RSS Feed
Latest Updates
Oct
12
Important note when upgrading to PSM 5F3
Posted by Balázs Hadnagy on 2017 October 12 15:18

Dear Customers,

 

kindly note, that when upgrading to PSM 5F3, the following upgrade paths are availaple:

  • PSM 5.0.2 or later -> PSM 5F3
  •  PSM 5 F2 or later -> PSM 5F3

Please be aware, that upgrading from older releases will cause an error, due to which the PSM will not be able to boot.

Do not hesistate to contact us, if you require assistence during the upgrade.

 

Best regards,

The Support Team


Read more »



Oct
5
Annoucing the Balabit Upload Portal
Posted by Balázs Hadnagy on 2017 October 05 10:51

Dear Customers,

 

We would like to announce our new file sharing solution, the Balabit Upload Portal.

Please check the short guide below on its usage.

 

  1. Log on to https://upload.support.balabit.com with your existing MyBalabit credentials.
  2. Navigate to the folder that has the same Ticket ID number as the issue that you want to upload files for.
    We have automatically created this folder for you when you have opened the ticket.
  3. To upload your file(s) either drag&drop them or click , click Upload file and browse for them.
  4. After the upload has finished, inform your support expert in a reply to your ticket so that we can start analyzing your issue right away.

You may also a more detailed guide by clicking here.

 

If you encounter any difficulty with it, please contact us by opening a ticket.

 

Kind regards,

Support Team


Read more »



Oct
4
Shell Control Box 5.3.0 has been released
Posted by Dávid Szécsényi on 2017 October 04 10:22

Dear Customers,

 

A new stable version of Shell Control Box (5 F3) has been released.

Feature highlights

  • You can now select the depth of indexing: lightweight and full indexing.

    Lightweight indexing is significantly faster than full indexing, but it extracts only the executed commands and the window titles that appear on the screen. It does not index any other screen content. Lightweight indexing is now enabled by default in case of a newly installed PSM or when you add new connection policies. If indexing was enabled for a connection policy it is converted to full indexing automatically during the upgrade.

  • Enhancements to the new Search portal

    The new search interface of PSM is now available for trying. You can access it by going to the Search > Search page and clicking the Try the new search button. It has been improved significantly since the previous release:

    (1) It is now possible to refine your search query by clicking on field values within the current results.
    (2) It is possible to search for commands, window titles, and screen contents within a single session, not just globally.
    (3) Screenshots are now shown for screen content search hits.
    (4) Several small usability issues have been addressed based on your feedback.

    With the next feature release, this new interface will become the default search UI. Note, however, that the "classic" interface will remain available for a short transition period, too.

  • We made a couple of changes to improve the look of PSM's user interface, such as reducing the size of blank spaces and other elements to make the UI easier to use on small displays. We also reviewed and unified fonts and icons, and made the color palette a bit more calm and conservative.

  • Enabling TLS-encryption in an RDP connection policy has been simplified.

  • You can now configure the required minimum version of the default web listener.

  • The Balabit Desktop Player application can now replay audit trails that contain graphical X11 sessions

  • PSM's RESTful API has been enhanced with the following new functionalities:

    (1) A new endpoint, /api/audit/sessions/<session-id>/content, has been added, which enables you to search in the contents of individual connections.
    (2) The filtering functionality previously only available under the api/audit/sessions endpoint is now added to the api/audit/sessions/<session-id>/events endpoint, too. This means that you can now search in the events of individual connections.

  • When creating debug bundles for troubleshooting purposes, PSM now includes the configuration files of any plugins installed. Note that depending on the plugin, these configuration files can contain sensitive information, such as passwords or API keys. In this case, edit the plugin-related files in the plugins directory of the debug bundle and delete the sensitive information.

Bugs fixed


Warnings

  • Pyramid hardware is no longer supported

    Note that physical SCB appliances based on Pyramid hardware are not supported in 5 F1 and later feature releases. Do not upgrade to 5 F2 on a Pyramid-based hardware. The last supported release for this hardware is 5 LTS, which is a long-term supported release. If you would like to upgrade your hardware, contact your Balabit sales representative, or directly sales@balabit.com for details.

    If you have purchased SCB before August, 2014 and have not received a replacement hardware since then, you have Pyramid hardware, so do not upgrade to SCB 5 F2. If you have purchased SCB after August 2014, you can upgrade to 5 F2. If you don't the type of your hardware, please contact Balabit support and we will assist you.

  • Database upgrade after first startup

    After upgrading SCB, a process that upgrades the Connection database will be started in the background. Depending on the size of the database, this process can run for several minutes (about 2.5 minutes/1 million database entries), and causes significant load on the appliance. If this would cause problems for you, consult the Balabit Support Team before starting the upgrade.

  • Screen content search in sessions indexed by the old Audit Player

    In line with deprecating the old Audit Player (AP) (replaced by the on-box indexer service in 4 LTS, the external indexer service in 4 F2, and officially deprecated to be used as an indexer tool starting with 4 F4), it is not possible to search for screen contents indexed by AP on the REST interface and the new search UI. As we replace the classic search UI with the new one, it will no longer be possible to search in the screen contents of such old sessions. However, searching in session metadata (such as IP addresses and usernames) and in extracted events (such as executed commands and window titles that appeared on the screen) will remain possible. New sessions that are processed by the new indexing service will work perfectly. If you wish to do screen content searches in historical sessions, contact the Balabit Support Team.


For details, see the following documents:

 

Download

  • The firmwares and other files of Shell Control Box are available here

 

Kind regards,


Support Team


Read more »



Sep
29
Syslog-ng Store Box 4.9 has been released.
Posted by Dávid Szécsényi on 2017 September 29 14:49

Dear Customers,


A new feature version of syslog-ng Store Box (4 F9) has been released.

  New feature highlights:

  • Deploying SSB on Microsoft Azure - You can now deploy SSB on Microsoft Azure using a bring-your-own license model.
  • Increasing the virtual disk size of SSB under a virtual machine - Increasing the virtual disk size of SSB under a virtual machine is now much easier.


  In addition, SSB 4 F9 contains corrections for the following issues:

  • #SSB-2476 Upgrade to 4.8.x fails
  • #SSB-2452 Invalid negative values returned by REST API calls
  • #SSB-2422 Archiving could fail on low-volume logspaces
  • #SSB-2421 Confusing order of country names
  • #SSB-2333 Auto-calculation of certain syslog-ng values


  The following security issues have also been corrected in SSB 4 F9:

  • #SSB-2510 Security package updates

Before upgrading to SSB 4 F9, read the How to upgrade to syslog-ng Store Box 4 F9 document.

Information about what is new in syslog-ng Store Box 4 F9 is available in the What's new document.
Firmware and other files for syslog-ng Store Box are available on the download page.
The documentation of syslog-ng Store Box is available on the syslog-ng Store Box Documentation page.

WARNING

  • Customers possessing a valid maintenance package at the time of the release can download the new license from the MyBalabit portal.
  • For details on the fixed issues, see our issue tracking page.
  • READ CAREFULLY IF YOU UPGRADE FROM A VERSION PRECEDING SSB4.0.1. If you upgrade from a version preceding SSB 4.0.1, you must manually download and execute a script. For detailed information, see the Upgrade guide.
  • From SSB 4 F8/firmware version 4.8.0 onward, SSB does not support the following hardware: SSB N1000, SSB N1000d, SSB N5000, SSB N10000.

Best Regards,

Support Team


Read more »



Jul
10

Dear Customer,

We would like to bring to your attention that due to the latest Microsoft’s changes in the implementation in the RDP Protocol delivered with Microsoft Windows Creators Update, the use-case scenarios involving Balabit Shell Control Box and usage of Remote Desktop Gateway (formerly known as Terminal Services Gateway) will experience connectivity issues.

Affected systems: all enterprise infrastructure that use Windows 10 client machines, plans or has installed the latest Creators Update patches and audits its RDP traffic with Balabit Shell Control Box through RDG/TSGW. Native RDP connections are not affected.

Effect: after applying the update by Microsoft, no RDP connections can be established through SCB.

Workaround: No global workarounds are known yet. We are in touch with Microsoft to identify one.

Timeline, action plan: Currently, we are investigating the issue and we will provide update on any identified workarounds and on the delivery of the fix as soon as any further information is available.

Advice: In the meantime, we advise to postpone the rollout of the Creator’s Update in your inftastructure until a workaround is identified or a release of a fully compatible SCB version is installed. If you have already applied the update and experience the connection issues, please report the incident and we shall try to identify any environment specific workarounds. If you have any questions regarding the case, please do not hesitate to turn to us.

Apologies for the inconvinience.

Regards,
 Balabit Support


Read more »