Release Note 6-5 T11

Release notesAdrien Escobosa

La nouvelle version logicielle, la 6-5 T11 est là ! Venez découvrir ce qu'elle ajoute

SGM 6-5.T11

Long term TOP statistics new presentation

The different screens to get the TOP have been harmonized.

StreamView offers several places to get filtered TOP information (rules, sites, categories). With the T11 version, all locations with the ability to produce TOPs will have the same look and feel. Metrics may vary depending on where the TOP function is requested.

The ability to search the massive StreamView database with TOPS will improve troubleshooting capabilities and reduce diagnostic time. This includes searching for rules with the highest number of connections, for example.

The new structure will include:

  • Standard time browser similar to other long-range tabs
  • TOP object selector: application, remote sites, remote categories
  • Selector for a given application
  • Selector for the metric to be classified: all available metrics for the type of rule.
  • Display selector: percentage or time

The number of items taken into account to display a TOP is limited to 10.

If there are less than 10 items, they will all be displayed.

If there are more than 10 elements, the first 9 ranked will be displayed and the rest will be accumulated in an “other” element.

A new “export” menu has also been harmonized between all TOP screens

Now it is possible to copy the data:

  • In the paperclip of the system to be saved in your favorite software (copy)
  • Copy as html (Table)
  • Save as PNG image (Image)
  • Insert in a StreamDashboard page (StreamDashboard)

To gather all these functionalities, a specific Tops tab is now added to the “Long term statistics” window.

Site management

“Summary” tab

The appearance of the Site Management list follows the same trend as the connections or rules and filters tables in previous versions.

This list of sites is presented using a new component that allows

  • Selection of fields from all information stored in the rules/filters
  • Reorganization of columns
  • Sorting of columns
  • Content filtering
  • Export to Excel or copy the table
  • Selection of predefined views

CSV Configuration Tab

At the same time, a new CSV configuration tab is added to perform import/export of sites from files.

Click Sample File to download a simple, well-formatted csv file that you can use as a template to create a site list file that you can then import.

Export Sites to CSV file will download the current list of sites in this database to a csv file.

Client Port Filtering

Prerequisite: SG with OPE 6-4.24 or 6-5.04 and higher.

This new feature allows you to add filtering on requestor ports. It complements the server port criteria.

Some new applications (e.g. Teams) limit the number of server ports to reduce the effort of security teams to open dedicated ports for each service. Instead, they rely on the demand for uncontrolled ports to separate traffic types.

Troubleshooting network connections: the latest default

Historically, StreamView displayed 10-second short-term connections by default.

It seems from feedback that most users immediately switch to the most recent and only specify their request at 10mn, 1mn or 10s.

By changing the default landing screen, you will save time while having access to more accurate screens.

 

SG support with DHCP configuration

Prerequisite: SG M5G with BOOT T06 and above.

Streamcore is ready to offer customers the choice of deploying devices with a fixed or dynamic IP address.

Each option has advantages and disadvantages, and it is not Streamcore’s role to impose one or the other. Both are now available and can even be mixed between different locations (such as fixed IP for the data center and DHCP for branch offices).

This option is only available for network probes running the Streamcore 5th generation operating system (M5G).

DHCP simplifies provisioning with the following feature:

  • No prior IP address assignment
  • Less risk of using an already assigned address (spoofing)
  • Ability to prepare the configuration at one site in the network and deploy it to another fully pre-configured site, including call mode matching.

The current implementation has the following limitations if DHCP mode is enabled:

  • No statistics on the Admin port
  • Active probe is not working
  • Netflow tickets are not sent

These limitations will be lifted in later versions.

 

Calling SG with high availability SGM

It is now possible to connect a SG in call mode to both SGMs forming a high availability cluster.

To add or simply configure a calling SG in a running cluster of two SGMs

The SG must be connected to the active SGM in the same way as with a single SGM.

The connection to the passive MMS will then be automatically activated when the database synchronization is initiated between the two MMSs (i.e., just after the daily database backup).

Building a New Cluster from an Existing Simple MMS Cluster

If there are already calling SGs configured on the first MMS, nothing needs to be done after the new cluster is established.

The connection of SGs to the new passive SGM will be automatically activated when the database synchronization is started between the two SGMs (i.e., right after the daily database backup).

 

Category type selector on StreamGroomers

From this version 6-5.T11 on the StreamGroomers tree display inherits all categories as defined in the Services view. And we can select the type from which we want to display the categories: