulnerability to SSD Secure Disclosure program. The issue has been fixed.
    98. 12.4 Build 124181

      Vulnerability Issue Fixed:

      OpManager: Previously, the users were able to read the Arbitrary file. This file read vulnerability has now been fixed.

    99. 12.4 Build 124179

      New Feature:

      1. Rule Administration feature supported for below devices:
        1. Check Point
        2. PaloAlto

      Enhancements:

      1. Support ID - 5672098: Admin report supported for pfSense firewall.
      2. Support ID - 5657055: For Scheduled PDF report, Time Filter (Custom Time, Working Hour, Non-Working Hour) will be shown in 'Report Criteria' field.
      3. Support ID - 5458268: Enhanced Time Zone value handling for FirePOWER FTD 6.2, 6.3, 6.4 and above versions.
      4. Enhanced report export to PDF, XLS, and CSV formats.
      5. Enhanced the widget selection option for CSV and XLS export in reports.
      6. 'All Records' option given for export to CSV and XLS in 'Inventory', 'Reports' and 'Audit Log' pages.
      7. In 'Inventory', 'Reports' and 'Audit Log' pages, enhanced export to PDF option up to 50,000 records in single page.
      8. Report pages enhanced with two more row count options 'Top 50' and 'Top 100'.
      9. Enhanced all reports export to generate PDF, CSV and XLS formats with 'Report Name' & 'Row Count' combinations.
      10. Enhanced CSV export record count to 100,000 records and 'Advanced' option is provided.
      11. Enhanced XLS export record count to 25,000 records and 'Advanced' option is provided.
      12. In 'Inventory' list page, 'Time Period' option moved, so that hiding left section won't affect time period change.

      Issues Fixed:

      1. Support ID - 5676695: Fixed VPN log parsing issue for pfSense firewall.
      2. Support ID - 25422: Fixed the rule fetching failure issue for FortiGate VDOM - physical device.
      3. Support ID - 5783874: FortiGate VDOM Device Rule failed for HA pair. Fixed this issue.
      4. Support ID - 5447344: For i-FILTER device, 'Vendor Type' is shown as 'Unknown CLF'. Fixed the issue to show the 'Vendor Type' as 'i-FILTER'.
      5. Support ID - 5672749: Fixed the 'Traffic' log parsing issue in MicroTik firewall.
      6. Support ID - 5694946: FortiGate FGT90E logs are shown under 'Unsupported' logs. Fixed the issue.
      7. Support ID - 5715854: Fixed the 'Security XML' issue, when log is imported with 'Map this log file to existing device' option.
      8. Support ID - 5640654: Fixed the FirePOWER date parsing issue.
      9. Support ID - 5555538: Custom Report schedule failed, when 'Firewall Unused Objects' report selected in 'Report' list. Fixed the issue.
      10. Support ID - 5686648, 5726632: FortiGate log ID 'logid=0000000020' has the aggregated value of Sent bytes, Received bytes and Duration. The populated data is huge and the log is intermittent. Dropped the logs to fix the issue for proper reporting.
      11. Support ID - 5827506: 'Active VPN User' report is not showing for PaloAlto device. Fixed this issue.
      12. Support ID - 5778181: Parsing issue in 'Admin' logs for PaloAlto firewall is fixed.
      13. Support ID - 5785313: Device name changes to Profile name in 'Custom Reports' page. Fixed this issue.
      14. Support ID - 5807625: For PaloAlto device, Change Management alert triggered based on 'Logout' event syslog. Fixed the issue by changing the Change Management alert trigger based on 'Commit' event syslog.
      15. FortiGate VDOM device rule 'On demand' options are not working. This issue is fixed.
      16. 'Resolve DNS' not working in 'Snapshot' page when drilled down from traffic statistics widget in the Dashboard. Fixed this issue.
      17. In Snapshot page, 'Alert' and 'Report' profile buttons are not visible. Fixed this issue.
      18. In the 'Inventory' and 'Snapshot' pages, column header and page navigation components were made static for the expand widgets.
      • General: The obsolete code causing Remote Code Execution (RCE) vulnerability in Mail Server Settings v1 APIs have been removed. (Reported by Jason Nordenstam) (Refer: CVE-2020-10541)
    100. 12.4 Build 124168

      Enhancements:

      1. Alarms page has been completely revamped for better user experience.
      2. Under Mail Server Settings, the length of the 'User Name' field has now been increased from 50 to 100 characters.
      3. Under User Management, the maximum length of the 'Password' field has now been increased from 25 to 100 characters.
      4. Support-ID : 5603075, 5518885 : Fetching and applying global configuration in device rule for Fortigate VDOM.
      5. Support-ID : 5566735 : VPN Report, Admin Report and Attack Report supported for Barracuda Firewall F600.
      6. In the device snapshot inventory page, device rule creation for a VDOM is currently mapped to its respective physical firewall device.
      7. Firewall Analyzer Support page usability has been enhanced with more details.

      Issues fixed:

      1. Previously, auto-login was not working when the special character '&' was present in the username or password. This issue has now been fixed.
      2. The JCE compatibility issue that occurred during PPM migration has now been fixed.
      3. Previously, while installing a collector server, any unauthenticated collector could register with the admin server. This issue has now been fixed.
      4. Support-ID : 5539649 : Previously in the Device rule, the On-demand option for physical firewalls was not listed. This issue has now been fixed.
      5. Support-ID : 5603075 : Previously, it was not possible perform rule re-order for VDOM devices. This issue has now been fixed.
      6. Support-ID : 5603075 : The Device rule configuration status for VDOM devices was not updated properly in Inventory -> Device snapshot page. This issue has now been fixed.
      7. Support-ID : 5603075 : Rule parsing issue in Fortigate device has been fixed.
      8. Support-ID : 5672098 : Rule parsing issue in pfSense device has been fixed.
      9. Support-ID : 5614148 : Previously there was a Security XML issue in Intranet settings. This issue has now been fixed.
      10. Support-ID : 5641993 : There was a parsing issue in Sophos UTM URL log. This has been fixed in this build.
      11. Support-ID : 5566735 : Timezone and protocol parsing issue for Barracuda Firewall has been fixed.
      12. Support-ID : 5313119 : Adding a special character in the UserName field resulted in a failure when trying to "Add SNMP" in the setting. This issue has now been fixed.
      13. Support-ID : 5657055 : Custom Report was not generated when Non-Working hour filter was applied. This issue has now been fixed.
      14. Support-ID : 5494598 : The Active VPN users report displayed data for even unmanaged devices. This issue has now been fixed.
      15. Support-ID : 5529314 : Any Fortigate VDOM devices configured in HA mode resulted in duplication. This has now been fixed and the same will now be added as a single device.
      16. Standard page NERC-CIP Report - Redirection URL issue has been fixed.
      17. Previously, adding a Barracuda device resulted in duplication. This issue has now been fixed.
      18. Previously, it was not possible to map a VDOM from user config page for HA mode firewalls. This has now been fixed.
    101. 12.4 Build 124099

      New features/enhancements:

      1. Support ID: 5535440 - Check Point multi access layer supported for Rule Management.
      2. Option to enter 'Gateway Name' under 'Add Device Credential' page for Check Point firewalls.

      Issues fixed :

      1. Support ID: 5625819 - Unable to assign 'Credential Profile' while creating device rule. Fixed the issue.
      2. Support ID: 5625819 - Changing credential profile to none clears the default info in device rule. This issue is fixed.
      3. Support ID: 5474215 - Issue in 'column chooser', while selecting multiple column using 'control' key, is fixed for 'Raw Log Search' page.
      4. Weaker file permission for Nipper file has been fixed (CVE-2019-17421 - Bug found by: Guy Levin (@va_start)).
    102. 12.4 Build 124096

      New device/log format support :

      1. Support ID: 5485772 - Symantec Endpoint Protection 14 device.
      2. Support ID: 5585856 - Huawei default 'Syslog' format support along with existing MTN format.

