Who rated this article

Who rated this article

Did you find this article helpful? Yes No
100% helpful (8/8)

Release Notes:

Version 1.1.89

Date 15/12/2020

Bug

  • SCREENOS. Service timeout migration corrected

 

Version 1.1.88

Date 29/11/2020

Improvement

  • Filters. Support for identifying Security Rules that affect a certain IP, Range or Network

 

Version 1.1.87

Date 17/11/2020

Bug

  • Routes are incorrectly calculated affecting Autozone calculations. Bug introduced n 1.1.86

 

Version 1.1.86

Date 12/11/2020

Bug

  • [MT-1922] - Duplicate Address objects created with different values for CiscoASA migration. Crypto FQDNs presented as address objects
  • [MT-1923] - Some Security Rules missing "Checkpoint Target" field
  • [MT-1928] - Checkpoint R80 FQDN object support
  • [MT-1938] - Expedition Bug - Cisco ASA ipv4/ipv6 dual stack
  • [MT-1939] - Generate API request in subatomic mode stuck at "Log settings:vsys:shared". globalprotect profiles failure
  • [MT-1940] - Checkpoint. Address objects withIPv4 and IPv6 get duplicated

 

Version 1.1.85

Date 04/11/2020

Bug

  • [MT-1934] - Tag object API call is not generated in the API requests.

Version 1.1.84

Date 28/10/2020

  • Removed invalid line when calling tools.
  • Update for unique Expedition ID
  • CURL handling for large API calls on PANOS 9.1 and later

 

Version 1.1.83

Date 22/10/2020

Bug

  • [MT-1846] - API calls to push address objects back to Panorama 9.1.2 (probably on 9.0.8) produce "Invalid target object in edit handler"
  • [MT-1886] - NAT policy showing address object as "null" after merging address objects by value.
  • [MT-1906] - Checkpoint Migration missing Interface, vr and zone info
  • [MT-1913] - Panorama import creating duplicate interfaces - import issues

 

Version 1.1.82, 1.1.82.1, 1.1.82.2

Date 02/10/2020

Bug

  • [MT-1907] - Disabled IPSEC Tunnels not showing "disabled" when imported
  • [MT-1912] - SRX. Duplicated address objects when exists as global address object
  • [MT-1914] - ScreenOs. Incorrect reference of multi-protocol objects
  • [MT-1915] - Bulk Zone: Issue deleting zones
  • [MT-1916] - Bulk Zone: Issue adding zones to rules without zones

 

Version 1.1.81

Date 17/09/2020

Bug

  • [MT-1886] - NAT policy showing address object as "null" after merging address objects by value.
  • [MT-1893] - Checkpoint service-group objects imported as service-objects
  • [MT-1908] - ReportName Got Truncated after Panorama config export from Expedition

 

Version 1.1.80

Date 24/08/2020

Update

  • Updated Terms and Conditions

Version 1.1.79, 1.1.79.1

Date 14/08/2020, 18/08/2020

Bug

  • [MT-1892] - CHECKPOINT >R80. Services lost in security policies

New Feature

  • [MT-1890] - CSV Files. Support for PANOS 10.0

Improvement

  • [MT-1891] - Description: Support for (, { and [ elements

 

Version 1.1.78

Date 13/08/2020

Improvement

  • [MT-1885] - Checkpoint. In-line policies are missing

 

Version 1.1.77

Date 07/08/2020

Bug

  • [MT-1834] - Expedition GUI Hangs when click on "Unused" address objects from Dashboard
  • [[MT-1869] - Dashboard-NaN value shows in Unused and Ghost counts of Tag object
  • [MT-1877] - Unable to reference shared objects in vsys NAT rules
  • [MT-1882] - Security, NAT rules and interfaces missing when parse Juniper SRX nested group config

Improvement

  • [MT-1840] - BPA AutoRemediation on Template
  • [MT-1881] - CHECKPOINT. Include security rule target device for >R80

 

Version 1.1.76, 1.1.76.1

Date 03/08/2020

Bug

  • [MT-1797] - Dashboard-Showing all address objects are unused.
  • [MT-1876] - SRX. Zones missing in global policy

 

Version 1.1.75

Date 27/07/2020

Bug

  • [MT-1868] -Autozone. Issues when interface names are shared accross multiple VR

 

Version 1.1.74

Date 14/07/2020

Bug

  • [MT-1859] - SRX. Tunnels without vlan-id miss the tag
  • [MT-1861] - SRX. Address objects with invalid names in NAT rules
  • [MT-1862] - SRX. st0 Tunnel interfaces loaded as ethernet
  • [MT-1863] - SRX. vr1 takes more interfaces than it should
  • [MT-1864] - SRX. Load lo0 interface as loopback
  • [MT-1866] - ML Settings. Timezone issues
  • [MT-1867] - Snapshots. Limit to 5 automatic snapshots

 

Version 1.1.73

Date 06/07/2020

Bug

  • [MT-1854] - Import Project. Update Project DB after import
  • [MT-1855] - CHECKPOINT. Missing interfaces and routes in <R80

 

Version 1.1.72

Date 03/07/2020

Bug

  • [MT-1851] - CISCO. Zones get reassigned on new import
  • [MT-1852] - CISCO. Support address groups descriptions

Improvement

  • [MT-1847] - Cisco ASA remarks contain ";" , the ";" is missing in the description after convert

Version 1.1.71

Date 26/06/2020

Bug

  • [MT-1825] - Older CP Import not working v77.30 on Exp 1.1.69.3
  • [MT-1832] - Cisco ASA. Remarks are populated into wrong ACLs
  • [MT-1843] - CISCO. Issue with IPv6 with CIDR

New Feature

  • [MT-1831] - CleanUp Objects. Script to merge address objects in background
  • [MT-1844] - CISCO. Support for service timeouts

 

Version 1.1.70

Date 12/06/2020

Bug

  • [MT-1782] - Expedition - Unable to properly schedule daily import of machine logs
  • [MT-1798] - Older Checkpoint Import not working v77.30 - Rulebase not importing
  • [MT-1817] - BPA-Best Practice Adoption Pi-Chart does not reflect the correct adoption rate
  • [MT-1820] - Expedition predefined service-http object issue
  • [MT-1830] - CSV Files. Error importing logs from Splunk (CurlConnect)
  • [MT-1836] - BPA. Update radar view
  • [MT-1837] - CISCO NAT after-auto. Some rules were not correctly considered as after-auto, but placed as before-auto

Improvement

  • [MT-1814] - HealthCheck. Check PIP dependencies are installed
  • [MT-1835] - Delete Duplicated. Improve SQL calculations for object-reference updates

 

Version 1.1.69, 1.1.69.1, 1.1.69.2, 1.1.69.3

Date 28/05/2020, 05/06/202

Bug

  • [MT-1768] - BPA-Auto Remediate does not work
  • [MT-1811] - Clone NAT. Updates have a larger scope than they should
  • [MT-1812] - Checkpoint. Delete temporary files
  • [MT-1813] - Autozone. Limit the calculations to the given vsys
  • Checkpoint R80 parser does not complete. Parser not closed correctly

New Feature

  • [MT-1660] - CSV Logs. Read traffic logs rom Splunk
  • [MT-1795] - RE / ML. Offer thresholds for traffic filtering
  • [MT-1800] - API Calls. Improve feedback error message
  • [MT-1801] - HealthCheck. Check APT frozen packages

Task

  • [MT-1757] - M.Learning setting- Expedition ML Address probably not being saved on the fresh installed Expedition

