assuriaONLINE Customer and Partner resources Logon / register
|
|
|
|
|
|
|
assuria bulletin
assuria auditor in 2007In 2007 Assuria have delivered a significant number of updates and enhancements to Assuria Auditor. Many of the updates and enhancements have been “under the covers” and not always visible to users. Assuria continues to invest in and enhance Assuria Auditor. All Users are requested / invited to submit enhancement requests for Assuria Auditor and Assuria Log Manager to info@assuria.com. For more information on any of the features mentioned in this document please contact Assuria. Additional agents delivered
|
|
Agent |
Additional Supported Platforms |
|
Red Hat Enterprise Linux |
Red Hat Enterprise Linux 5 on x86 and x64 architectures |
|
HP-UX 11 on PA-RISC |
HP HP-UX 11i V3 on PA-RISC architecture |
|
Agent |
Including AUs up to |
|
HP-UX 11 on PA-RISC |
AU#67 |
Assuria has added and updated 771 checks during 2007. This new Security and Updated content has been delivered for the following platforms:
|
Agent |
Total Checks |
|
IBM AIX 4.3.3 / 5L |
95 |
|
HP-UX 11 on PA-RISC |
64 |
|
HP-UX 11 on IA-64 |
32 |
|
HP-UX 10.20 |
6 |
|
Red Hat Enterprise Linux |
277 |
|
SuSE Linux Enterprise Server 9 on X86 |
25 |
|
SuSE Linux Enterprise Server 10 on X86 |
26 |
|
Solaris8 |
30 |
|
Solaris9 |
28 |
|
Solaris10 on SPARC |
41 |
|
Windows 2000 |
71 |
|
Windows 2003 |
76 |
|
TOTAL |
771 |
Note that these are
the numbers of new and updated checks delivered through the AutoUpdate
program, and do not include checks delivered as part of the installation
package for the new agents described above
During 2007 Assuria has maintained an enhancement program to Assuria Auditor.
New and updated features added during 2007 include:
|
Item |
Description |
|
New Agent Management dashboard. |
A dashboard that can be viewed at the enterprise or class level, including ’10 Most Vulnerable Agents’, ‘Vulnerabilities per Operating System’, ‘Agent Population by Class’, ‘Agent AutoUpdate Levels’, and ‘Agent Poll Time’.
|
|
Global policy variable configuration |
Allows common policy variable to be easily changed and implemented, for example ‘password length’ or ‘password age’.
|
|
Updated password checks for Solaris and HP |
Allows checking of global password properties, as well as those applying to individual user accounts.
|
|
Import of remote not connected agents results files |
Intended for use by traveling auditors or those Assuria Auditor users who may have some agents that cannot connect directly to the Console. Once imported all of the features of Assuria Auditor are available to process and report the Results.
|
|
Re-instated OS2 and POSIX checks on Win2k3 as requested by a customer.
|
Checks were removed as believed to be redundant – now re-instated. |
|
External Standards based reporting: |
Full release of the new standards based reporting functionality and other reporting updates. Standards supported includes ISO 27002 (17799), ISO 27001, Payment Card Industry Data Security Standard (PCI), Sarbanes Oxley (SOX) and FISMA.
|
|
CVSS – Common Vulnerability Scoring System, v2. |
CVSS scoring V2 fully implemented and available in all reports. For more information on CVSS please see http://www.first.org/cvss/cvss-guide.html.
|
|
Expandable HTML Reporting |
New HTML reporting format with compressed reporting that can be expanded to several levels on viewing.
|
|
Assuria Web Interface (Assuria VITA) |
Updated version (4.2.8) of the Assuria Auditor web interface. New features includes user roles and privileges. Previously known as VISTA now renamed VITA to avoid possible confusion..
|
|
4.2.8 Console Build and XPU consolidation |
Updated and consolidated Assuria Auditor Console build.
|
|
Systems Inventory checks: |
New checks and policy to report on the current system inventory covering hardware, software, services and port.
|
|
Agent Service Pack |
New Service Pack for Windows agent which brings a newly installed Windows agent to a later level with a single update..
|
|
Active Alerting |
Reinstatement of console support for active alerting. On Windows platforms Assuria Auditor can alert in real-time on specific events being written to the Windows event logs.
|
|
‘Logging’ Checks |
Variants of file baseline checks, which log change information to the Windows ‘event log’ or ‘syslog’.
|
|
XP Support |
Enables the Windows 2000 agent to be correctly supported by the Assuria Auditor Console.
|
|
Improved Error Reporting |
Database schema and console changes to provide improved error reporting in the event of scan errors.
|
|
Agent Return Communications Diagnostic |
Diagnostic available for use in investigating a class of network mis-configurations that prevent agent to console communications.
|
|
Improved Exception Configuration |
Ability to set exception configuration by copying the configuration of a ‘reference’ agent.
|
|
Extended AutoUpdate Integrity Checking |
Extension of this feature to Windows 2000, HP-UX 11 and Red Hat Enterprise Linux agents.
|
|
Bug fixes and minor enhancements |
A number of minor bugs and small enhancements have been made during 2007.
|
System Scanner and
X-Press Update are
registered trademarks of Internet Security Systems Inc. of Atlanta,
Georgia, USA
©
Copyright Assuria Limited. All rights reserved.
|
|
Legal
notice | Site
map | Contact
Assuria |