      Enhancements :

      1. Support ID: 5535440 - VPN report supported for Check Point Log Exporter CEF format.
      2. The interface IP address field is empty when fetched via SNMP for Cisco Meraki and Sophos XG devices. Because of this issue, interface is not getting added in Firewall Analyzer. Enhanced to fetch interface IP address.

      Issues Fixed :

      1. Support ID: 5535440 - Fixed the Interface value parsing issue in Check Point Log Exporter CEF format.
      2. Support ID: 5605740 - Fixed the Palo Alto port scan attack parsing issue.
      3. Support ID: 5586838 - Fixed the SonicWALL device rule parsing issue for SonicOS 5.6
      4. Support ID: 5567083 - Fixed the SonicWALL device rule service group parsing issue.
      5. Support ID: 5586113 - Palo Alto ISO compliance standards > Firewall Management configuration details - fixed the device rule parsing issue.
      6. Bandwidth alert issues fixed:
        1. Bandwidth alert triggered frequently. Threshold criteria is not applied properly.
        2. Alert mail is not showing the 'latest log' message properly.
        3. In Alarms page, the bps, bps_in & bps_out values of the alert details message are not displayed properly.
      7. Fixed the Huawei device rule parsing issue.
      8. 'Availability Alert' is getting triggered for the lowest time selected in case of multiple alert case. Fixed the issue.
      9. 'Archive Security Settings' is reset to default values, when 'archived file' settings is changed. Fixed the issue.
      10. Internally identified 'local file inclusion' vulnerabilities are fixed to make the product secure.
    103. 12.4 Build 124088

      New device/log format support :

      1. Support ID: 5447104 - Kerio Control Firewall version 9.2.8

      New features and enhancements :

      1. Rule Cleanup Enhancements:
        1. Identify unused source, destination and service objects defined in used rules.
        2. Identify unused any port and protocols defined in the objects of used rules.
      2. Revamped the Rule Management report pages to improve the usability.
      3. Option to assign multiple collectors while creating Operator privilege users in Central server.
      4. A new device audit report for login, logout for devices.
      5. User based 'Commands executed' details for every configuration change.
      6. Log flow parsing rate has been improved to handle more proxy server logs.
      7. Source and Destination countries are now listed in the drop down for selection while creating 'Normal' alerts.
      8. Support ID: 5377251 - SSL VPN report supported for Sophos XG devices.
      9. Support ID: 5377251, 5045675 - Now users can search the source port, destination port and URL category as criteria in the 'Raw Search' report.
      10. Support ID: 5377251 - Rule enable and disable syslogs are parsed to show in 'Commands executed' report for Sophos XG in Admin reports.

      Issues Fixed :

      1. Support ID: 5518885 - Device rule addition got failed for VDOM devices, when we assign existing credential profiles. Fixed the issue.
      2. Support ID: 5519348 - Editing of Change Management report schedule was not working after the product restart. Fixed the issue.
      3. Support ID: 5465688 - Hit count mismatch between 'Denied Events' report under Security report and 'Raw Deny' logs in Raw Search for Palo Alto device is fixed.
      4. Support ID: 5485772 - Excluding the user name, if the user name is coming as IP address for proxy. Fixed the issue.
      5. Support ID: 5414153 - Excluding 'Management' syslogs from user name - IP address mapping. Fixed the issue.
      6. Support ID: 5465784 - WatchGuard traffic log parsing issue fixed.
      7. Support ID: 5024679 - Fixed the 'Directory' validation handling issue in 'Imported Logs' page.
      8. Support ID: 5407203 - VPN User transaction report showing different names in Custom report page issue is fixed.
      9. Internally identified SQL Injection, Remote Code Execution and Local File Inclusions vulnerabilities are fixed to make the product more secure.
      10. Support ID: 5547592, 5425257 - Fixed the SRX and Cisco device rule parsing issues.
      11. Support ID: 5539886, 5566735 - Unable to configure SNMP v3 due to community string being mandatory and special character limitation. This issue is fixed.
    104. 12.4 Build 124083

      Enhancement :

      1. Rule management and compliance reports for Stormshield devices using CLI.
    105. 12.4 Build 124079

      Issues fixed :

      1. Security Update: Weaker file permission for Nipper file has been fixed (CVE-2019-17421).
    106. 12.4 Build 124068

      Enhancements :

      1. Rule management and compliance reports for Juniper NetScreen devices using SSH protocol.
      2. Added SSH protocol to fetch configuration files for Sonicwall Firewall.
      3. Rule management and compliance reports for SonicWALL devices using API.
      4. Configuration diff page has been enhanced with 'Lines around Changes' option.
      5. In Discovery page, option to configure port has been provided.
      6. SonicWALL device rule UUID supported to display it along with rule name in Policy Overview and Optimization reports.
      7. Virus report supported for Cisco FirePOWER devices.
      8. API Document has been released for public.
      9. New columns source 'src' & destination 'dst' interface added for Policy Optimization report.

      Issues Fixed :

      1. The timezone was not handled properly while parsing FirePOWER log. Fixed the issue.
      2. WatchGuard SSH connection close was not handled properly. Fixed the issue.
      3. Change Management support provided for Sophos XG User Name and Password content.
      4. Devices with same name caused license count issue in Central Server. This issue is fixed.
      5. Active VPN trend report was not showing 24 hours data. The issue has been fixed.
      6. Cisco WebVPN events were not detected properly. The issue has been fixed.
      7. Machine name parsing has been added in AD user/IP mapping.
      8. Sophos XG admin log parsing issue fixed.
      9. SonicWALL duration value parsing issue fixed.
      10. Policy Overview XLS format export issue fixed.
      11. Few device configuration parsing issues fixed.
    107. 12.4 Build 124053

      Issue Fixed: :

      1. Device credential validation failed issue has been fixed for Juniper SRX and Cisco FirePOWER devices
    108. 12.4 Build 124052

      New features and enhancements :

      1. For Cisco FirePOWER devices - Rule impact analysis supported.
      2. In the 'Policy Optimization' report, provided options for pie chart and table drill down.
      3. Search' option in the 'Policy Overview' report is enhanced to provide results for CIDR and multiple values (comma separated) with multiple columns combined.
      4. Source, Destination and Service object details can be viewed in 'Object Repetitiveness' reports of the 'Rule Impact' analysis reports from the product UI.
      5. Option to export 'Security Audit' report as HTML from the product UI.
      6. Widget specific refresh option is provided in Firewall reports, Proxy reports, Custom reports and all the expand view pages.
      7. Retain the time period in expand view of Firewall reports, Proxy reports and Custom report pages.
      8. In the case of device credential validation, all commands execution status has been shown in the main results page.
      9. Alarm profiles enhancements in 'Settings' tab,
        • Option to view profile specific alerts and it's details.
        • Option to export as PDF, CSV and XLS for alert profiles.
        • Option to clear alerts generated for profiles in single click.
      10. 'Cloud Repository' list page enhancements in 'Settings' tab,
        • A new search option.
        • Page navigation component given with top-N select option.
        • Sorting option given for the table headers.
      11. New custom options are provided in the add 'Device Credential' page for below parameters,
        • Timeout.
        • FWA Server IP.
        • isManagedbyPanorama for PaloAlto.

