June 2020
June 11, 2020
Additional filters on Flow Explorer
Filter traffic flows by custom tags used by the assets and the services used by the traffic flows.
Select multiple groups and enforce Access policies
Select multiple Workload groups, Network groups, Endpoint groups, and Domain groups as source (Accessor entity) and destination (Protected entity) when you create Access policies.
The Access policies page and the workflow to create Access policies uses new terminologies - Source for Accessor groups and Destination for Protected groups.
New-look Agent download page
The Agent download page on the Xshield UI is redesigned to make agent downloads more intuitive. The View Installation Details link displays the list of all OSes on which Xshield agents can be installed.
Pre-defined list of public and private subnets to create Network groups
On the Assets & Groups > Network Groups page, use the ColorTokens-curated list of well know Public and Private subnets to create Network groups quickly.
June 6, 2020
Upgrade CTBridges from the Xshield UI
Upgrade the software for CTBridges from the Settings > Configure > Appliances page. The last Two versions (latest Two releases) of the CTBridge software are listed on the Settings > Agent & Downloads > CTBridge Appliance Updates page.
Upgrading a CTBridge interrupts some or all of the services on the CTBridge depending on the nature of the upgrade, until the upgrade is complete. Remote users and L2 devices may be disconnected from the Xshield-protected network and CTBridges in the Agent Proxy mode may begin to cache the telemetry data until the upgrade is complete and their services start again.
Alerts for CTBridges
Alerts are generated for CTBridges when management actions are performed on them and when they get disconnected from the Xshield tenant. Enable these alerts on the Settings > Configure > Alert Config page.
| Alert name |
When they are generated | Frequency |
| Remote access connections from CTBridges |
when remote users connect to the Xshield-protected network through a CTBridge in the Secure Remote Access (SRA) mode when remote users connected through a CTBridge in the SRA mode disconnect from the Xshield-protected network |
every time a remote user connects to or disconnects from the Xshield-protected network |
| CTBridge software upgrade |
when CTBridges (in Agent Proxy, L2, or SRA modes) are upgraded from the Settings > Configure > Appliances page |
every time a CTBridge is upgraded |
| CTBridge reachability |
when CTBridges (in Agent Proxy, L2, or SRA modes)are unable to connect with the Xshield tenant and go 'Offline' on the Settings > Configure > Appliances page when CTBridges connect back with the Xshield tenant and go 'Online' |
every time a CTBridge disconnects and connects back with the Xshield tenant |
| CTBridge deletion |
when CTBridges (in Agent Proxy, L2, or SRA modes) are deleted from the Settings > Configure > Appliances page |
every time a CTBridge is deleted |
| CTBridge operational status |
when CTBridges (in Agent Proxy, L2, or SRA modes) are disabled from the Settings > Configure > Appliances page when CTBridges (in Agent Proxy, L2, or SRA modes) are enabled from the Settings > Configure > Appliances page |
every time a CTBridge is enabled or disabled |
June 4, 2020:
Configuration knobs for Asset discovery and Asset traffic for monitoring AWS customer accounts
Optionally enable or disable Asset discovery and Asset traffic when you add AWS customer accounts for monitoring from Xshield. At this point in time, to revert the Asset discovery and Asset traffic settings, you must delete and re-add the customer account.
June 1, 2020:
Enhancements to the Executive Security report
The following enhancements are made to the Executive Security report:
-
Threat analysis - total number of suspicious connections in your network, percentage of high risk and trustworthy connections, top Four attack tactics and top Three attack types by using the tactics, seen in your network, top Four attack tactics and top Three attack types by using the tactics, seen in your network, and top Four countries of origin of threats and top Three attack types from those countries, seen in your network.
-
Risk analysis - top Four probable threats on the assets, total number of assets protected by Xshield and the number of open ports and vulnerabilities on them, tentative (TCO) to manage the assets (with the current list of open ports and vulnerabilities) on Xshield, and tentative TCO to manage the assets (with the same list of open ports and vulnerabilities) by using traditional VLAN and Firewall solutions.
This report should be generated on-demand and can be downloaded as a PDF, from the Reports page.