Administration Guides
What's New
Home

What's New

For a full list see the feature list page here.


Easy Auditor Enhancements:

  1. Quick Scan Path Search - New architecture to accelerate results for path searching when no user is specified.  The user search is already indexed in a way to easily find all events by a user. The new search index will offer the same search speed for a path search. (patch release coming soon)

  2. AI Analytics of user behavior - Analysis of the Auditor database can determine the optimal Ransomware Defender settings to best protect data and avoid false positives. (patch release coming soon) 

  3. WireTap provides filtering, folder browsing and event filtering. Complete update with advanced filtering options full screen UI.  Realtime IO monitoring of users, paths , folder trees, or single folder.  Allows debugging performance issues.

  4. Real-time Syslog Forwarding - Allow the ECA cluster to forward formatted syslog message to 3rd parties example SIEM tools, event filtering for user, path, event type with regex filters

  5. Where did my folder go?  It will now track directory deletes in a fast cache lookup, and copy and paste results to Excel

  6. Builtin reports have been enhanced for performance and provide partial results while they execute

  7. Optimized active audit triggers offers more performance at higher event rates to real-time DLP and Mass delete triggers

  8. Active Auditor - Realtime Audit Triggers - Automate security, "No MORE Report Reading"

    1. If this happens and OR that happens send an alert, triggers do not use the database and process event data with stream based analytics.

    2. Predictive Analytics - Each custom trigger created evaluates event data over 1 minute intervals and every 5 minutes a prediction computation runs to provide more accuracy to your security policies getting triggered.

    3. Combine path, user and event types into a customized real-time audit policy that continuously monitors events and fires a trigger when the condition is met.

    4. Geofencing by user or path  - Network Aware Security - Real-time triggers can use the source ip of hosts or even entire subnets.  This allows a whole new security layer that can alert when access to storage is from authorized subnets or detect remote access from VPN or Wifi Guest networks

      1. Combined with user, path, file action, file name and more options powerful Geofence polices can be created to secure your data with network aware policies.​

    5. This allows and event to be sent via email or configure syslog forwarding to a SIEM.

    6. The only customizable real-time audit solution with no lag auditing for PowerScale.

  9. S3 Object data access reporting with Easy Auditor for Onefs 9.x releases.

    1. Supports reporting on data access based S3 protocol access to the cluster

    2. Supported Features

      1. Reporting based on query builder

      2. Wiretap

      3. Where did my Folder go?  delete of folders, file only

Ransomware Defender Enhancements:

  1. No HDFS needed!!!! We have redesigned Ransomware Defender to no longer needed HDFS. Easier to install with fewer dependancies

  2. New GUI for flag as false positive to view users that have been flagged and reset the a user to factor default detection settings

  3. Allow file list add UI for whitelisting files on the dynamic extension list

  4. SIEM Integration - audit data real-time syslog forwarding

Security Enhancements:

  1. IGLS cli command to automate changing eyeglass service account password and restarting the process to take affect.  Useful for customers with a lot of clusters and regular password change policy can now automate this task.

Cluster Storage Monitor:​  

  1. Large AD direct collection over LDAP will support direct connect to AD to collect users and groups.  Supports 1 million or greater object collection in < 2 minutes.

  2. This new collection method will be shared by all products that need this information example Ransomware, defender, Cluster Storage Monitor all need user to SID resolution and user to group information.

Eyeglass Cluster Agent:

  1. New distributed model allows remote sites to be managed by Mini-Eca a single VM to collect audit data and forward it centrally for process, analysis, storage and searching.  This is designed for customers that have distributed clusters and want centralized security and ransomware defense of all clusters.

  2. New model can support PowerScaleSD clusters used at edge locations and offer centralized services.


 

© Superna Inc