Improvement

  • [MT-1794] - Checkpoint. Support for routing table per rulebase
  • [MT-1805] - CSV Logs. Splunk: Use earliest and latest options

 

Version 1.1.68

Date 28/04/2020

Bug

  • [MT-1780] - Config Import. Invalid Version error

Improvement

  • [MT-1671] - VPN Warnings. Provide Warning feedback
  • [MT-1770] - CISCO. IPSec Tunels missing ProxyIDs
  • [MT-1771] - Update Message. Improve message to assist Expedition Update

 

Version 1.1.67

Date 23/04/2020

Bug

  • [MT-1764] -Download Config. Unable to pull running config from Panos 8.1.14, 9.1.2

 

Version 1.1.66

Date 16/04/2020

Bug

  • [MT-1747] - Network -> Interface Goes up only to EthernetX/24 does not support ExternetX/25-28
  • [MT-1759] - Checkpoint. Address with netmask not convertible to CIDR
  • [MT-1761] - ASA Conversion - Security Policies Do Not Convert
  • [MT-1765] - Remap Interface. Sets interface as blank

New Feature

  • [MT-1750] - Export. Allow filtering subatomic API calls with commas
  • [MT-1751] - Export. Allow filtering subatomic API calls by device group

Improvement

  • [MT-1756] - Export. Filter by API response code
  • [MT-1762] - HealthCheck. Unused accounts

 

Version 1.1.65

Date 02/04/2020

Bug

  • [MT-1628] - Export: generated api with Mega doesnt work
  • [MT-1639] - Virtual Router: on RIP there are interfaces and they are not being read
  • [MT-1755] - Radius LDAP. Failing to test

New Feature

  • [MT-1742] - CSV Logs. Allow override AfterProcess from Panorama
  • [MT-1749] - Bulk Change. Append Description all rules (as include)
  • [MT-1753] - Palo Alto Networks. Slow import of Routes with objects
  • [MT-1754] - CSV Autoprocess. Compress/Delete second and later files Override by Panorama

Improvement

  • [MT-1745] - Add Description to security policy Bulk Change function

 

Version 1.1.64

Date 25/03/2020

Bug

  • [MT-1729] - Add version 9.2 to the getVersion function
  • [MT-1739] - Error when to click save on address object

Improvement

  • [MT-1692] - Palo Alto Networks. Slow import of Routes with objects

 

Version 1.1.62 & 1.1.63

Date 20/03/2020

Bug

  • [MT-1724] - Ghost Objects. It may provide more results than actual address objects
  • [MT-1725] - CISCO. Missing security Rules with warnings
  • [MT-1728] - CISCO. Some host objects get imported with CIDR=0
  • [MT-1731] - Filters. Use id as a value for the combo_operator
  • [MT-1733] - CSRF. Control on device report
  • [MT-1736] - CISCO. Missing some predefined services (e.g. icmp-echo-reply )

New Feature

  • [MT-1730] - Edit userDefinitions. Provide page to modify userDefinitions.php
  • [MT-1734] - AppID. Customize max number of rules to analyse
  • [MT-1735] - Filters. Rules without hits

Improvement

  • [MT-1732] - Dashboard. Provide info about address count
  • [MT-1737] - CISCO. Aggregate Sec Rules based on same remark

 

Version 1.1.61 and 1.1.61.1 and 1.1.61.2

Date 10/03/2020

Bug

  • [MT-1712] - CSV Files. Correct reporting device
  • [MT-1713] - CISCO. Sanitize Description text
  • [MT-1714] - Security Rules. Skip loading empty security rules list
  • [MT-1715] - Devices Monitor. Allow export

New Feature

  • [MT-1701] - Ability to identify logged in users
  • [MT-1716] - Filters. Show rules without hits

Improvement

  • [MT-1710] - RSyslog. Specify user owner of CSV logs
  • [MT-1711] - Update Expedition dependencies

 

Version 1.1.60

Date 05/03/2020

Bug

  • [MT-1709] - Invalid ranges

Version 1.1.59

Date 04/03/2020

Bug

  • [MT-1695] - CSV Logs. Unsupported logs are reported as processed
  • [MT-1696] - CSV Logs. Failure to process Summary on logs
  • [MT-1697] - CSV Logs. Failure to process CSV logs due to "rule" empty
  • [MT-1699] - CSRF. Direct the user to the logging page is session is expired

Task

  • [MT-1704] - Fortinet. Cover service ports in security rules involving VIP destinations (update)

Improvement

  • [MT-1700] - CSV List. Present processed logs by HA device
  • [MT-1702] - CSV Logs. Report reasons for not finding logs
  • [MT-1706] - CSV List. Allow files with spaces
  • [MT-1707] - CSRF. Control on file posting
  • [MT-1708] - Incomplete Jobs. Update jobs that have tasks completed.

 

Version 1.1.58, 1.1.58.1

Date 27/02/2020

Improvement

  • [MT-1682] - Import Config. Present date of the device's config in the grid
  • [MT-1686] - Devices. Catch control for listing files larger than 2GB over NSF
  • [MT-1687] - Invalid Address. Verify that an address object does start with a valid char
  • [MT-1691] - Fortinet. Cover service ports in security rules involving VIP destinations
  • Modify CSRF token expiration time

 

Version 1.1.57 & 1.1.57.1

Date 18/02/2020

Bug

  • [MT-1617] - Add "fixed" Cases in Consolidations' Calculations
  • [MT-1666] - FR - Merge on Policies for more than 10 cases in one pass

Task

  • [MT-1488] - Merge Rules: change behaviour

Improvement

  • [MT-1663] - App-ID Adoption. Support Consolidation with Recommended+Dependencies
  • [MT-1672] - Checkpoint. Rename import labels
  • [MT-1673] - RE. Separate incomplete and insufficient data traffic

 

Version 1.1.56

Date 13/02/2020

Bug

  • [MT-1653] - API Export: atomic complete but incomplete (policies) and sub atomic never completed
  • [MT-1661] - Checkpoint. Tags not created for section rules
  • [MT-1662] - Other vendors. Rules presented in a wrong order when selecting VSYS=all

Improvement

  • [MT-1664] - Radius Authentication. Include attributes for client identification
  • [MT-1667] - Dashboard. Invalid address objects for IPv6 wrongly calculated
  • [MT-1668] - Applications.xml. Update the default applications.xml file
  • [MT-1669] - Device Config files. Enable downloading not encrypted files
  • [MT-1670] - Authentication Server grid. Increase the last column to see the Test button

 

Version 1.1.55

Date 06/02/2020

Bug

  • [MT-1615] - Applications Signatures: does not load XML on UI
  • [MT-1648] - Sec Merge. Control on negated src/dst
  • [MT-1650] - API Export stuck at Generating Log Settings :: vsys:shared
  • [MT-1654] - Devices: Update "Panorama model" when selected and saved

Improvement

  • [MT-1646] - Consolidation Security Rules: Add explanation
  • [MT-1649] - Sec Merge. Improve feedback messages
  • [MT-1655] - Device Summary. Do not show local FW as disconnected from Panorama
  • [MT-1656] - CSV Logs. Support for panos 9.1.x
  • [MT-1657] - HealthCheck. Check for allowed DB connections

 

Version 1.1.54

Date 03/02/2020

Bug

  • [MT-1625] - Dynamic Address Groups may be considered as Unused
  • [MT-1634] - Expedition NAT issues
  • [MT-1638] - Support for multicast routing

Improvement

  • [MT-1640] - ML. Importing "any" may use (if exists) an invalid address object without ip_address

 