      Issues Fixed :

      1. Support ID: 4978071 - Fixed the Japanese characters garbled issue in the policy overview report.
      2. Support ID: 5383226 - New added/updated/deleted cloud services data not effective till the application is restarted. Fixed the issue.
      3. Support ID: 5382799 - In the Aggregated search report 'VPN Usage report' was shown as empty for Cisco ASA device. Fixed the issue.
      4. Support ID: 5273379 - Timezone parsing issue for Sophos XG device is fixed.
      5. Support ID: 5363136 - Wrong values are displayed in 'From Time' and 'To Time' fields of the custom schedule option. Fixed the issue.
      6. Support ID: 5402088 - In the 'VPN User Transaction' report, new column 'Source IP Address' added.
      7. Support IDs: 5377292, 5400991 - Few duplicate and unused i18n keys are removed.
      8. Support IDs: 5391699, 5399454 - ' Denied' log parsing issue for Juniper SRX and Netscreen devices fixed.
      9. Support ID: 17190 - 'Attack' log parsing issue for Sophos UTM device fixed.
      10. Support ID: 16319 - 'UserName' parsing issue for Fortigate device logs fixed.
    109. 12.4 Build 124044

      New features and enhancements :

      1. You can edit, rearrange and hide the default tabs in the horizontal menu.
      2. New custom tabs can also be added, edited, rearranged and deleted from the horizontal menu.
    110. 12.4 Build 124037

      New features and enhancements :

      1. Firewall Analyzer Standard Edition has been launched for SMEs with basic firewall log monitoring requirements.
      2. Firewall Analyzer Premium Edition is now renamed as Firewall Analyzer Professional Edition.
      3. Firewall Analyzer Distributed Edition is now renamed as Firewall Analyzer Enterprise Edition.
      4. Support ID: 5160784 - VPN report supported for Sophos UTM-9 device.

      Issues Fixed:

      1. Support ID: 5256108, 5266114 - Fixed Cisco ASA, Cisco Meraki device log parsing issue.
      2. Support ID: 5298823 - Fixed Sophos-XG550, Netscreen 6.3.0 r18.0 log parsing issue.
      3. Support ID: 5243703 - In custom schedule reports, row count restriction for PDF export removed.
      4. Support ID: 5364221 - While creating vdom device rule using credential profile, failed to update device credentials. Fixed the issue.
      5. Support ID: 5375112 - Export report failed, when the number of rows selected for custom reports is changed. Fixed the issue.
      6. Support ID: 5188524, 5209521 - 'Data-Crunch' message added as title in the device and interface live report graphs.
      7. Support ID: 5087229, 5273379 - Traffic conversation report displayed the total bytes value as 0, because of wrong unit conversion. This issue is fixed.
      8. Support ID: 5165994 - Cisco Firepower device was detected as Cisco device, due to some unsupported logs received from device. Fixed the issue.
      9. Support ID: 50191188 - In SNMP settings and Reports filter configuration pages, fixed the usability issues.
    111. 12.4 Build 124033

      Issues fixed :

      1. General: HTML Injection vulnerability issue in Google maps has now been fixed. (CVE-2017-11560)
    112. 12.4 Build 124025

      New device/log format support :

      1. Structured log format support for Juniper SRX.
      2. Log Event Extended Format (LEEF) custom log format support for PaloAlto.
      3. pfSense 2.5 version log format supported.

      New features and enhancements :

      1. Perform object definition level search in Policy Overview reports for any object/IP across existing rule set.
      2. Rule impact analysis enhancements:
        • Option to select custom blacklisted IPs (from file) in UI.
        • Object repetitiveness report for source, destination, and service objects.
      3. Device Rule page enhancements:
        • Option to add credential profile at the time of device rule configuration.
        • Unified the device rule configuration in Inventory device list and snapshot pages (Similar to the Settings page)
        • Device rule credential validation is made mandatory now using 'Validate' button.
        • Included validation status for rule and configuration commands
        • Change notification and schedule availability provided in the Change Management page.
      4. In the 'Search' reports page, CSV and XLS export options provided.
      5. In device and interface live traffic drill down pages, CSV and XLS options provided.
      6. Selected widgets can be exported as PDF or trigger an email(on-demand) from report pages.
      7. Search option has been provided for reports and inventory drill down pages. The same is also available in the respective expanded view page.
      8. Top 5 (Graph and Table), Top 10 (Graph and Table), Top 15 (Table only), Top 20 (Table only) options are provided in firewall reports and proxy reports.
      9. For easy navigation, 'Report' pages drill down can be expanded to full page instead of slide and the tabs are moved as left side menu in reports and inventory page.
      10. Selected report type will be retained as default for other selected devices.
      11. Option to show/hide filter section (log flow received, vendor and device-type) in 'Inventory' page.
      12. On demand PDF export of security audit page has been enhanced to look like the UI.

      Issues Fixed:

      1. The SQL injection vulnerability in 'SubmitQuery' page has been fixed.
      2. Support ticket ID: 4978071, 5148764 - Firewall Analyzer uses the secondary IP Address to export the configuration from SonicWALL devices. Fixed the issue.
      3. Support ticket ID: 5186465, 5169152 - Fixed Juniper SRX3400 , SRX4100 device rule parsing issue.
      4. Support ticket ID: 5251059 - Fixed PaloAlto (PAN-OS 8.0.16) device rule parsing issue.
      5. Support ticket ID: 5190721 - If the device has VDOM, Device (Physical-Device IP) not listed for SNMP configuration. Fixed the issue.
      6. Support ticket ID: 5160784 - Unable to update interface details if the interface-name contains .(dot) in it. Fixed the issue.
      7. Support ticket ID: 5200605 - No data in dashboard for a few FortiGate devices as the destination field contained junk characters. Fixed the issue.
      8. Support ticket ID: 5234629 - Port details are shown under 'Destination' column in reports, for SonicWALL firewalls. Fixed the issue.
      9. Support ticket ID: 5279308 - FortiGate firewall logs were dropped due to filename length limitation. Fixed the issue.
      10. Support ticket ID: 5339523 : Fixed Cisco object-groups parsing issue
    113. 12.4 Build 124024

      Issues Fixed:

      • General: Previously, when HTTPS was enabled in the WebClient, some unexpected loading issues were observed. This has now been resolved by upgrading the Tomcat version used in the product.
      • General: Scroll issue while listing custom dashboards has been fixed now.

      Vulnerability Fixes :

      • General: The 'local privilege escalation' vulnerability has now been fixed.
    114. 12.4 Build 124000

      Vulnerability Fixes :

      • JRE has been migrated to 1.8 and various vulnerabilities from JRE 1.7 have been eliminated. Highlights of JRE 1.8 migration:
        • General: Cipher algorithms AES-192 and AES-256 are supported in addition to AES-128 algorithm.
        • General: TLSv1.2 protocol is now supported by default.
    115. 12.3 Build 123324

      New device/log format support:

      1. Barracuda Next Generation Firewall (F-600 model) support.
      2. Cisco FirePOWER v6.3.0 and above with modified time stamp support.

      New features & enhancements:

      1. Rule management and compliance reports support with vendor API.
        1. PaloAlto.
      2. 'Rule Impact Analysis' functionality assesses the impact of a new rule, on the existing rules with anomalies, vulnerabilities and security threats analysis.
      3. On demand options available in UI for sending reports via email and exporting reports in CSV, Excel formats:
        1. For individual widgets.
        2. For all report pages and drill down report pages.
      4. New 'Tools' tab to help access the other network devices for availability check and basic monitoring.
      5. Change management configuration difference view has been enhanced to show clear information for PaloAlto and WatchGuard devices for XML format configurations.
      6. 'Custom time' option has been provided in 'Custom' report schedule section.
      7. 'Report type' and 'Report filter' options are moved from settings tab to reports tab for easy access.
      8. 'Resolve DNS' option has been moved from individual widgets into page-level in Firewall, Proxy and Custom report pages.
      9. A new list page is added under 'User-IP Mapping' table which shows the existing IP address or MAC address/User name details in the web UI.
      10. 'Edit Interface' now helps to change interface name and interface IP addess and sub-net mask are made optional.
      11. In AD user authentication, you can now configure scope to be auto-assigned to users logging in for the first time, when auto login is enabled.

