Announcing indeni 5.2: Palo Alto Networks beta, improvements and bugfixes

Welcome 5.2!

In this release we’ve included many improvements to the underlying infrastructure and bugfixes, as well as kicked off the beta for our support of Palo Alto Networks firewalls. Please reach out to our support team to get the updated release. Note that between minor releases (such as 5.1 and 5.2) we make interim releases with new content and bugfixes on a weekly basis. You may have received a previous release of 5.2, which we recommend you upgrade to the newest one announced today.

New products and versions supported:

• BETA of Palo Alto Networks firewalls running PAN-OS 6.x.x.
• IK-1675: Support CP R77.30
• IK-1840: Fortigate: Added support for FortIOS V5.2.1

NOTE: Customers who require support of a given product version prior to the main release can contact [email protected] and a running build will be provided.

Select new signatures:

• IK-1677: Firewall is running with a trial license (Check Point)
• IK-1836: Enhanced “BIG-IP node availability issue detected” (F5)
• IK-1825: ConfigSync operational status issues (F5)
• IK-2020: The BIG-IP system is near or out of disk space or inodes (SOL12263, SOL14403) (F5)
• IK-2021: “Possible multicast or broadcast loop on SFP NICs detected” (F5)
• IK-1834: “Load balancer node connection limit nearing (or reached)” (F5)
• IK-1831: “Number of active members in pool is lower than required” (F5)
• IK-1835: “Pool member connection limit nearing (or reached)” (F5)
• IK-1827: “SSL transactions per second (TPS) limit nearing or reached” (F5)

Bugs fixed and minor improvements:

• IK-1674: “A NIC has failed recently (SA#24915)”: reduced the number of log lines shown
• IK-1518: “Cluster Members Identical Kernel Parameter Values Verification (SA#66322)”: additional dynamic parameters ignored
• IK-1859: “DNS server resolution test failed” – eliminate false positive in Cisco devices
• IK-1672: “Errors have been found in packets received by NIC (SA#24915)” triggered for very low packet count
• IK-1704: “Communication with device suspended due to 2 reboots” false positive
• IK-1712: “Hardware has reached end of support” is auto-resolving
• IK-1683: “Hardware temperature sensor reading too high” false positive
• IK-1391: “High storage usage has been measured” doesn’t show list of large files in Cisco devices
• IK-1871: “HSRP cluster members differ in VLAN configuration” false positive
• IK-1858: “License(s) have expired” false positive for CP licenses with expiration “never”
• IS-1349: “Max SSH Session Count” remains at default
• IK-1976: “Monitoring Suspended” creating too many alerts
• IK-1958: “NAT cache (fwx_cache) table limit approaching or reached” false positive
• IK-1879: “NAT connections (fwx_alloc) table limit approaching or reached” false positive
• IK-1901: “RX traffic drastically reduced post fail over, possible ARP issue” add specific interface details
• IK-1919: “SecureXL templates are partially disabled” false positive
• IK-1914: “Some members of the same cluster are not being monitored” false positive
• IK-1731: “Some proxy ARPs required by NAT are missing” – signature removed
• IS-1000: “Some received packets have been dropped by NIC (SA#24915)” – duplicate text in e-mail alert details
• IK-1628: “Two cluster members differ in their routing tables” failing to create alert
• IK-1870: “Use of NTP is configured but no servers are defined” false positive
• IK-1684: “Voltage too high or too low” false positive
• IK-1702: “Voltage too high or too low” – don’t alert if hi/low limits are unknown
• IS-1454: Backup: sometimes old backups are not deleted
• IK-1501: “Proxy ARP is enabled” flapping in Cisco
• IK-1696: GAiA R77.10: Replace use of ckp_regedit with cpinfo
• IK-1846: ClusterXL member differences alerts are referring to the wrong cluster members
• IK-2133: Configuration Check – “Hotfix(es) Installed” does not handle comma delimited string of HFs correctly
• IS-1077: Connection to SecurePlatform with SSH private key fails
• IK-1741: Correctly identify device model for CP 21700
• IK-1742: Correctly identify device model for CP 4400
• IK-1670: Live Configuration – all NICS are showing as Down
• IK-1856: Hardware alert false positives from Check Point open server
• IS-1346: Prevent “service indeni4it start” from starting the application more than one time
• IK-1690: “Route overlap identified” – don’t alert when next-hop is the same
• IK-1688: NIC stats alerts (e.g. packet errors) should contain the total number of packets that we compare against
• IK-2066: SmartCenter degradation due to hanging “fw log” processes
• IK-1993: SmartCenter backup: use “migrate export” for R75.40 and above
• IK-2067: Reduce “sshd[xxx]: Did not receive identification string from <indeni server>” in device messages log
• IS-1037: Update by UPD fails to restart the service
• IK-1966: Crossbeam discovery failure
• IS-1453: Backup Report – empty “Failed Backups” section header
• IS-1348: Scheduled Reports delivery does not follow DST changes
• IS-1441: F5 – wc should not show the groups common/device_trust_group and common/gtm
• IS-1036: E-mail Alerts: remove PDFs from e-mail alerts
• S-1019: Tools-Troubleshooting – add “cpstat os -f sensors” for Check Point firewalls
• IS-1765: Alert Report – add alert timestamps&nbsp;
• IS-1060: Alerts e-mails – add alert timestamp