Version 1.1.53

Date 27/01/2020

Bug

  • [MT-1629] - RL Import. Ranges are created as ip-netmask instead of ip-range
  • [MT-1630] - Calculate Unused: Automatically called after RE import
  • [MT-1635] - UI: Error deleting unused objects: the objects panel and toolbox does not unlock

Improvement

  • [MT-1631] - SRX: Support for new Zone-based security policies in SRX
  • [MT-1637] - Checkpoint IPv6 network support for <R80

 

Version 1.1.52 & 1.1.52.1

Date 16/01/2020

Bug

  • [MT-1601] - XML Export. Error in application signatures
  • [MT-1604] - Doesn't uploaded Devices grid after added devices
  • [MT-1608] - Viewer Settings. Allow update user Settings in a project
  • [MT-1610] - Expedition Service Object Length
  • [MT-1613] - Issues with API output manager
  • [MT-1614] - Running v1.1.50 - after merging, export hangs at Generating Applications vsys/dg:vsys1
  • [MT-1616] - Update Tab context when clicking on Project Dashboard
  • [MT-1618] - Log Connector: source does not loaded correctly
  • [MT-1619] - Devices: device grid was filtered based on selected project

Improvement

  • [MT-1605] - Max Users. Allow parameterising. define ('MAXSUPERUSERS', 4); in /home/userSpace/userDefinitions.php
  • [MT-1609] - Rules Consolidation: Export to Excel Complete

Version 1.1.51

Date 10/12/2019

Bug

  • [MT-1220] - Address objects incorrectly being marked as unused - Panorama nested objects
  • [MT-1491] - Zones: Include list and Exclude list contains address, address groups objects
  • [MT-1581] - PanOS 9.0: Add GRE Tunnels from Network
  • [MT-1591] - IpSec Tunnel: update interface from Manual Key when change name to interface
  • [MT-1595] - CSV Rules: the "tag" column isn't imported
  • [MT-1596] - CSV Objects: the "tag" column isn't imported
  • [MT-1598] - Search & Replace: It takes a long time to load
  • [MT-1599] - Remove Unused Objects. After import some objects references in NATs were deleted
  • [MT-1603] - Filters. Hit count may miss some rules

Improvement

  • [MT-1587] - Remove/Calculate Unused objects. Perform process in background
  • [MT-1600] - Security Merge. Control on application default and disabled rules

 

Version 1.1.50

Date 25/11/2019

Bug

  • [MT-1556] - PanOS 9.0: Address - Add Type IP Wildcard Mask
  • [MT-1582] - Filter Invalid&Used: fails to filter
  • [MT-1588] - Static Route cannot be created within UI
  • [MT-1590] - CSV Autoprocess. Managed Device not processed when not having path and Panorama does not have autoprocess enabled

Improvement

  • [MT-1584] - Merge. Control ANY and Values merge on all fields in security rules
  • [MT-1586] - Security Rules. Show ML/RE rules with an icon

 

Version 1.1.49

Date 19/11/2019

Bug

  • [MT-1573] - Generate XML: error when generated zones
  • [MT-1578] - Autoprocess. Does not process the logs from all the devices
  • [MT-1579] - Calculated Used/Unused Objects: error when Calculating dynamic groups

Improvement

  • [MT-1574] - Monitor. Show all type of monitor entries

 

Version 1.1.48, 1.1.48.1, 1.1.48.2

Date 12/11/2019

Bug

  • [MT-1557] - Tags on Applications: doesn't load. Import/Export.
  • [MT-1571] - CISCO. VPN without peers stops parser
  • [MT-1572] - Checkpoint. Single IPv6 objects issue

New Feature

  • [MT-1431] - (Predefined) Filters to Hit Count on Security Policies
  • [MT-1567] - Threat Dynamic Reports

Improvement

  • [MT-1570] - Applications Window: Change UI

 

Version 1.1.47

Date 11/11/2019

Bug

  • [MT-1559] - Connector. Error when having multiple panorama connectors
  • [MT-1565] - Static group to Dynamic group
  • [MT-1566] - First Load Crash. environmentParameters not existing

New Feature

  • [MT-1496] - Bulk Changes Policies: Add/Delete Group Tags

Improvement

  • [MT-1558] - Connector. Create a dynamic connector to avoid multiple changes
  • [MT-1560] - Connector. Allow selecting the source from a device
  • [MT-1561] - App-ID Adoption. Allow processing "deny" rules.
  • [MT-1562] - App-ID Adoption. Collect incomplete and insufficient-data apps.
    [MT-1563] - CSV Processing. Clarify how to enable files for CSV processing

 

Version 1.1.46

Date 5/11/2019

Bug

  • [MT-1506] - Merge tags: merged all, not selected
  • [MT-1511] - Virtual Router: PanOS 9.0: Destination, Next Hop IP Address, Path Monitoring are address objects
  • [MT-1512] - Virtual Router: PanOS 9.0: Add FQDN on static routes Next Hop
  • [MT-1547] - Clone Window: Failure message on wait message
  • [MT-1548] - Tags null on Policies
  • [MT-1551] - PanOS 9.0: Merge Tags by Name: doesnt update on group tags
  • [MT-1552] - Regions: merge by Name or Value doesnt work

New Feature

  • [MT-1550] - CHECKPOINT R80.10. Added support for dynamic NATs

Improvement

  • [MT-1549] - Calculated Used/Unused: add group tags
  • [MT-1553] - Tags Menu: unify Menu Up & Down
  • [MT-1554] - Tags Menu: Add/Replace Prefix/Suffix
  • [MT-1555] - Regions Menu: unify Menu Up & Down

 

Version 1.1.45

Date 4/11/2019

Bug

  • [MT-1540] - CSV Processing. Listing files issues

Improvement

  • [MT-1541] - Devices. Skip Listing CSV Logs if possible
  • [MT-1546] - Device Summary. Avoid warnings

 

Version 1.1.44

Date 31/10/2019

Improvement

  • [MT-1534] - CSV Processing. Reduce time for file listing
  • [MT-1535] - CSV Processing. Support processing hundreds of files in one call
  • [MT-1536] - CSV List. Improve time setting PANOS version priority

 

Version 1.1.43

Date 30/10/2019

Bug

  • [MT-1479] -  Route Monitor being deleted
  • [MT-1485] - Replace Feature does not visualize all replacing options if a filter is applied.
  • [MT-1487] - Filters: on objects, filter with tags does not work
  • [MT-1497] - Virtual Router: On edit windows does not see RIP Administrative Distances
  • [MT-1507] - CSV Autoprocess. Compress/Delete second and later files
  • [MT-1508] - CSV Processing. Malformed CSV files crash Spark 2.4.3
  • [MT-1521] - CSV Processing. Add 'csv' as log type for new devices by default.

New Feature

  • [MT-1498] - Task Agent. Autostart when booting for new installs.