      Issues Fixed:

      1. For PaloAlto devices, Active VPN Users reports details are not displayed properly.This issue is fixed.
      2. Fixed the NTP configuration parsing issue, for Huawei devices.
      3. Fixed the Sophos UTM device rule parsing issue.
      4. Fixed the log parsing issue, for Sonicwall Blocked URL report.
      5. When any report profile is edited or deleted the assigned report filters got deleted. This issue is fixed.
      6. Main Tabs are not selected properly while redirecting from other reports and some sub-tabs.
      7. Fixed parsing issues for Cisco management, SRX and pfSense logs.
      8. Fixed the vulnerability issue in Alarm Profile page, when 'Run Script' option is selected.
      9. 'View Report' is not displayed in the 'Imported Logs' page, for some imported logs in the list. Fixed the issue.
      10. Remote host log file import failed due to missing parameter in security.xml file. Fixed the issue.
      11. When 'Intranet settings' is configured for a device, unable to add two IP networks. Fixed the issue.
      12. 'All Reports' in Firewall/Proxy server reports page, instead of displaying only reports of all firewalls in 'Firewall Reports' page and only reports of all proxy servers in 'Proxy Server Reports' page, reports of all the devices. Fixed the issue.
    116. 12.3 Build 123309

      New device/log format support:

      1. Log Exporter (CEF format) support for Check Point devices (R-77.3, R-80.10 with Jumbo Hotfix and R-80.20 versions)

      New features & enhancements:

      1. On demand PDF export option in Web UI has been enhanced using PhantomJS.
        1. Page level PDF export with multiple widgets.
        2. Individual widget level PDF export.
        3. PDF export for all drill-down report pages.
      2. Rule management and compliance support using vendor API.
        1. Sophos-UTM.
        2. Sophos-XG.
      3. Rule management and compliance support using CLI.
        1. Check Point devices R-80.1 and above.
      4. Message framework guideline for proper usage of all features and configuration pages.
      5. 'Bytes' and 'Hits' details are added in the Dashboard Top 'N' widget reports.
      6. Quick links and Help cards added in Diagnose Connection, Report Filter, Customize Report, Rule Management reports and Settings pages.

      Issues Fixed:

      1. Fixed the improper error handling message shown for 'Test connection' action in 'Device Rule' configuration page.
      2. Multiple IP ranges can't be added in Intranet settings page. Fixed the issue.
      3. Linux installation users were unable to save "Nipper" location in User Config page. Fixed the issue.
      4. Unable to configure SNMP v3. Fixed the issue.
    117. 12.3 Build 123304

      Issues Fixed:

      1. General: Previously, validation of session failed when the URL contained two or more consecutive backslashes. This vulnerability has been fixed now.
    118. 12.3 Build 123281

      New features:

      1. Cisco FirePOWER - Firewall policy, rule analysis, and compliance report support using CLI to fetch configurations.
      2. To prevent vulnerabilities, Firewall Analyzer now verifies each request parameters type and value before it is processed.

      Issues Fixed:

      1. Support-ID: 4882018 - In Japanese installation, if 'Trend graph' report is exported, it displays the same graph for hourly and weekly comparison graphs. This issue is fixed.
      2. Cisco Meraki is discovered as 'proxy server' instead 'firewall' in Firewall Analyzer. This issue is fixed.
      3. When server side PDF export is set as 'All', it is not working. This issue is fixed.
      4. When 'Denied User Report' is drilled down from Dashboard, page is empty. This issue is fixed.
      5. Raw search result displayed in the UI is grouped based on the specified criteria.
      6. Quick links are added for 'Credential Profile' page.
      7. Quick links are added for 'Archive Encryption' page under Security settings.
    119. 12.3 Build 123277

      Issues Fixed:

      1. General : The SQL injection vulnerability in 'getDeviceCompleteDetails' and 'getAssociatedCredentials' API's have been fixed.
    120. 12.3 Build 123268

      Enhancements:

      1. Check Point device API based Compliance Standards report.
      2. For all drill down pages of Inventory and Reports, provided export as CSV and Excel option.

      Issues Fixed:

      1. Delete button alignment issue in Device Rule list page is fixed.
      2. In the 'Traffic Statistics' graph, one of the 'Protocol' groups was assigned with 'Grey' color and it was looking odd. Changed the color to fix the issue.
      3. Loading of 'Dashboard' pages was slow, removed unwanted resource checks to fix the issue.
      4. The 'Delete' option was hidden in individual rows in Imported Logs, Device-Rule, Exclude-Criteria, Credential Profiles and Archived Files list pages. 'Delete' option is displayed as button to fix the issue.
      5. Removed the 'Group Chat' icon in vertical tab of UI.
    121. 12.3 Build 123263

      New Device Supported:

      1. VarioSecure firewall.

      Enhancements:

      1. Automatic Security Audit report generation for Check Point (R-80.10 & above) devices using API.
      2. CLI based Policy analysis, Rule management and Compliance support for pfSense firewall s.
      3. Added Line & Bar graph options for device and interface Live reports.

      Issues Fixed:

      1. Support-ID: 4909346 - Fixed the Device Rule configuration failure issue, in HA mode of FortiGate with VDOM setup.
      2. Support ID 4909346: Fixed the issue of showing password in plain text, in the Device Rule submit response.
      3. Support ID 4919514: Fixed the issue of embed widget not working, in CCTV view.
      4. Support ID 4927087: New column added to display Cisco ACE hex code in Raw search results page.
      5. Support ID 4553065: Fixed Squid proxy server parsing issue.
      6. Support ID 4934078, 4950793: Fixed the issue of wrong client IP assignment for Cisco VPN.
      7. Fixed the issue of Scheduled Rule fetching failure for Check Point, due to CLI connection attempt.
      8. Huawei device change management reports are loaded with full configuration instead of changes alone. Fixed the issue.
      9. Added default exclude criteria for SonicWall devices to remove dynamic key updates as changes from Change Management Report. Fixed the issue.
      10. Displayed inputs in response when Assign Credential Profile to a device is saved. Fixed the issue by removing the inputs and displaying only status.
      11. Policy Overview Schedule list page displayed schedule details of all the devices. Fixed the issue to display the schedule details of only selected devices.
      12. Was able to configure SNMP for Unmanaged devices. Fixed the issue.
      13. When working hours is updated in Advanced settings, it was reflected in General settings. Fixed the issue.
      14. No criteria is displayed for Policy Overview Scheduled reports when report specific criteria is provided. Fixed the issue.
      15. For proxy devices Live Traffic is displayed in dashboard but not in Inventory page. Fixed the issue.
      16. Device display name changes are not reflected in alarms page. Fixed the issue.
      17. In Raw Search mail content PDF Report, Criteria value had extra details other than user configured criteria. Removed those unconfigured criteria and fixed the issue.
      18. Exception thrown when Diagnose connections page is clicked in Settings tab. Fixed the issue.
      19. In Settings > User Management > Add/Edit User > Device list page, the deleted devices are also listed. Fixed the issue.
      20. In Configuration Changes Mail Notification, Mail content has Disable link in the start of the mail. Moved the Disable link message to end of the Mail to fix the issue.
      21. In Reports > Custom Report > Edit & Save the existing report profile, the success message was displayed as 'Report added successfully'. Message changed to fix the issue.
      22. UI issue: Properly conveyed the new category addition for Cloud Repository.
      23. UI issue: Fixed the improper Header alignment in API Access page.
      24. UI issue: Fixed the image misalignment issue in Inventory > Users tab.
      25. UI issue: Fixed the irrelevant Status message shown, when Device Rule for a device is deleted.
      26. UI issue: Fixed the issue of custom widget addition for Live Traffic without selecting a device, by ignoring the status message.
      27. UI issue: Fixed the issue of no redirection to reports page when the 'Unknown' user is clicked in Inventory > Users tab.
      28. UI issue: Added the missing 'Security settings' option in Admin server.
      29. UI issue: When device configuration fetching is in progress, other tabs cannot be accessed. This issue is fixed.
      30. UI issue: When no Firewall/Proxy was added, link to add device is displayed in Reports tab. Fixed the broken link issue to direct it to Getting Started page.
      31. UI issue: Settings tab, System sub-tab selection is not proper, while selecting Working Hours option. Fixed the issue.
      32. UI issue: Due to pagination, in Rule Management page the 'Export to Excel' option was hidden. The issue is fixed to display the option.
      33. UI issue: Remove the unwanted horizontal scroll displayed in Compliance > Standards > Schedule option.
      34. UI Change: Column header changed from 'SRC/DST Interface' to 'SRC/DST Zone' for Huawei devices in Policy Overview page.
      35. UI Change: In menu hover option, configured custom reports are displayed.
      36. UI Change: When a device is deleted from the Inventory page, 'Please wait...,' message is displayed.
      37. UI Change: Proper Enable/Disable SNMP configuration message is displayed in device snapshot page.
      38. UI Change: Graph misalignment with table is aligned in Policy Optimization page.
      39. UI Change: New help page links provided for Syslog server, Manual DNS and Security Audit report pages.
    122. 12.3 Build 123239

