Skip to main content

Release 24.6

Customer Advisory

Agent Release Version 24.6.4

Agent Upgrade Process:

  • Customers using agent versions from 6.0.1 through 6.1.4 and up to 24.4.3 should contact the ColorTokens support team for upgrading their agents.
  • Direct upgrade of these agent versions is not supported via the Xshield platform.
  • Support teams will use an automated script to upgrade agents to 24.4.5 and beyond.
  • Once upgraded to Agent Version 24.4.5, users can perform future agent upgrades directly via the Xshield platform.

Agent Version Naming Convention:

  • The new agent version format: <year>.<release number>.<minor change number>.
  • Implemented in April with release 24.4.3.
  • Example Breakdown:
    • 24 = Year of the release.
    • 4 = Fourth release of the year.
    • 3 = Minor change within that release.
  • This format provides clarity on the release timeline and sequence of updates.

Platform Enterprise Readiness

Sample Connectors for Integrations

Introduction:

ColorTokens introduces sample connectors for SIEM, vCloud, and LDAP-SCIM integrations. These connectors simplify data integration, ensuring seamless connectivity across systems. Packages and installation instructions are available in Xshield under the respective integration sections.

Benefits:

Identity Sample Connector
  • Simplified Identity Management: Streamlines user/group identity synchronization via SCIM protocol.
  • Automated Data Syncing: Configurable update frequencies ensure up-to-date identity data.
SIEM Sample CEF Connector
  • Improved Incident Response: Enables timely forwarding of security data over Syslog protocol.
  • Standardized Integration: Uses Common Event Format (CEF) for seamless SIEM integration.
vCloud Sample Connector
  • Efficient Asset Management: Retrieves pre-existing vCenter tags for better asset organization.
  • Streamlined Operations: Automates asset segregation, reducing manual effort.

North-South Traffic Visibility

Introduction:

  • Enhanced support for north-south traffic visibility.
  • Provides insights into inbound internet connections that previously appeared as 0.0.0.0.
  • Outbound internet connections remain coalesced as before.
  • Users can request enable/disable through support teams.

Benefits:

  • Enhanced Monitoring: Gain visibility into previously untraceable connections.

Email Notification for Auto-Dismissed Alerts

Introduction:

  • Users can now receive email notifications when alerts are auto-dismissed.
  • Auto-dismissal occurs when an issue is resolved without manual intervention.
  • Users can configure this setting in notification preferences.

Benefits:

  • Ensures users are promptly informed when an alert is automatically cleared.

Named Network Updates Directly from Visualizer

Introduction:

  • Users can now add subnets to existing named networks or create new ones directly from the Visualizer.

Benefits:

  • Faster subnet additions from the traffic visualization tool.
  • Enhances efficiency in policy creation and validation.

Workflow Enhancements for Operational Ease

Introduction:

  • Streamlined segmentation policy workflows for efficient security management.
  • Changes include:
    • Tag policy renamed to Segment, now independent of tags.
    • Easy visualization buttons for tag sets and recommendations.
    • One-click approval for policy recommendations.
    • Security sliders for progressive security adjustments.
    • Automation for policy push.

Benefits:

  • Simplifies the segmentation journey.
  • Reduces complexity for Xshield users.

Note: The Simulate Checkbox is now available on the Asset Page, not directly on the Visualizer.

Appliance Updates

Enhanced Appliance Onboarding via Xshield

Introduction:

  • Streamlined onboarding for directly shipped hardware via Xshield.

Benefits:

  • Faster deployment.
  • Remote configuration via Xshield.

Simplified Configuration via Appliance Console

Introduction:

  • An interactive console UI is now available for initial setup & post-registration configuration.

Benefits:

  • WAN gateway changes without disruptions.
  • Reliable recovery when the appliance loses cloud connectivity.

Improved Ephemeral Port Detection

Introduction:

  • Automatically detects ephemeral ports used by devices.
  • Ensures the return channel is auto-allowed, eliminating manual policy additions.

Benefits:

  • Simplified network management.
  • Optimized OT device support.

Appliance Port Scan Detection

Introduction:

  • Automatically filters port scans on managed devices.
  • Keeps application traffic visualization clear.

Benefits:

  • Improved clarity in traffic monitoring.

Resolved Issues

Dashboard Data Download Discrepancies

  • Issue: Downloaded data did not match displayed values.
  • Resolution: Data mismatch corrected.

On-Premise Agent Upgrade Failures

  • Issue: HTTP request format caused 403 errors on S3 & object stores.
  • Resolution: Agent now extracts file size from platform response.

Agent Upgrade Failure from 6.0.1 to 24.4.4

  • Issue: HTTP request failed due to proxy settings not being used.
  • Resolution: Request now respects proxy settings.

Known Issues

Agent on Linux Server Showing Offline

  • Issue: Concurrent writes led to an empty agent file, marking it invalid.
  • Workaround: Stop ct-agent, delete agent-details.yml, re-register and restart agent.

Missing IPs in Named Networks

  • Issue: Filtered search results differ from unfiltered results.
  • Workaround: Remove all filters before selecting an asset.

Removed Tag-Based Templates Not Updated in Assets

  • Issue: Templates persisted after Tag-Based Policy (TBP) removal.
  • Workaround: Delete templates first, then remove TBP.