Improvement

  • [MT-1519] - CSV Processing. Improve panReadOrders feedback
  • [MT-1520] - CSV Processing. Allow processing files with .log extension
  • [MT-1518] - CSV Processing. Allow processing files under panorama managed devices

 

Version 1.1.42

Date 23/10/2019

Bug

  • [MT-1505] - RE Import. Check UTF8 encoding for user names

New Feature

  • [MT-1472] - Version PanOS 9.1: Edit Rules: Add "group-tag" on editor rules
  • [MT-1484] - Device Monitor

Improvement

  • [MT-1486] - CISCO. Support for src port services
  • [MT-1489] - CISCO. Service any from 0-65535
  • [MT-1499] - www-data in expedition group
  • [MT-1504] - Filters. Allow multiple levels of filter operators

 

Version 1.1.41 and 1.1.41.1

Date 17/10/2019

Bug

  • [MT-1002] - PanOS-9: add "group-tag" in all policies
  • [MT-1451] - Appoverride Rules: When editing the rules, the zones add any
  • [MT-1453] - Appoverride Rules: On edit rules set Application and Port field required
  • [MT-1456] - Scheduled tasks. No task found
  • [MT-1457] - Merge Rules: add "target" options
  • [MT-1458] - Cloned Rules: On Nat/Appoverride Rules missing cloned target
  • [MT-1461] - CSV Processing. File size incorrectly reported
  • [MT-1462] - Invalid Rules. Filter does not show results
  • [MT-1465] - SRX. Device Static Routing not imported when VR is defined
  • [MT-1466] - Virtual Wires: When edit interfaces and selected virtual wire, change automatically interfaces on virtual wires
  • [MT-1467] - PALOALTO: error on export log-authentication-timeout from authentication rules
  • [MT-1473] - Expedition Bug - Applying Filters (v1.1.40)
  • [MT-1475] - Dashboard. Invalid rules
  • [MT-1482] - Checkpoint. Issue with address IPv6 addresses in <R80

New Feature

  • [MT-1003] - Version 9: add "uuid" in all policies
  • [MT-1468] - CSV Processing. Support for PANOS 9.1 Beta.
  • [MT-1480] - RE Import. Consider compacting Service High Ports
  • [MT-1481] - RE Import. Consider importing networks

Improvement

  • [MT-1469] - Change CSV Log permit. Increate feedback
  • [MT-1470] - Job monitoring. Verify the proper counts of failed jobs

 

Version 1.1.40

Date 09/10/2019

Bug

  • [MT-1442] - Profiles on Security Rules: doesn't rendered correctly File Blocking
  • [MT-1443] - Best Practices / Threat Practice: error in parameters from function
  • [MT-1446] - CSV List. Empty (0 size) files provoke UI error and timeouts

New Feature

  • [MT-1439] - Filters: change columns behaviour

Improvement

  • [MT-1445] - Checkpoint. IPv6 host and network objects support

 

Version 1.1.39

Date 04/10/2019

Bug

  • [MT-1208] - Dashboard: doesnt rendered correctly values from Tags
  • [MT-1433] - CSV Processing. Error accessing CSV file while processing
  • [MT-1434] - CSV Processing. May loop on a file multiple times

New Feature

  • [MT-1421] - Tags: Add Filter (Predefined) Used and Unused and link to Dashboard
  • [MT-1405] - ZONES. Bulk change delete

Improvement

  • [MT-1184] - Networks Menu: unify Menu Up & Down
  • [MT-1397] - CSV Files. Show warning if file to big for GZ
  • [MT-1435] - Device Listing Timeout. If ML settings are incorrect, Expedition may give timeouts

Version 1.1.38

Date 26/09/2019

Bug

  • [MT-1076] - FQDN address being incorrectly marked as invalid
  • [MT-1186] - Panorama - a specific DG cannot be selected
  • [MT-1221] - Interfaces not being imported into the correct VSYS
  • [MT-1225] - Log processing - failing due to memory issues
  • [MT-1395] - CISCO. Non-utf descriptions support
  • [MT-1403] - Dashboard:warnings on rules are not correctly calculated 
  • [MT-1417] - Checkpoint. Issue with address group creation in R80.10 (2)

Version 1.1.37

Date 20/09/2019

Bug

  • [MT-1387] - Checkpoint. Issue with address group creation in R80.10

Improvement

  • [MT-1386] - STONESOFT. Interfaces in virtual fw_cluster

 

Version 1.1.36

Date 19/09/2019

Bug

  • [MT-1165] - FGT migration - not considering case sensitive address object naming - causing incorrect migration
  • [MT-1168] - CSV Interface. Some interfaces are not correctly imported
  • [MT-1185] - ASA migration - failing when migrating crypto profiles
  • [MT-1202] - ASA migration - NAT rules not migrating
  • [MT-1217] - Merge by Name and Value - Failing for address-groups, results in merging Groups with same name but different members
  • [MT-1223] - Zones - remove the option to add them to 'shared'
  • [MT-1284] - WebUI - no longer displaying 'Known Applications by rule' pop up
  • [MT-1286] - UI: Known Applications: the tree Applications doesnt rendered correctly
  • [MT-1377] - Applications Groups Menu: Selected Predefined Filter doesnt work
  • [MT-1379] - Issue with merging of service objects with same dport value but different timeout
  • [MT-1380] - Applications Groups: Predefined Filter Name & Value and Merge, error on select when default_applications

Improvement

  • [MT-1320] - CSV Processing. Do not allow clicking on "Process Files" within a Panorama device
  • [MT-1371] - CSV Processing. Save PID to be able to check if the process failed
  • [MT-1283] - New Project. Cannot add device during new project creation (applications.xml containsa dependency loop)

 

Version 1.1.35

Date 14/08/2019

Bug

  • [MT-1203] - Checkpoint R80.x0 - migrating NAT rules twice (duplicating them)
  • [MT-1216] - Updates 1.1.34: Unknown column 'vsys' in 'config_views'

Improvement

  • [MT-1214] - Invalid Sec Rules. Mark as invalid rules those containing incomplete and insufficient-data apps

 

Version 1.1.34

Date 13/08/2019

Bug

  • [MT-997] - CISCO. down interface is considered for routing
  • [MT-1138] - AutoZoneAssign - not finding the VR from a template
  • [MT-1201] - Checkpoint R80.10/.20 - incorrectly migrating vsys/DG names causing migrations to fail
  • [MT-1205] - WebUI - Export page - deleting a single item results in removing the entire config file
  • [MT-1211] - AutoZoneAssign - incorrectly using the DG as the vsys assignment
  • [MT-1213] - AutoZone. Do not consider "down" interfaces for routing tables

Improvement

  • [MT-1209] - CSV Processing. Allow processing using the priovidrd path even not having saved device settings
  • [MT-1210] - CSV Processing. Provide human-readable feedback
  • [MT-1212] - Network Interfaces. Show down interfaces as disabled rows

 

Version 1.1.33

Date 08/08/2019

Bug

  • [MT-1041] - Stonesoft import - errors on import. Initial support for virtual_fw devices
  • [MT-1126] - Load snapshot - Cancel option does not stop the loading of the snapshot
  • [MT-1147] - Save snapshot - support saving and loading without manually typing a name
  • [MT-1192] - Spark - not processing traffic logs when hostname has an underscore
  • [MT-1199] - ML. Wrong naming convention when importing networks

New Feature

  • [MT-1195] - For ML and RE - add the option to analyze 'incomplete' logs

Improvement

  • [MT-1154] - Tags - check for duplicate tags (Dashboard information)
  • [MT-1194] - Spark java.net.UnknownHostException. Issues with the hostname. Healthcheck for hostname without "_"

 

Version 1.1.32 (Requires expeditionml-dependencies-beta v. 0.1.3)

Date 02/08/2019

Bug

  • [MT-1150] - WebUI filter for NAT - create a filter for 'Interface'
  • [MT-1185] - ASA migration - failing when migrating crypto profiles

Improvement

  • [MT-1187] - Add "Mark as Fixed" button warning messages on Warning Tabs Editor Rules
  • [MT-1188] - HealthCheck. Check for installed versions
  • [MT-1189] - Spark. Upgrade to Spark 2.4.3 (ML and RE performance and feature improvements)
  • [MT-1190] - panReadOrders started. Create a script to automatically start panReadOrders agent

 