      Issues Fixed:

      1. General : There was an SQL injection vulnerability in the Alarms section. This issue has been fixed. (Refer: CVE-2018-20338)
      2. General : In Alarms, there was an XSS vulnerability in the Notes column. This issue has been fixed. (Refer: CVE-2018-20339)
    123. 12.3 Build 123237

      Issues Fixed:

      1. General : XSS vulnerability issue in domain controller has been fixed. (Refer: CVE-2018-19921)
    124. 12.3 Build 123231

      Issues Fixed:

      1. General : Apache's 'commons-beanutils' jar has been updated to version 1.9.3 due to 'Remote Code Execution' vulnerability in an older version. (Refer: CVE-2018-19403)
      2. General : Unauthenticated access to 'DataMigrationServlet' has been fixed. (Refer: CVE-2018-19403)
      3. General : The 'Browser Cookie theft' vulnerability has been fixed.
    125. 12.3 Build 123224

      Issues Fixed:

      1. XML External Entity Injection Vulnerability is fixed, while importing Custom Report/Alert profile.xml (Refer: CVE-2019-11677)
      2. Cross Site Scripting Vulnerability is fixed, while adding User defined DNS name. (Refer: CVE-2019-11676)
      3. Support-4811677: Raw Search returned no data if search period is more than a month. This issue is fixed
    126. 12.3 Build 123223

      Issues Fixed:

      1. In the Inventory Snapshot page, the pie chart had a legend status color mismatch. This issue has been fixed.
      2. The XSS vulnerability issue in updateWidget API has now been fixed. (Refer: CVE-2018-19288)
    127. 12.3 Build 123222

      Issues Fixed:

      1. Security vulnerability: SQL injection vulnerability in Mail Server settings has been fixed. (Refer: CVE-2018-18949)
    128. 12.3 Build 123218

      New Log Format Supported:

      1. Barracuda Email Security Gateway

      New Features and Enhancements:

      1. Policy/Rule analysis, compliance report support and fetching configuration using firewall vendor API
        • Check Point devices
      2. Policy/Rule analysis, compliance report support and fetching configuration using CLI
        • Vyatta firewalls
        • Huawei firewalls
      3. Added 'Tray' Icon for Windows installation to start, stop, and get status of Firewall Analyzer.
      4. Changed 'Support' tab look and feel.
      5. New widgets 'Active VPN Users' and 'VPN User Session Details' are added under VPN tab of Inventory Device drill down page.
      6. Quick links and Help cards provided for Discovery and Search reports.
      7. Selected 'Time Period' retained in all drill down snapshot reports, after zooming the time in live traffic widget.
      8. Enterprise Edition data exchange between Admin and Collector servers made secure for each requests and response.
      9. Firewall Analyzer startup time optimized; Made the internal modules to start in parallel.
      10. 'Raw Settings' page moved to 'Search' tab from 'Settings' page to avoid shuffling between tabs.

      Issues Fixed:

      1. SQL Injection vulnerability in Firewall Analyzer default reports has been fixed. (Refer: CVE-2019-11678)
      2. Support ID: 4795348 - Change Management report for SonicWALL displays user names, who do not have access to firewall configuration. Fixed the issue.
      3. Cisco-Meraki log parsing issue fixed.
      4. Log parsing of Sophos and Cyberoam devices tuned to handle more log rate.
      5. Occasionally, 'Raw Tables' are not split properly, when log rate is high. Fixed the issue.
      6. In 'Rules Report' page, if the number of rows is less than 10, the CSV, Excel export option is missing. Fixed the issue.
      7. SNMP settings page is not closed automatically on successful configuration from 'Inventory' snapshot and list page.
      8. Fixed the issue of removing unnecessary API calls when criteria based 'Search' reports is loaded.
      9. Fixed the issue of table border misalignment for all the report table grids.
      10. Fixed the issue of headers for PaloAlto and NetScreen devices in 'Policy Overview' report by changing the 'Source Interface' & 'Destination Interface' headers to 'Source Zone' & 'Destination Zone'.
      11. When 'Only on Week Days' option is selected in 'Daily-Schedule', it was not working. This issue is fixed.
      12. 'Policy Overview' tab name changed.
      13. 'Unused Rule' header name changed.
      14. In 'Remote Host' option of 'Import Logs' page, the selected file is not getting marked. This issue is fixed.
      15. Fixed the issue of device name display in 'Live Traffic' widget even after the device is unselected.
      16. Fixed the issue of unrestricted 'Save' in 'Live Traffic' widget, if no device is selected.
      17. Fixed the issue of 'Icon' only option for horizontal menu change is not working in Central-Server.
      18. Fixed the issue of empty 'Standards' page, when the status of all firewall devices is 'UnManaged'.
      19. When 'Intranet Settings' is saved without any criteria, instead of alert message, it is getting saved. Fixed the issue to show alert message.
      20. In the 'Inventory - Device' detail widget, page redirection happens only when text is clicked. Fixed the issue for page redirection when clicked anywhere in the device row.
      21. Fixed the issue of missing 'On Demand' column header in 'Device Rule' settings page.
      22. Fixed the issue of missing tool tips for few icons.
      23. For Windows firewall, UDP port unblock rules added for Syslogs packets.
      24. For Windows firewall, TCP port unblock rules added for Telnet and SSH.
    129. 12.3 Build 123208

      Enhancement:

      • Menu hover feature helps to access all sub tab options without the hassle of navigation.
    130. 12.3 Build 123197

      New Device Supported:

      • F5 firewall device.

      New Features & Enhancements:

      • Horizontal menu bar made as default.
      • 'Add-Device' menu added to export Syslogs from firewalls.
      • SSH or Telnet based 'CLI terminal' to access firewalls from Firewall Analyzer.
      • 'Getting Started GUI' to guide the user to add devices and reports.
      • 'Quick links' and 'Help cards' for settings and report pages.
      • For trial and registered users, 'Live Chat' facility to contact sales-engineering team.
      • Introduced 'Password Policy' configuration for user management.
      • Login page customization for rebranding custom images.
      • In all report pages, optimized alignment of widgets.
      • Firewall Analyzer users can set their default menu bar (horizontal or vertical) using 'Menu Bar' menu.

