Proofpoint | ObserveIT On-Premises Release Notes version 7.13.0
Version 7.13.0
This document provides information about features, issues that were discovered and fixed since the previous release, and any limitations of the release. It is important that you read this document before you install and configure this version.
For information about how to install and upgrade, see:
This version includes security fixes.
New Features and Enhancements
Compact Display for Massive File Copy in Time Line View
In the Timeline view (in the User and Endpoint Diaries and the Search results), when displaying an activity of a batch file copy/move of more than 10 files, only 10 file copy/move activities are displayed, each on a separate line. An additional line follows, displaying information for all files in the batch.
In previous versions, each file copy/move activity was displayed on a separate line which was sometimes very long and difficult to view on the browser.
The example below shows 10 activities, each listed on a separate line, followed by the additional line with summary details of the entire batch.
The 10 file copy/move activities that are displayed on separate lines are prioritized by alerts status, with higher severities given priority over lower severities.
The additional line displays details about the entire batch of files, including the number of files copies/moved, alerts, date and time, indication of any MIP labels and details about the source and target destinations.
To access the full list, a link click to download the full list displays on the additional line. When you click the link, an Excel file is generated and automatically downloaded. The Excel file includes full details on all files in the batch.
This feature is supported for Windows Agents only.
Simplified User Risk Score
The User Risk Score is an intelligent risk score calculated for each user based on that user's alerts, during a specified period of time. The User Risk Score is displayed for each user listed in the Risky Users section of the User Risk Dashboard.
From this version, an optional simplified user risk score calculation is supported. This simplified user risk sore score is not limited to a maximum of 100. (Previously all user risk score calculations were limited to a range of 0 to 100.)
The table below shows the weight used for user risk scoring:
| Severity | New User Risk Score Weight | Risk Score Weight when limited to 100 |
|---|---|---|
| Critical | 10 | 30 |
| High | 5 | 15 |
| Medium | 3 | 5 |
| Low | 1 | 1 |
To enable the simplified user risk score option, from the Configuration tab, select Alerts > Alerts & Prevent Rules > Settings. Select Use Simplified User Risk Score formula calculation.
If you turn on this option, all user risk scores are reset. It will take 30 days to recalculation the score for one month.
Screenshot Encryption Key Rotation
For increased security, you can configure security key rotation for screenshot encryption. This option enables regeneration of the key used to encrypt screenshots. You configure how often (in days) to regenerate the key.
To enable security key rotation, from the Configuration tab, select Configuration> Security & Privacy > Security & Privacy.
From the Security tab, in Image Security Key Rotation section, select Enable key rotation for screenshots encryption check box and set the number of days in the Regenerate new key every x Days field.
Enabling Security Key Rotation
Force Using New API for Agent-Server Communication
From 7.13, new secured API for Agent-Server communication is supported for all agent-server communication. Previously from version 7.12, the new secured API was supported only for Agent registration/unregistration.
The new secured API cannot be used with Agents prior to 7.12 for registration and cannot be used prior to 7.13 for other Agent-server authentication.
The new secured API for Agent-Server communication is supported for Windows and Mac Agents only.
In clean installations of version 7.12.0 (or later) for registration and versions 7.13 (or later) for all Agent-Server communication, this option is selected by default. When upgrading from earlier versions, this option is not selected by default and requires manual activation. If you want to upgrade your agents as well, first make sure this option is not selected, then upgrade the old agents, and only then activate this option.
For customers with Linux Agents, you must disable this option or the Agentsa will not be able to communicate.
Force Using New API for Agent-Server Communication
Resolved Issues
[Issue 624]: Resolved archive failure issue after upgrade to 7.12.4.
[Issue 588]: Improved performance retrieving alerts.
[Issue 574]: Improved restore process on archive.
[Issue 556]: Clean up process for in memory table process has been improved and enhanced.
[Issues 529, 579]: Added keylogger support for non-English characters.
[Issue 562]: Print activity on Mac for Japanese environment was added.
[Issue 604]: Improved table partition mechanism.
[Issue 539]: Improved performance when Anonymization is enabled.
Supported Versions
From version 7.13.0, Windows 7 is no longer supported.
32 bit is not supported from version 7.13.0 for Agent and Updater.
In-App Elements are no longer supported. In-App element options still appear in some places in the UI, they will be removed in 2022.
Version 7.13.0 and up can be deployed only on SQL Servers that support partitions
You can upgrade to 7.13 (or later) only if your original deployment was installed as partitioned. If your system was installed not as partitioned, a migration will need to be performed. Contact Support to get help with it.
To see whether your current SQL Server deployment supports partitions. use the following commands:use observeit
go
/*
You want to see the following partition schema: PS_Day
PS_Day_DayTime
*/ select * from sys.partition_schemes
go
Known Issues and Limitations
Release 7.14.3
When upgrading, the Web Console component must be removed and you must install the new version as Security Support Provider Interface (SSPI). It is not possible to upgrade from an older version configured with SQL authentication to a new version with SSPi.