Version 1.1.31

Date 31/07/2019

Bug

  • [MT-1149] - ASA - not migrating NAT rules
  • [MT-1169] - CISCO. VPN - IKE gateway wrong interface if multiple "crypto map" entries are available
  • [MT-1170] - CISCO. VPN IPsec crypto profile - no unique name created
  • [MT-1174] - CSV NAT import: not all values for "interface" ingested
  • [MT-1176] - Policies editor: Do not show corrected warnings
  • [MT-1177] - CSV: added log twice, one with name and another empty
  • [MT-1181] - CSV Processing. Identify jobs that started more than 24h ago
  • [MT-1182] - Bug when Remapping Interfaces
  • [MT-1183] - App-ID adoption - timing out when requesting traffic logs

Task

  • [MT-1171] - UI: Connector, change order from Top

Improvement

  • [MT-1172] - ML: Provide network only for IPv4
  • [MT-1173] - ML Settings. Trim paths before saving new Path
  • [MT-1178] - Scheduled tasks. Check for scheduled tasks every 30 sec
  • [MT-1180] - CSV Processing. Provide feedback in bar

 

Version 1.1.30-h2

Date 24/07/2019

  • Temporarily Disabled: [MT-1158] - ML: Create advanced features to allow network import

 

Version 1.1.29-30

Date 24/07/2019

Bug

  • [MT-1099] - IronSkillet - reports are being incorrectly written to the wrong XPath
  • [MT-1119] - CSV: Service any when importing security rules
  • [MT-1133] - App-ID adoption with Panorama / Cortex
  • [MT-1148] - IronSkillet: Add variable INCLUDE_PAN_EDL
  • [MT-1151] - ASA Parser - new format managed from FMC (Firepower Mgmt Console)
  • [MT-1155] - CISCO. Firepower import fails
  • [MT-1064] - Ext.util.Event.getFireInfo(): No method named "onBeforeLoadReports"
  • [MT-1159] - ML - returning incorrect results – Time Frame Override cannot be cleared
  • [MT-1160] - UI: Convert Basic Event Binding to View Controller Event Binding
  • [MT-1161] - Ext.JSON.decode(): You are trying to decode an invalid JSON String: undefined
  • [MT-1162] - CISCO. Parsing users is not taken \ for group\user
  • [MT-1163] - ASA User-ID Mapping reslove missing "/"
  • [MT-1164] - UI: Window Download doesn't worked
  • [MT-1166] - CISCO. VPN – IKE crypto lifetime is not set correctly

Improvement

  • [MT-1156] - Scheduled log processing – add details to the status messages
  • [MT-1158] - ML: Create advanced features to allow network import

 

 

Version 1.1.28

Date 04/07/2019

Bug

  • [MT-1094] - IronSkillet templates - incorrect MGMT_IP in the XML config
  • [MT-1134] - Edit Project: When asigned devices, devices grid does not reload all devices
  • [MT-1142] - Checkpoint R80.10 parser - hanging on zone calculation for NAT rules. Method missing

Improvement

  • [MT-1145] - CSV Autoprocess. Reset last_execution time to allow re-execution
  • [MT-1146] - Expedition Installer. Verify Expedition user exists

 

Version 1.1.27

Date 04/07/2019

Bug

  • [MT-1047] - Rule Enrichment - Change the order when importing rules
  • [MT-1130] - Checkpoint R80.10/.20 - not importing security or nat policies
  • [MT-1139] - Checkpoint. R80 NAT service may load incorrectly
  • [MT-1140] - Filters. Address groups with 1 member misses some matches

New Feature

  • [MT-1121] - Bulk Change. Add Zone to all rules (as include)
  • [MT-1141] - Filters. Address objects not used in groups

Improvement

  • [MT-1132] - WebUI - Devices header wording change
  • [MT-1136] - Load Applications.xml. Protect against recursive-loop dependencies
  • [MT-1137] - Rule Enrichment. Improve performance by reducing number of queries

 

Version 1.1.26

Date 27/06/2019

Bug

  • [MT-1118] - Search and Replace - 'Remove' option fails when the DG selection is set to 'All'
  • [MT-1122] - ASA migration - add migration support for DM_INLINE service objects
  • [MT-1124] - Periodic CSV Process. Stops if one firewall does not have logs to process
  • [MT-1128] - Invalid policy names - length calculation needs to be adjusted for PAN-OS 8.x and 9.0

New Feature

  • [MT-1120] - Service import - check for valid destination port ranges
  • [MT-1129] - Policy merge - add the policy name of the merged policy into the description into the new policy

Improvement

  • [MT-1080] - Backup directory - limit to 20 snapshots
  • [MT-1127] - VM Setup. Script to setup Expedition on clean Ubuntu 16.04
  • [MT-1131] - Sec Merge. Improve performance

 

Version 1.1.25

Date 20/06/2019

Bug

  • [MT-1054] - Radius Server. Reports test connection errors as LDAP
  • [MT-1066] - SRX migration - custom service timeouts not being migrated
  • [MT-1111] - CSV Nat. Importing NAT rules misses to capture src and dst fields
  • [MT-1112] - UI: console log when edit services
  • [MT-1113] - CSV: delete the first columns mapping
  • [MT-1115] - CSV Service Import. Dport not loaded correctly
  • [MT-1116] - XML generation - removed LLDP profiles
  • [MT-1117] - XML generation - adding 'merged' tag into the incorrect XPath

 

Version 1.1.24

Date 12/06/2019

Bug

  • [MT-1087] - Web UI - multiple refreshes automatically after upgrade to 1.1.21
  • [MT-1091] - Interfaces: when edit lost IP Address
  • [MT-1092] - XML generation - failing to generate XML file
  • [MT-1095] - Interfaces: remove Link Settings from Vlan, Loopback and Tunnel
  • [MT-1096] - Interfaces Log Card/Decrypt Mirror: Import/Edit/Export
  • [MT-1098] - Interfaces: remove field Type from Vlan, Loopback and Tunnel
  • [MT-1103] - JOBS Listing. Include STARTED tasks in the view of pending
  • [MT-1104] - Spark Log. Create entry for RuleDistanceCalculator
  • [MT-1109] - CSV Summary. Perform the summary on HA device as well

Task

  • [MT-1106] - Script New Installation. Located in /var/www/html/OS/installation

Improvement

  • [MT-1100] - HealthCheck Jobs. Verify all the jobs are correctly reported
  • [MT-1101] - Device Reload. Force device reload on "reload", not on tab click
  • [MT-1102] - Snippet Reload. Force snippet reload on "reload", not on tab click

 

Version 1.1.23

Date 2/06/2019

Bug

  • [MT-1105] - GUI Logging loop. Control when backend does not report correctly a valid login.