      Issues Fixed:

      • Support ID: 4502293 - Fixed the issue of failure to fetch the device rule for Fortigate Vdom, because 'Pager' command was not working.
      • Support ID: 4502293 - Fixed the issue of failure to display of rule management reports for Vdom firewalls.
      • 'Select Policy' menu not working properly in Firefox browser. Fixed the issue.
      • Fixed the drill down issue in 'Dashboard - Security - Top N Attacks by Hits'.
      • Single device and all devices selection not working in 'Short summary' page of 'Inventory' device lists. Fixed the issue.
      • If the widget subtitle contains 'drill down link' - we need to provide the drill down/redirect to inventory action, when we click the link alone
      • In the 'Inventory - Short summary' page, 'Create Report/Alert Profile' tabs missing, navigating after add or edit from the 'Intranet, Exclude Host, Availability Alert' pages. Fixed the issue.
      • Minor UI enhancements in 'Inventory' page.
      • In the Firewall Analyzer - Distributed Edition - Admin Server, when a firewall was deleted, there was no processing message shown. Fixed the issue to show firewall delete processing message.
      • 'Delete widget' was not working in the 'Reports - Standard Report' page. Fixed the issue.
      • In the 'Inventory - Devices - Protocols' page, 'Protocol identifier' options were missing. Fixed the issue.
      • In the 'Active VPN Trend Report' page, Y-axis values were not displayed properly & was throwing NullPointerException while drill-down. Fixed these issues.
      • In the 'Device Rule, Exclude Criteria, Protocol Groups, Device Groups, Intranet Settings, Cloud-Repository, Exclude Hosts, SNMP settings, Alarm Profiles and User-IP Mapping (DHCP, AD/Proxy, Manual Mapping)' pages, to edit an entry you have to click on it. Now a proper 'Edit' icon is provided for each entry.
    131. 12.3 Build 123194

      Enhancement:

      • Firewall Analyzer now extends customization options to the login page. You can now choose to show/hide the copyrights and also change the background to an image of your choice.
    132. 12.3 Build 123182

      Issues Fixed:

      • When Alarm profile is exported, alarm profile created by other users is not available in the xml file. This issues is fixed to show all profiles.
      • When syslog is imported, the IP address of the device was updated with link-local IP. Now the device is added with local IP.
      • Device rule configured firewall is listed as first resource in drop down of configuration related reports. This issue is fixed.
      • In Policy Overview page, drill down on some of the services showed no data. This issue is fixed.
      • SMS Setting shows 'Not Configured', even after 'SMPP' or 'SMS Gateway (Clickatell)' is configured. This issue is fixed.
      • Unknown protocol report drill down showed sent and received as kilobytes (KB), where as it is in bytes. Changed the header to fix this issue.
      • When the Report Profile is edited, 'Run on Week Days' could not be selected. This issues is fixed.
      • If schedule for Search Report is created, it did not get added properly. The issue is fixed.
      • In the Device Detail page, executed report profile details are not displayed. The issue is fixed.
      • Support ID: 4594278 - Raw Search result page sorting not working. Fixed the issue.
      • When Working Hour is configured, ranges like 8-12,15-18,19,20,21 were not allowed. The issue is fixed.
      • Assigning Credential Profile without selecting a profile was not throwing any error. This issue is fixed.
      • If only Traffic Log is selected, raw search was not allowed. Fixed the issue.
      • In Standards > Edit Settings page, after editing when Save button is clicked, page refreshes and goes to different device. This is fixed.
      • In the Inventory snapshot page, device edit slide comes over user settings page.This issues is fixed.
      • 'All device' option for 'operator' user in Snapshot page has been removed.
      • In the Collector list page, if any action is performed, the page will be refreshed automatically.
      • In the Inventory > Users list page, 'username' search was not working. This issue is fixed.
      • In the Alarms page of Operator user, Close icon-title is not shown properly on hover. This issue is fixed.
      • Free license text is removed from the DE Alert image.
      • For 'Operator' user, Support page icon was not working. Fixed the issue.
    133. 12.3 Build 123179

      Issues Fixed:

      • Previously, the upgradation to build 123158 and above caused network interruptions in Windows 7 & 2008 R2. The issue is fixed now.
    134. 12.3 Build 123177

      Enhancements :

      • Support - 4709829: Added SSH protocol to fetch WatchGuard firewall configuration.
      • In Anomaly alert criteria page, a help message 'CIDR and CSV formats are allowed' has been added to Source and Destination fields.
      • When Report Profiles are created, removed unnecessary API call to improve UI performance.
      • In Cloud Services page of Inventory, 'Add repository' option is provided.

      Issues Fixed:

      • Support - 4669580: SNMP based Live Report of PaloAlto devices was not working properly. This issue is fixed.
      • Local File Inclusion vulnerability is fixed.
      • Device drill down from Policy Optimization page of Dashboard was not working. The issues is fixed and redirected to Optimization page.
      • In Firewall Live Traffic widget of Inventory page, when 'Gbps' is selected as unit, the values shown were not accurate. The issue is fixed to plot the graph with granular values.
      • Alarm Profile notification option 'Run As Script' didn't accept arguments. The issue is fixed.
      • Support - 4623647: In Import Log page, Local Schedule option was not shown even when the client can be accessed from localhost.
      • Support - 4697639: In Fortigate syslog, VPN close log has duplicate entry which led to incorrect data. Handled it to fix the issue.
      • Support - 4723997: Traffic Trend Report graph was not plotted in order. This issue is fixed
      • Support - 4732194: Syslog port details were not shown properly in Device Details Page of Settings tab. The issue is fixed
      • Support - 4566694 : When a PaloAlto Rule Name contains 'index' value, wrong unused rule list is displayed. The issue is fixed.
      • Support - 4707871: Checkpoint VPN log parsing issue is fixed.
      • In MSSQL setup, Yearly table drop was not proper. The issue is fixed.
      • When extra device license was applied in the product, the manage and unmanage actions couldn't be performed till user restarts the product. This issue is fixed.
      • Header of SMS notification in Alert Profile page changed from 'Send Email based SMS' to 'Send SMS' to avoid misunderstanding.
      • In the Report Profile Notification page, a message "Use comma ',' separator for multiple mail ids" has been added for clear understanding.
      • Edit and Save Report Profile action returned wrong status message. The issue is fixed to show proper status message.
      • While saving Compliance Report Schedule, there was no status message. This issue is fixed to show the status message.
    135. 12.3 Build 123169

      Issues Fixed:

      • Security vulnerability: Cross site scripting(XSS) and arbitrary file read vulnerability in Fail Over has been fixed. (Refer: CVE-2018-12997CVE-2018-12998)
    136. 12.3 Build 123164

      New device supported:

      • MikroTik

      New features:

      • Simulate firewall logs - You can simulate firewall logs for different vendors to check all the reports in Firewall Analyzer. Log simulation is available for Fortigate, PaloAlto, CheckPoint, Juniper SRX and Squid Proxy devices.

      Enhancements:

      • Added more than 3000 websites to the Cloud Repository.
      • Option to plot Dashboard Live traffic graph in 'Kbps/Mbps/Gbps' is available.
      • Support ID: 4598454 - Updated IP to Country database.
      • Support ID: 4573349 - When you import syslog, you can map the logs to the existing device.
      • Support ID: 4590527 - Export to CSV format option is available for expanded view of all 'Inventory' page widgets.
      • 'Admin Report' for PaloAlto available. It covers details of user login, log out, and commands executed.
      • Auto refresh option provide to 'Live Syslog Viewer' page.
      • Mail content format enhanced for scheduled 'Standards' report.
      • Additional tabs Bandwidth, Sites, Apps, and VPN are added in 'Device' inventory snapshot page for better access.
      • License count, number of managed devices and remaining devices count now available under ' License Management' page.
      • Now 'bps' value is formatted to readable format in Bandwidth Alert mail content.

      Issues Fixed:

      • Support ID: 4588018 - While creating Alarm profile, configuring more than 50 criteria makes the page unresponsive. This issue is now fixed.
      • Refresh option in 'Dashboard Live Traffic' widget was not working. Now the issue is resolved.
      • AD User-IP Mapping had two entry for an user with Old and New IP. The duplication issue is rectified now.
      • Support ID: 4579510 - Incorrect Rule Name was shown for Zyxel firewall. This issue is now fixed.
      • Support ID: 4480507 - Invalid Byte Sequence Error while loading FirewallRecords table is fixed.
      • While parsing Sonicwall configuration, network objects with IP-range and IPv6 objects were not handled properly. It is fixed now.
      • Finding 'Unused Objects' from configuration file had discrepancy. Now it is rectified.
      • In Japanese Installation, when logs are imported, reports were generated for current time instead of log time. This issue is resolved.
      • 'Edit Interface' & 'Edit Interface Names' were not working, when edited for the second time. This issue is now fixed.
      • Occasionally, the 'Inventory' page became empty when 'Back' icon was clicked. This issue is now resolved.
      • Even after changing display name of Firewall, ' Resource Name' was displayed when user was added from User Management page. Now the issue is fixed to show the device list with display name while assigning device.
      • When Credential Profile was edited, the 'Email' field became empty. Now the issue is fixed to show the given Email Id in that field.
    137. 12.3 Build 123156
      • License Agreement has been updated.
      • Promotions related to ITOM Events will be displayed in the UI header after login.
    138. 12.3 Build 123151

      Issues Fixed:

      • In Group Chat Module, "Operator" user was not restricted from viewing the list of users, their User ID and Email addresses. This issue has been fixed.
      • EncryptPassword.bat has been removed due to DOS attack.
      • Path Traversal vulnerability in uploadMib API has been fixed (Reported by Pulse Security).
    139. 12.3 Build 123137

      New features:

      • Introduced 'Audit Report' for all add, delete, and update actions done by Firewall Analyzer user. All the user actions are logged.
      • Option to search personal information like Email, phone number and user name across the product and replace them with another user is available under 'Privacy Settings'

      Enhancements:

      • 'Security Audit Report' is now available in PDF format. You can export the report in PDF format from client.
      • Disclaimer added in exported PDF & CSV to convey availability of Personally Identifiable Information (PII) of GDPR.

      Issues Fixed:

      • Option to add new Custom Report was not visible in UI. Now the issue is fixed.
    140. 12.3 Build 123129
      • Path Traversal vulnerability in uploadMib API has been fixed.
      • The RemodeCodeExecution(RCE) vulnerability occurring while testing scripts has been fixed.
      • The SQL injection vulnerability in "FailOverHelperServlet" for the operation 'standbyprobestatus' has been fixed.
      • The SQL injection vulnerability in "FailOverHelperServlet" for the operation 'getprobenetworkshare' has been fixed.
      • In Group Chat Module, "Operator" user was not restricted from viewing the list of users, their User ID and Email addresses. This issue has been fixed.
      • Previously, "Operator" user was not restricted from viewing the URL monitors in the Inventory Page. This issue has been fixed.
      • Previously, "Operator" user was not restricted from being able to modify the background color and the tile color in the 3D floor view page. This issue has been fixed.
    141. 12.3 Build 123126

      Admin Server

      • Enterprise edition for 12.3 version
      • Data Migration tool for enterprise edition 8.5 customers to upgrade to 12.3

      Standalone/Collector Server

      • Compliance reports and Policy/Rule Management support for WatchGuard device
      • Compliance reports and Policy/Rule Management support for SonicWALL device.
      • Policy/Rule re-order report for PaloAlto device
    142. 12.3 Build 123092

      Enhancements

      • Default reports enhanced with drill down option to second and third level. Particularly for 'Unknown Protocols', you can drill down up to raw log level.
      • 'End User' feature moved to 'Firewall Inventory' tab. You can get 'End User' details from 'Users' Tab.
      • 'Rule Management' and 'Compliance Reports' files stored in Firewall Analyzer server directory are encrypted now.
      • User information is encrypted at the database storage.
      • 'CSV Export' option is available for 'Rule Management' reports.
      • 'Scheduled Report' mail format is enhanced to show properly aligned mail content.
      • Support - 4458020: In 'Change Management' report, new column has been added to show the IP address of user from which he did configuration changes.
      • Support - 4429668: 'Admin' report is available for Huawei Firewall. You can view user login, logout and command executed reports.

      Issues Fixed

      • Support - 4477638: Fixed the issue of incorrect data shown in 'Policy Optimization reports' for some PaloAlto devices.
      • Support - 4519337: Fixed the issue of not fetching configuration files from SonicWALL firewalls due to incorrect SCP command.
      • Support - 4497009: Fixed issues in 'Denied Events' and URL log parsing for Juniper SRX devices.
      • Support - 4510780: Fixed the issue of wrong time period shown in i-Filter reports data, due to non-processing of time stamp available in the logs.
      • Support - 4496764: Fixed the issue of mismatch in rules count of unused rules and total rules displayed for some PaloAlto firewalls.
      • Issue - 126991: In PaloAlto firewall 'Policy Overview' page, no data was displayed when clicked on some source and destination objects. This issue is fixed.
      • Fixed the issue of no data display in 'Total Bytes' column in Trend Micro device reports, due to non-processing of byte value available in the logs.
    143. 12.3 Build 123083

      Enhancements

      • Dashboard loading has been revamped and optimized for better performance.
      • In the Login page, iPhone/Android and iPad application download links have been included.
      • License expiry information in header had a few alignment issues. This has now been fixed.
      • User Icon with product details and about information has been moved to right top corner.
      • In the Inventory page, product based tabs have been moved horizontally.
      • Sign out option has been moved from Quick links to User details menu.
      • Support icon has been added for (Mail, Apply license, phone number, SIF, User guide, Videos, Service pack, ThreadDump, DB Query & view Logs) links.
      • In support page, the Query page under DB Query will be opened in a new window without ember.
    144. 12.3 Build 123064

      Enhancements

      • Provision to configure each device in the Inventory itself. For a single device, you can configure Report, Alert, Device Rule, and SNMP in one place.
      • Ad-hoc reports are listed in the drill down page of 'Device' under Inventory.
      • 'Device' summary widget under Inventory, is enhanced to show more device configuration options.
      • Cloud Control Repository updated and new services added.
      • 'No Data' message will be displayed in widget header, if a widget has no data to display. If the widget has data, total number of rows will be displayed.
      • Reduced the 'Inventory' page loading time.
      • By default, indexing enabled for Security Logs.
      • Support Id: 4400799 - New widget added under drill down page of 'Cloud Control'. The widget shows all source IP addresses, who accessed the corresponding 'Cloud' service.

      Issues Fixed

      • Support Id: 4223153 - Bandwidth Alert profiles created with criteria 'mbps' were not working. This issue is fixed.
      • Support Id: 4223153 - URL report, date and priority parsing issues of pfSense firewall is fixed.
      • Support Id: 4275699 - When one Juniper SRX device was added it was displayed as two devices. This was due to absence of firewall name in some syslogs. This issue is fixed to show it as a one device.
      • Issue Id: 124479 - Earlier user couldn't edit the report filter while creating 'Report Profile'. Now 'Edit' option provided for the report filters to fix the issue.
      • Issue Id:126112 - After selecting custom time period in 'Inventory' drill down page, the end time was not shown properly. This issue is fixed.
      • Issue Id:126077 - In 'Add Credential Profile' page, 'Device Type' option is moved up near 'Protocol' for better accessibility.
      • Issue Id:126332 - In 'Device Rule' list page, sorting of any column, removed 'Fetch Rules' and 'Security Audit Report' icons. This issue is fixed.
    145. 12.3 Build 123057

      Vulnerability fixes

      • DDI-VRT-2018-02 – Unauthenticated Blind SQL Injection via /servlets/RegisterAgent
      • DDI-VRT-2018-03 – Unauthenticated Blind SQL Injection via /servlets/StatusUpdateServlet and /servlets/AgentActionServlet
      • DDI-VRT-2018-04 – Multiple Unauthenticated Blind SQL Injections via /embedWidget
      • DDI-VRT-2018-05 – Unauthenticated XML External Entity Injection via /SNMPDiscoveryURL
      • DDI-VRT-2018-06 – Unauthenticated Blind SQL Injection via /unauthenticatedservlets/ELARequestHandler and /unauthenticatedservlets/NPMRequestHandler
      • DDI-VRT-2018-07 – User Enumeration via /servlets/ConfServlet.
    146. 12.3 Build 123052

      Issues Fixed

      • Issue: The possibility to fetch user details through ConfServlet has been fixed and is secured now.
    147. 12.3 Build 123045

      New device/log format support

      • Support Id: 4385377 - i-Filter Version10 device logs support

      Enhancements

      • System settings (General and logging) page added for Firewall Analyzer module to enhance the customization
      • Drill-down, from graph, for all reports along with table values
      • Labels for the reports graph for X and Y axis are shown
      • Custom time period has been shown properly in Inventory, Reports, Standards and End-Users reports based on earlier time selection
      • Inventory snapshot start-time and end-time shown for all time periods under clock icon
      • Filter option provided for source in live Syslog viewer

      Issues Fixed

      • Issue Id: 122137 - Missed internationalization keys in Compliance Standard Reports fixed.
      • Issue Id: 123950 - Non-internationalized Total & other key are internationalized in Firewall reports.
      • Issue Id: 125439 - Disabling VDOM in User Config option deletes all device rules configured.
      • Issue Id: 125440 - Newly supported 'Device Rule Vendor' list added in Credential Profile page.
      • Issue Id: 121670 - Log Level debug settings for logger-name not handled.
      • Issue Id: 125070 - Graph Unit is not internationalized in snapshot widget header.
      • Issue Id: 123955 - 'No Data' string in some graph is not internationalized.
      • Issue Id: 123859 - Live Report drill-down didn't pass proper time-range.
      • Issue Id: 125582 - While sorting the column in table data leads to table empty in Traffic Trend report.
      • Issue Id: 125598 - Getting 'NullPointerException' in weekly trend comparison reports page.
      • Issue Id: 125456 - Getting 'NullPointerException' while parsing SonicWall logs.
      • Support Id: 4343907 - Data movement to data tables isn't working due to large duration value in few Syslogs in SonicWALL device.
    148. 12.3 Build 123027

      Enhancements

      • The 'Automatic/On-click/No lookup' options of Resolve DNS in global settings synchronized for all widgets.
      • Two more SMS service Clickatell and AppSMS supported to send SMS notifications for 'Alarms, Configuration changes, and Availability Alerts'

      Issues Fixed

      • 123396 - If dashboard data is with '\', in its drilldown page data is shown without '\' . The issue is resolved to display it properly.
      • 121669 - When Traffic Conversation Table in Interface drilldown page is expanded, it was displaying only top 10 rows. Issue fixed to display complete data.
      • 123760 - In CCTV view, Operator can view unauthorized device's Live Traffic. Issue is fixed by hiding it.
      • 122774 - In one of the 'Proxy Reports', when Search icon is clicked, empty page was displayed. Issue fixed to display appropriate page.
      • 123955 - 'No Data' message not internationalized in some graphs, issue fixed by internationalizing it.
      • 122298 - In dashboard traffic and security statistics report, when Search icon is clicked, empty page was displayed. Issue fixed to display appropriate page.
      • 124212 - 'In' & 'Out' legends in Device Summary graph were not internationalized, issue fixed by internationalizing it.
      • 121712 - Fixed memory handling issue, during user association and manual IP mapping when device is deleted.
      • 123826 - Fixed an issue in reimport option of manual IP mapping.
      • 120736 - Fixed issues in FWA Availability alert page UI and Disable notification link in the alert notification mail
      • 122140 - Fixed an issue in script error handling, when a schedule is added for Compliance report without selecting any type of standards.
      • 125095 - In standard compliance reports, if clicked to drill down the report, the table values are not displayed. Fixed the issue for table value display.
      • 125093 - User with '\' character could not be added, for 'End Users' reports. Fixed the issue to add user.
      • 123942 - There was an UI alignment issue in NetFlow widget populated in OpManager's End Users report. Fixed the issue to align the UI.
      • 122493 - In the dashboard, snapshot view of Cloud Users report, fixed the issue of missing 'Expand View' icon.
      • 124899 - Fixed the issue in Disable notification option of the change management alert notification mail.
      • 124613 - When TLS option was configured in Mail Server settings, mail notifications for alerts were not sent. Fixed the issue to send mails.
      • 124090 - Fixed the misalignment issue in Policy Overview report table. This was for MS SQL database.
      • 122970 - When a new report type is added with the existing name, 'Success' message is displayed. Fixed the issue to display 'Failed' message.
      • 125067 - Fixed the issue to populate rule details of SRX devices, when the configuration file is not having network object details.
      • 125059 - In the 'Unused Rules' report of 'Rule Management', the resource criteria is not applied properly. Fixed the issue to apply the resource criteria properly.
      • 4245966 - In FWA, log entries for unsuccessful console login attempt on Cisco ASA devices are not there. Fixed the issue to get entries.
      • 4206352 - Issue, in SonicWALL log parsing for protocol, is fixed.
      • 4086698 - All the IPs are not getting resolved into names, when 'Resolve DNS' is set to 'Automatic'. Fixed the issue to resolve all IPs.
      • 4250080 - When scheduled PDF report page count is more than 100, the total page count in PDF footer was not proper. Fixed the issue for proper page count.
      • 4300246 - Fixed the out of memory error generated when change management report was accessed.
    149. 12.3 Build 123008

      Issues Fixed

      • Device rule configuration using SCP protocol was not functioning in build 12300. Now this issue is fixed.
      • Sometimes, SRX marked as unsupported device, if Firewall Analyzer receives unsupported log as the very first record. Now, wait time is added to check more received logs to avoid unparsed error.
      • System performance and custom dashboard view were missing when logged in for the first time. Now the issue is fixed and the user can view both.
      • Editing widget "Top N Hosts by Traffic" and selecting Protocol under category makes the widget to show data of protocol-group by traffic. Now, the issue is fixed by showing Protocol-Group instead of Protocol in dashboard widget - edit section.
      • 'Live Syslog Viewer' status shown as 'undefined' when we do continuous refresh. Now the status message handling issue is fixed in the server side to show proper status in the UI for continuous refresh.
      • Increased the data dumb volume from base table 'Firewall Records' to next level data table for database performance increase.
      • Inventory Interface snapshot traffic conversation report's last row was not shown properly in UI. Now the issue is fixed and the report loads the data properly.
      • Graph units option provided in the Inventory LiveReports page was not in proper sequence. This is issue is fixed and the units are now shown in proper order like kbps,mbps and gbps.
      • When the user selects all predefined reports while creating a report profile, received PDF shows all the reports name in the home page without proper alignment. Now, Alert Message added for Report Profile reports selection

      New Features

      • Previously, there was no option to view the selected time-period of each dashboard widgets. Now, sub-header details will be shown in each widgets with device information along with time-period applied.
    150. 12.3 Build 12300

      New Devices/Log Formats Supported

      • Trend Micro IWSVA 6.5
      • Palo Alto VPN logs
      • FortiGate Management logs
      • Juniper SRX Management logs
      • SonicWall IPSec VPN logs
      • New easy to use revamped web client

      New Features

      • 'Insider Threat' reports to track internal user's cloud application usage
      • Drill down for all dashboard reports
      • Exclude IP/IP range/network from reporting
      • URL and VPN reports for Inventory report user drill down
      • Live report for Proxy servers
      • Live report drill down for device and interfaces from Inventory
      • Interface Live Traffic widgets in Custom Dashboard
      • End User widgets in Custom Dashboard
      • Anomaly Alerts based on Country
      • User specific reports for Proxy servers
      • Option to export report as CSV on demand
      • Option to use Management IP address to fetch device configuration
      • Option to configure 'Row Count' for on-demand PDF/CSV report export
      • More reports for Rules in Device snapshot
    151. 12.2 Build 12200

      12.2 - Build 12200 - Standalone Edition

      The general features available in this release are:

      New Features

      • Firewall Analyzer is integrated with OpManager
      • New easy to use revamped web client
      • Schedule option for Interface live report

      New Device/Logs/Reports

      • WebMarshal Proxy Server
      • Juniper-SRX - VDOM logs support
      • McAfee - SideWinder Firewall
      • i-Filter Proxy Server
      • PfSense open source firewall

 

A single platter for comprehensive Network Security Device Management