Reporter for SonicWall Release Notes
Subscribe
   All Release Notes Reporter for SonicWall 2.0.1.74 (2023-08-09)

Improved SonicWall integration & IPS reporting
  • New fields: Added new fields that represent the Group Name and Legacy Category from the SonicOS 7.x Event Log Reference Guide. These fields are named Event Group Name and Event Legacy Category, respectively. These fields are in addition to the existing fields Event Category, Event Message, Event Message Detail, and Message ID.
  • Improved IPS Reports: Updated the filters behind the Intrusions Detected widgets in the Firewall Dashboard and the IT Network and Security Report to accommodate changes in SonicWall’s log event categorization.
  • Changed the widgets in the IT Network and Security report Threats section to separate IPS Detection and IPS Prevention events, as well as Attacks and Possible Attacks.
  • Note that the Intrusion Detection Event Category is now obsolete and has been replaced with different filters across Reports, Dashboard, Alerts. However, the change to Alerts is not automatically applied. After upgrading to this version, reset the default ‘Intrusion Detected’ alert to Factory Default (click the Recycle icon on the alert in Settings > Alerts) to get access to the new filter, or change the Criteria in the Alert to Message ID ‘Equal to’ 608.
General
  • SecurityProtocols now enforces a minimum of TLS 1.2 by default, with an option to specify SecurityProtocols via XML settings.
  • Data Retention Policy enforcement now includes the size of today’s data in calculating the total size of data for the size policy, while still not deleting today’s data if it alone exceeds the size policy.
  • Fixed an issue introduced in the previous build where no records would be written to the Elasticsearch database until a minimum number of 10,000 syslog records were reached.
  • Fixed index management being unable to delete indexes in certain situations when an index has unassigned shards.
  • Fixed an issue with YouTube enrichment where some records would be imported without the enriched video metadata from YouTube. This meant you would see both the original YouTube URL as well as the enriched video title as separate items in the YouTube Videos report widget.
  • Switch buttons above Report widgets (e.g., Clean (on) | Clean (off) | Show Both) now indicate which option is currently selected.
Performance Improvements
  • Optimized memory and resource usage in a range of areas across the application. Note that if you have a large amount of data, you may still see memory usage often pegged near 100% due to the way Elasticsearch uses memory-mapped files; however, this memory is made available to other processes when needed and should not affect general performance.
Download Latest Update