 

Version 1.1.22

Date 30/05/2019

Bug

  • [MT-1050] - CISCO. upd www not created correctly (reported by R. Ouaini)

Improvement

  • [MT-571] - SPARK: ML_NewRules Reduce time and memory consumption
  • [MT-1006] - Devices - hide the API key's
  • [MT-1060] - ASA migration - migrate service 'domain' as TCP/UDP 53
  • [MT-1074] - Interfaces: Add PagingToolbar
  • [MT-1086] - Policies. Show again the "all" rules
  • [MT-1089] - Discovery Button: Make it all clickable
  • [MT-1093] - Spark CSV. Improve memory and disk usage for debug

 

Version 1.1.21

Date 27/05/2019

Bug

  • [MT-1036] - Rule Enrichment - App-ID being included in imported rules with 'Application' unchecked
  • [MT-1078] - CSV Import - Import of security policies not incrementing Rule ID's correctly

Improvement

  • [MT-1084] - CSV Autoprocess. Show current system time for autoprocess assistance
  • [MT-1085] - CSV rights. Script to modify CSV log rights to emable www-data delete the files

 

Version 1.1.20

Date 24/05/2019

Bug

  • [MT-1063] - XML Generation - Panorama Template - Interface mappings not migrating correctly
  • [MT-1070] - Panorama: add on Interface Type: "Log Card", "Decrypt Mirror"
  • [MT-1075] - Predefined Filter “Duplicated Name” Not Worked as Expected

Improvement

  • [MT-1005] - CSV Import - services add field for source port
  • [MT-1071] - CSV Logs. Schedule log processing (autoprocessing)
  • [MT-1081] - HealthCheck Summary to fast spot healthcheck issues
  • [MT-1082] - HealthCheck. Verify Temp Data Structure rights
  • [MT-1083] - Spark. Separate temp data structure from parquet paths

 

Version 1.1.19

Date 16/05/2019

Bug

  • [MT-1001] - CSV import - do not allow Security policies to be imported into 'Shared'
  • [MT-1063] - XML Generation - Panorama Template - Interface mappings not migrating correctly

Improvement

  • [MT-1068] - CSV Parquet. Split CSV files into buckets based on available RAM. Reduce chances for memoryoverhead error

New Feature

  • [MT-1069] - environtmentParameters. Verify that all required parameters are defined via a healthcheck

 

Version 1.1.18

Date 13/05/2019

Bug

• [MT-884] - Zones: on version 8, add type "Tunnel" and "External" on Panorama
• [MT-1039] - Zone names - max characters is 31 - Expedition recognizes only up to 15
• [MT-1046] - WebUI - Filter for Address --> Type needs to be corrected
• [MT-1059] - Slow performance - when removing unused objects
• [MT-1065] - Filters: duplicated Name & Value on AddressGroups

Improvement

• [MT-858] - Usability improvement feature: Add status icon for Project exports
• [MT-1061] - Change "No rules configured" to "Select a vsys with rules"
• [MT-1067] - CSV Parquet. Use available RAM

 

 

Version 1.1.17

Date 06/05/2019

Bug

 

  • [MT-403] - CISCO. The field devicegroup shows "default" instead of filename
  • [MT-892] - User-ID entry causing XML generation to fail or XML to be malrofmed
  • [MT-961] - ScreenOS - service configs with multiple ports and protocols with SRC settings not migrating correctly
  • [MT-1048] - Dashboard - Disk Space message - updated Live Community link
  • [MT-1051] - TAG "merged" is used by objects but not exported to the XML
  • [MT-1052] - Edit Security Rules: add/edit tag change with id
  • [MT-1056] - Policy count reporting error. Vsys "all" will not display security rules.
  • [MT-1057] - WebUI - wording changes

Improvement

  • [MT-999] - Mark Checkpoint policies with a Warning when migrated from an action not set to allow or deny
  • [MT-1012] - UI wording change - Search and Replace - change 'VSYS' to 'VSYS / DG'

 

Version 1.1.16

Date 30/04/2019

Bug

• [MT-884] - Zones: on version 8, add type "Tunnel" and "External" on Panorama
• [MT-892] - User-ID entry causing XML generation to fail or XML to be malrofmed
• [MT-994] - Address merge - perform a precheck for Ghost objects. Do not let ghost objects to be merged
• [MT-1004] - Virtual Router - Route sorting not working
• [MT-1017] - Add LACP Port Priority on Interface when type is Aggregate Ethernet (reported by Luke)
• [MT-1027] - ASA migration - failing to complete the migration
• [MT-1029] - Add Tag Column on Grid Applications
• [MT-1030] - PAN-OS. Panoram read-only. Dont create it if max id is 0
• [MT-1031] - XML generation - <import> - importing unneeded interfaces causing commit to fail
• [MT-1032] - Checkpoint R80.20 - Address groups not being migrated
• [MT-1033] - Interfaces: update interfaces on other tables
• [MT-1042] - CSV. After read the content of a csv file go to PAGE1 by default.
• [MT-1043] - CISCO. Support for address-group security in ACLs
• [MT-1044] - Warning Logs from Address Groups

 

New Feature

• [MT-759] - Add TAGS to merged objects (address and services) and policies (security and NAT)
• [MT-849] - Add Tags to multiple address objects (multiedit)
• [MT-1026] - CSV Import - add option to delete lines


Improvement

• [MT-844] - API Key. Make the request in background
• [MT-864] - Export: Change to Job
• [MT-1010] - NAT policy export - add column and values for 'Translation Type'
• [MT-1013] - Add on Objects: selected item from right click on Menú options
• [MT-1016] - WebUI change - App-ID adoption
• [MT-1035] - Address. Improve performance to process address and address groups
• [MT-1037] - IronSkillet. Add templates for version 9.0
• [MT-1038] - Change report name - M.LEARNING Traffic report
• [MT-1045] - CSV. AutoMap Columns based on CSV Header

 

 

Version 1.1.15

Date 15/04/2019

Bug

  • [MT-892] - User-ID entry causing XML generation to fail or XML to be malrofmed
  • [MT-1007] - XML generation - inserting invalid tunnel interface configuration
  • [MT-1008] - App-Override - Transform App to Service is generation an incorrect timeout
  • [MT-1019] - Merge - cannot merge 'Log forwarding profile'
  • [MT-1020] - Service Merge. Error while merging two services

New Feature

  • [MT-759] - Add TAGS to merged objects and policies

Improvement

  • [MT-1014] - Increase height of the window that shows the results of the merge

 

Version 1.1.14

Date 12/04/2019

 

Bug

  • [MT-768] - Consolidate - do not mix and match rules with services and applications
  • [MT-1000] - Expedition Exporting Configuration with "read-only" (reported by Luke)

 

Version 1.1.13

Date 10/04/2019

Bug

  • [MT-757] - MERGE - issue found when setting unused object as primary for merge
  • [MT-937] - Web UI - Remove the "Register as Regions" button
  • [MT-942] - XML generation - orphan XML tag being added
  • [MT-953] - Rule merge all results
  • [MT-986] - WebUI - (Predefined) Nat noNAT not working correctly
  • [MT-998] - Web UI - graphic not rendering correctly
  • [MT-1009] - Expedition Cross Site Scripting in devices View (Description field)

Task

  • [MT-308] - Verify all scripts in /bin have the sessionControl.php

Improvement

  • [MT-975] - MULTI-EDIT - enable the 'Description' option
  • [MT-995] - Ghost object - replace the "/" in the name after transforming
  • [MT-996] - Wording change in UI

 

Version 1.1.11

Date 28/03/2019

Bug

  • [MT-947] - SRX migration - NAT rules not migrating Destination NAT rules correctly
  • [MT-958] - PROJECT. Prevent invalid names for Projects like "create" or "is"
  • [MT-964] - Dashboard. Calculate Ghost when source is not provided
  • [MT-966] - Dashboard. Invalid services do not consider groups with "any" inside
  • [MT-967] - CISCO. Creating service groups with tcp-udp services includes any service
  • [MT-968] - CISCO. Missing some implicit services due to being both tcp and udp
  • [MT-969] - Export to Excel: Nat rules, remove id) from name
  • [MT-972] - Save snapshot - not saving when the snapshot name has blank spaces

New Feature

  • [MT-917] - API Calls. Clear all API Calls.

