Warning

Clients with equipment having one of the serial numbers available on this link are affected by the update referenced in the table. Other serial numbers are not affected.

Warning

For performance reasons, it is strongly recommanded to directly install version 2.5.3.104 of GCap

Table of content :

• 1. Release Note GCap 2.5.3.103
• 2. New features
  • 2.1. Aggregating the monitoring interfaces
  • 2.2. Detection rules per monitoring interface and per VLAN (multi-tenancy)
  • 2.3. Detection engine
  • 2.4. Command Line Interface (CLI)
  • 2.5. User account and password
  • 2.6. Criticality levels of application logs
  • 2.7. Pre-authentication SSH banner
  • 2.8. Text editor for the input of local detection rules
  • 2.9. System strengthening
  • 2.10. Protocol and logging management
  • 2.11. New compatibility mode with the GCenter
  • 2.12. Replaying flow in PCAP format
  • 2.13. Improved system logging
  • 2.14. Bruteforce protection
  • 2.15. Pre-filtering of eve-logs
  • 2.16. Log compression
  • 2.17. Reducing the attack surface on the GCap
  • 2.18. GCap 1000 series
• 3. Patches
  • 3.1. Updating the detection engine
  • 3.2. Updating the container system
  • 3.3. Reconfiguring the detection engine
  • 3.4. Refreshing the interface status
  • 3.5. Setting up the password policy
  • 3.6. Correcting the start and stop conditions of services
  • 3.7. RESET function
  • 3.8. Strengthening the network routing configuration
  • 3.9. ‘Unexpected’ error message
  • 3.10. Stopping the synchronisation service
  • 3.11. Sending extracted files
  • 3.12. Network interface names
  • 3.13. Generating fileinfo type events
  • 3.14. Netdata logs
  • 3.15. Extracting by file extension
• 4. Known problems
  • 4.1. TCP transactions and extracted files
  • 4.2. Resetting the GCap
  • 4.3. Erroneous status display of the monitoring interfaces
  • 4.4. Replay of PCAP files
  • 4.5. Protection of the authentication mechanism (anti-bruteforce)

PDF Release Note v2.5.3.103