Table of Contents

• 1. Release Note for GCENTER 2.5.3.100
• 2. New features
  • 2.1. Gatewatcher Licensing Center
  • 2.2. Gatewatcher Update Manager
  • 2.3. Connector Endpoint Detection and Response (experimental)
  • 2.4. Backup and restore
  • 2.5. MISP connector: Malware Information Sharing Platform
  • 2.6. GBox Interconnection
  • 2.7. Sigflow advanced settings
  • 2.8. Rulesets per physical interface
  • 2.9. Containers
  • 2.10. Python 3.6 or higher
  • 2.11. GCenter API
  • 2.12. Simplifying the configuration script
  • 2.13. Startup of GCenter services
  • 2.14. GCenter Urls
  • 2.15. Heartbeat
  • 2.16. ElasticSearch (ES) and Index Life Cycles (ILM)
  • 2.17. Orchestration daemon
  • 2.18. Machine Learning and ‘Domain Generation Algorithm’
  • 2.19. Malicious powershell detection based on Machine Learning
  • 2.20. Shellcodes visualisation
  • 2.21. KIBANA - NETDATA tables
  • 2.22. LastInfoSec / Sigflow
  • 2.23. Malcore analysis
  • 2.24. Multi-tenant
  • 2.25. Customisation of the session duration
  • 2.26. LDAPS / AD centralised authentication
  • 2.27. KAFKA
  • 2.28. Public API
• 3. Patches
  • 3.1. Double Authentication
  • 3.2. GCenter Custom Certificate
  • 3.3. SWAP
  • 3.4. Encrypted Backup Partition
  • 3.5. Activating the Military Programming Law (MPL) specific configuration
  • 3.6. Display the home page
  • 3.7. Advanced Malcore configuration
  • 3.8. Analysis profiles
  • 3.9. Expiration of web session
  • 3.10. ElasticSearch fields
  • 3.11. Cookie management
  • 3.12. Editing KIBANA tables
  • 3.13. Authentication history
  • 3.14. IP address login history
  • 3.15. Creating/Editing a user
  • 3.16. Sigflow rules
  • 3.17. PDF report
  • 3.18. BlackList/WhiteList Malcore
  • 3.19. Sigflow Manager
  • 3.20. Number of alerts in the GATEWATCHER tables
  • 3.21. Export of diagnostics
  • 3.22. Archive password field
  • 3.23. Healthcheck
  • 3.24. Unauthenticated users
  • 3.25. Authenticated users
  • 3.26. LDAP authentication
• 4. Known problems
  • 4.1. Export SYSLOG
  • 4.2. Status of last updates
  • 4.3. LastInfoSec rules
  • 4.4. GUM error management in Local or Online mode
  • 4.5. LDAP with SSL or STARTTLS
  • 4.6. Double booting
  • 4.7. Machine Learning engine and CIE editing
  • 4.8. Self-signed certificate
  • 4.9. Malcore Alert
  • 4.10. Proxy server configuration
  • 4.11. SUP0 interface configuration
  • 4.12. Ruleset
  • 4.13. Threshold rule
  • 4.14. Export syslog
  • 4.15. Sigflow Manager - Transform Category
  • 4.16. Sigflow Manager - Error 500 when adding a rule to a custom source
  • 4.17. Sigflow Manager - Inconsistency in the display of the number of categories and rules of a category
  • 4.18. LDAP Configuration - TLS
  • 4.19. Backup Restore
  • 4.20. GCap FQDN (Pairing/Status)
  • 4.21. Kernel - IPSEC module instability
  • 4.22. Malcore - Incorrect file association in the case of replicas
  • 4.23. Malcore - Accumulation of files in /tmp
  • 4.24. Malcore - No flow_id
  • 4.25. Malcore - Profiles not saved post upgrade
  • 4.26. Malcore - Disabling an antivirus engine
  • 4.27. Malcore Management - GScan Profile
  • 4.28. Malcore - File analysis
  • 4.29. Malcore - No flow_id
  • 4.30. Malcore - Black/White list configuration and application
  • 4.31. Malcore - Duplicate Analysis
  • 4.32. Malcore - Engine crash due to an overload
• 5. Hotfix
  • 5.1. Package 1 (HF1 / SHA256)
  • 5.2. Package 2 (HF2 / SHA256)
  • 5.3. Package 3 (HF3 / SHA256)
  • 5.4. Package 4 (HF4 / SHA256 )
  • 5.5. Package 5 (HF5 / SHA256 )
  • 5.6. Package 6 (HF6 / SHA256 )
  • 5.7. Package 7 (HF7 (mode upgrade) / SHA256 // HF7 (mode hotfix) / SHA256)
• 6. Offline version note