Improvement

  • [MT-956] - Dashboard statistics - only calculate unused objects for the most recent imported configuration
  • [MT-957] - Dashboard statistics - add a counter for rules and objects with warnings
  • [MT-959] - Check Used Objects. Calculate objects only for the new source
  • [MT-976] - API Output manager - expand the 'search' to include the 'XML Content'
  • [MT-978] - Dashboard. Include address groups with invalid references

 

Version 1.1.10

Date 21/03/2019

Bug

  • [MT-819] - SRX file migration failed - due to Invalid XML
  • [MT-932] - SRX - NAT policies not migrating correctly
  • [MT-939] - Service override settings need correction in the XML and API output
  • [MT-940] - SRX - migration stalls at importing NAT policies
  • [MT-949] - XML generation is Invalid - Dash in the description causing the failure

New Feature

  • [MT-200] - Convert Long structures to BigInt to support IPv6
  • [MT-941] - SRX - migration support for double NAT configurations
  • [MT-946] - WebUI - add a global indicator for the Expedition agent status
  • [MT-948] - CSV Logs. Show logs per days summary

Task

  • [MT-952] - Update to Sencha 4.2.5

Improvement

  • [MT-501] - CHECKPOINT R80. Importing objects some are missing
  • [MT-781] - Allow importing of new configurations to be displayed and edited
  • [MT-871] - Add a message after merging configurations
  • [MT-936] - Add a search for Device-Group and Template selections

 

Version 1.1.7

Date 28/02/2019

Bug
   [MT-874] - ZONES: Delete a used zone is performed without a warning
   [MT-879] - Saved Rule Name with the character "*"
   [MT-880] - Filters doesn't search by the character "*"
   [MT-885] - Application object import - commas are causing new lines to be created
   [MT-886] - DEVICES page load timing out causing remote exception when hundreds
   [MT-887] - XML generation failing due to VLAN configured object
   [MT-888] - R80 import - Address group missing some members
   [MT-890] - IronSkillet - base config not passing admin credentials
   [MT-894] - Filter - not matching predefined keywords 'none'
   [MT-897] - Import Project: error when are two or more directories on folder
   [MT-898] - Checkpoint. Missing members in nested groups
   [MT-901] - Zones - incorrect zone being deleted by mistake

   [MT-902] - IronSkillet - 8.1 XML file not adding template
   [MT-903] - IronSkillet - not copying the MGMT IP information

   [MT-904] - IronSkillet - API Output manager is generating invalid API requests for deviceconfig
   [MT-905] - Spelling correction - Best practices section
   [MT-908] - XSS in Migration Tool
   [MT-909] - Import/Export Applications ident-by-icmp-type

Improvement
    [MT-877] - /boot out of space Added as Check from the Dashboard.
    [MT-891] - IronSkillet - Panorama config display enhancement
    [MT-907] - Fixed some Text Typos

 

Version 1.1.6

Date 14/02/2019

Improvement
   * [MT-828] - LogConnector: Provide information about used data sources
   * [MT-876] - Change width “Description” column for all Excel export

 

Version 1.1.5
Bug

    * [MT-866] - ScreenOS. Fails importing security rules with hidden chars
    * [MT-872] - ScreenOS: SNMP service incorrectly loaded
    * [MT-860] - Filters. “Starts with” does not filter correctly

Improvement
    * [MT-814] - Auto Zone Assigment: change title if nat or security policies
    * [MT-815] - Autozone: Bidirectional NATs are not correctly applied
    * [MT-863] - Allow reimporting a configuration with an existing name. Loaded with date suffix

 

Version 1.1.4

Date 02/05/2019

Bug

  • [MT-767] - Consolidate - do not include 'Deny' rules to consolidate if other rules are set to accept
  • [MT-811] - Cisco ASA migration - Auto Zone Assign not calculating the zones for Security rules correctly
  • [MT-813] - ver 1.1 - XML generation failing - due to PBF rule
  • [MT-820] - GlobalProtect configuration missing in Expedition tool
  • [MT-823] - Policy Filter in Expedition with option NOT IN NETWORK
  • [MT-826] - Services: override unexpected here. Discarding.
  • [MT-827] - Rule Enrichment: doesn't import correctly application-default
  • [MT-829] - Rule Enrichment: doesn't have save snapshot
  • [MT-834] - Export/Output: Disable override doesnt generated correctly
  • [MT-837] - Export/Output: services with protocol SCTP doesnt generated correctly
  • [MT-842] - LDAP. Authentication not working correctly
  • [MT-845] - Policy Filter with option NOT IN NETWORK doesn’t work
  • [MT-857] - SRX parser - not adding nested service groups
  • [MT-859] - Rule Enrichment: doesn't import correctly source/destination

 

New Feature

  • Under LDAP servers a new field has been added (account prefix)
  • Now Expedition calculates for all the rules if they are L7 or L4 only.
  • [MT-698] - New Predefined Filter. L4 and L7 Rules
  • [MT-850] - The Discovery window has been splitter in two windows one for ML and another one for Rule Enrichment
  • The ML and RE now supports IPv6 addresses within the logs
  • Expedition will verify if you have access to the logs folder for ML and RE
  • Runtime feedback added while RE and ML is running from the view.
  • [MT-812] - Update BPA Security Policies View with the new Fields
  • [MT-833] - ML: RE: Added Unknown applications to the Analysis
  • [MT-843] - UserRoles. Do not allow SuperUser to change own role
  • Expedition can import the same configuration name into the same project by automatically renaming them with the date-time at the end of the filename.

 

Version 1.1.2

Date 28/12/2018

Bug

  • [MT-813] - ver 1.1 - XML generation failing - due to PBF rule

Improvement

  • [MT-814] - Auto Zone Assigment: change  window title if its nat or security policies
  • [MT-815] - Autozone: Bidirectional NATs are not correctly applied

 

Version 1.1.1

Date 19/12/2018

Improvement

  • [MT-812] - Updated Best Practices. The Security Policies View. Updated the Grid Columns

Bug

  • IronSkillet. Version 1.1 didnt get all the components needed to run IronSkillet. Fixed in 1.1.1

 

 

Version 1.1

Date 14/12/2018

Bug

  • [MT-407] - Filtering by Nat zone TO doesn't work
  • [MT-597] - Output: Merge zones in the Template
  • [MT-599] - Consolidation: Check for duplicated profiles
  • [MT-602] - Bug with ML server export
  • [MT-604] - Device image models are not rendered correctly.
  • [MT-608] - Rule Enrichment: Add to Existing Rules
  • [MT-622] - FW: Latest Version of Expedition doesn't delete Service Objects
  • [MT-628] - Issue with Custom App-IDs in Expedition
  • [MT-634] - Truncate Names Rules Names/Description v.8.0
  • [MT-636] - ASA Config: Any in group to service
  • [MT-648] - Remote exception when filtering for unused address object groups
  • [MT-651] - New bug detected in 1.0.101 (Email) Duplicated Name, Filter
  • [MT-765] - Update name schedules/log forwarding/zones/monitor, selected ids from rules by source and vsys
  • [MT-766] - Log Forwarding / Schedule: if it's removed need to be removed from rules too.
  • [MT-800] - Tab Click on Policies does not render correctly
  • [MT-808] - Export: output. Remove new policies QoS, PBF, etc.

New Feature

  • [MT-424] - Add Filter Target and Set Add, Remove, Update target etc
  • [MT-600] - Add button Test on Servers
  • [MT-603] - New windows for Test Connection LDAP and Radius
  • [MT-618] - Address: Add Transform IPAddress to object
  • [MT-779] - Add Other Rules: check version 7

Task

  • [MT-792] - LDAP: remove admin from test window

Improvement

  • [MT-638] - Add Other Rules Import
  • [MT-650] - Add Other Rules: calculate used objects
  • [MT-728] - Unify the two menus of the objects (Address / Address Groups)
  • [MT-729] - Unify the two menus of the objects (Services / Services Groups)
  • [MT-734] - Settings - Servers - LDAP/RADIUS
  • Added Best Practices version 3.6.3
  • Added IronSkillet under Import -> Palo Alto

 

Hotfix 1.0.109

Date 10/12/2018

Bug

  • [MT-756] - PALOALTO. Some Url categories from PAN-DB are lost when Expedition imports a PAN-OS Configuration
  • [MT-795] - App-ID PDF Report. Fields with ANY are rendered with the previous value.
  • [MT-804] - Export: output, drag & drop shared response pages fails to merge with the Base Configuration
  • [MT-805] - Export: output API Calls doesn't generate GlobalProtect IPSec Crypto
  • [MT-806] - Export: output API Calls doesn't generate Tunnel Monitor from IPSec Tunnel

Improvement

  • [MT-475] - Reviewed support for VPN IPSec in PAN-OS version 8.1
  • [MT-797] - Data Analysis. Added support for Logs from PAN-OS 9.0.0 beta
  • [MT-798] - Rule ML: Verify if parquet folders exist before execute the analysis
  • [MT-799] - Rule ML: Define default input and output folders
  • [MT-801] - STONESOFT: Load template NAT rules
  • [MT-802] - STONESOFT: Multiple services in NAT rules not loaded

 

Hotfix 1.0.108

Date 30/11/2018

Bug

  • [MT-744] - Reviewed Consolidation Issues: sometime the zones are lost.
  • [MT-748] - Enable or Disable from menu: add/delete Target when is Panorama
  • [MT-760] - Import Palo Alto: Monitor Profile empty action, interval and threshold
  • [MT-763] - Filters by Tag: doesn't work "not contain" and "not equal"
  • [MT-769] - External List: if is removed, Was not removed from rules.
  • [MT-772] - CISCO: ASA migration enhancement request: service as null
  • [MT-773] - Filters: doesnt work negated filters (not equal, not contains)
  • [MT-774] - Add Prefix. Affects to predefined Objects like application-default
  • [MT-775] - Export: output duplicated predefined objects to shared
  • [MT-778] - Export: output API Output Manager doesnt load devices
  • [MT-788] - Dynamic Address Groups, Add TAGs to export as Excel.
  • [MT-789] - Known Applications: create rule: Icons Source/Destination are not rendered correctly
  • [MT-790] - App-ID Reconciliation Reviewed.

Task

  • [MT-787] - LDAP: Test change method from GET to POST

Improvement

  • [MT-753] - Add options from Rule Action to Bulk Changes on Appoverride Rule's Menu
  • [MT-754] - CSV Import. Static Routes. Rewording Gateway by NextHop
  • [MT-755] - CSV Import. Static Routes. If interface is set and NextHop too add both
  • [MT-783] - Query the summary logs for log analysis. App-ID now can query summary database instead the raw log.

 

Hotfix 1.0.106

Date 10/01/2018

Fixes

  • [MT-677] - CHECKPOINT. Add Target to NAT Rules
  • [MT-678] - CHECKPOINT. Read Headers for NAT as we do for Security
  • [MT-683] - CHECKPOINT. Negated Services in Rule
  • [MT-684] - Activate Rule Actions via rightclick (Nat)
  • [MT-692] - Combine rules from Main Menu
  • [MT-695] - Remapping Interfaces on a PAN-OS configuration added interface in source nat.
  • [MT-708] - SRX. Interfaces not imported due to single quotes in comments
  • [MT-709] - Objects. Address and Groups View. Tag is not shown correctly
  • [MT-713] - Fix duplicated rule name with the maximum name length according to the version

Improvements

  • [MT-686] - Unify the two menus of the rules (Nat)
  • [MT-688] - Add Option "Select All Rules"
  • [MT-691] - Menu Nat rules: set "selection" or "all rules" from all options
  • [MT-717] - STONESOFT. Added support for multiple policy jumps

 

Hotfix 1.0.105

Date 09/19/2018

Fixes

  • [MT-263] - Activate ML/RE rules via rightclick without clicking firs with the left button.
  • [MT-676] - MultiEdit changed parameters from GET to POST
  • [MT-679] - Activate Set as Primary objects via rightclick without clicking firs with the left button.
  • [MT-680] - Activate Rule Actions via rightclick (Security) without clicking firs with the left button.
  • [MT-681] - CombineSecurity rules from Main Menu was not working properly
  • [MT-682] - CISCO. The function addPrefixSuffix was removed. Added again to avoid import crash if IPSsec tunnels defined.
  • [MT-685] - Activate Rule Actions via rightclick (Application Override) without clicking firs with the left button.
  • [MT-689] - STONESOFT. Some member groups where created as duplicated objects because the naming
  • [MT-693] - STONESOFT. Address differenciate between IPv4 and IPv6
  • [MT-705] - Add "Case Sensitive" on Menu option: "Search&Replace"
  • [MT-706] - Export: Source configuration: missing Applications Groups

New Features

  • [MT-360] - Improve Rule Search to include "by ID" in the search not just by name
  • [MT-701] - Rule Menus: Added option "All Rules" to "Add Serial" to all the selection

Improvements

  • [MT-86] - Output: Drop Apps into Shared: AppGroups where not moved properly
  • [MT-519] - Join the two menus of the rules (Security)
  • [MT-613] - Add Filter: (Predefined) Rules with Users
  • [MT-687] - Join the two menus of the rules (Application Override)
  • [MT-700] - STONESOFT. Use Objects in Memory for speed up migrations
  • [MT-704] - Search & Replace: add Id] on grid "Replace"

 

Hotfix 1.0.104

Date 09/03/2018

Fixes

  • [MT-633] - Virtual Routes: edit static routes doesnt oder by column

  • [MT-667] - Consolidations/Merge Nats

  • [MT-668] - MERGE Objects. The Descriptions are appended even they are equal

  • [MT-669] - Error JavaScript ServerProxy store Translation Type on Nat Editor

  • [MT-672] - Remote exception when filtering for unused when clicked on Dashboard

  • [MT-673] - Cloned Rule Nat

  • [MT-674] - STONESOFT. Cidr from objects are not imported

  • [MT-675] - STONESOFT. After GroupMember2IdAddress_improved new dummy objects were created

New Functions

  • [MT-577] - Project Import. Verify the size of the file is smaller than MAX
  • [MT-670] - Filters Nat/App override Policies: Add filter with Target

 

Hotfix 1.0.103

Date 08/28/2018

Fixes

  • [MT-654] - Tools: cloned rule exceeds the max lenght.
  • [MT-661] - Merge by value. Descriptions were incorrectly merged between objects.
  • [MT-663] - Missing options to calculate invalid services
  • [MT-666] - Rule Enrichment is not importing discovered rules

New Functions

  • [MT-662] - SNIPPETS. Add new type SPYWARE

 

Hotfix 1.0.92

Date 06/22/2018

Fixes

  • Output generation was broken if non utf characters or "&" were found in the description fields. 

New Functions

  • Stonesoft: Added support for refuse action to be mapped with reset-both instead of drop

 

Hotfix 1.0.91

Date 06/21/2018

Fixes

  • Cisco Nats: Improved the support for object nats.

New Functions

  • Added Best Practices version 3.0.6
  • After the Update you have to run an script to update to python36
      sudo bash /var/www/html/OS/BPA/updateBPA306.sh

 

Who rated this article