ER 2.6.1 Release Notes

The Release Notes provide information about new features, platforms, data types, enhancements, bug fixes and all the changes that have gone into Enterprise Recon 2.6.1.

For a quick view of the changes since the last Enterprise Recon release, see Summary of Changes.

Contents:

1. Highlights

   • New and Improved Data Types
   • Important Bug Fixes
2. Important Notes
   • Critical: One Way Upgrade to Enterprise Recon 2.6.1
   • Critical: End of Support for KCT Datastore Format
   • Upcoming End-of-Support Platforms and Features
3. Enterprise Recon 2.6.1 Changelog
   • What’s New?
   • Enhancements
   • Bug Fixes
4. Features That Require Agent Upgrades

New and Improved Data Types

The Singaporean NRIC data type has been enhanced to include the new prefix "M" for Foreign Identification Numbers (FINs).

Important Bug Fixes

Fixed Erroneous Target Isolated Reports and Scan History for Distributed Scans

Who Needs To Upgrade

Upgrade to Enterprise Recon 2.6.1 if you run Distributed Scans for any Target(s) on your Master Server.

This fix also impacts the Target Report APIs and various Scan Report tables for ODBC Reporting. Please see Enterprise Recon API - Changelog and ODBC Reporting - Changelog for more information.

Problem Description

When running Distributed Scans, a race condition may occur when multiple sub-scans complete at the same time and are assigned with the same timestamp value in the Master Server datastore.

Impact

The race condition observed for Distributed Scans would result in errors where:

1. Isolated Reports were not generated for all scan locations, or
2. the Target's scan history and generated Isolated Reports were corrupted, and all fields in the scan result reflected zero (0) for the impacted scan locations.
3. The "This report has old format and is not supported" error would be returned when attempting to download Raw Isolated Reports for Distributed Scans on multiple locations via the Enterprise Recon API.

Workaround

No workaround is available for previous versions of Enterprise Recon.

Important Notes

CRITICAL: One Way Upgrade to Enterprise Recon 2.6.1

Certain data sets, storage formats and components for the Master Server have been updated in Enterprise Recon 2.6.1. Therefore once the Master Server is updated from ER 2.5.0 (and below) to ER 2.6.1, the datastore is not backward compatible and downgrading ER 2.6.1 to an earlier version is not supported.
Please contact the Ground Labs Support Team for assistance with upgrading the Master Server.

CRITICAL: End of Support for KCT Datastore Format

From Enterprise Recon 2.0.28, new installations of Enterprise Recon utilize CentOS 7 and RDB datastore format, which features improved reliability, better performance, and reduced internal fragmentation.

If your existing Master Server installation is based on CentOS 6 or utilizes the KCT datastore format, please upgrade to CentOS 7 and migrate your datastore to RDB format before upgrading to Enterprise Recon 2.6.1 to continue using Enterprise Recon without interruption.

The Ground Labs Support Team is available to assist customers who wish to upgrade and migrate existing installations of Enterprise Recon.

Upcoming End-of-Support Platforms and Features

The following platforms and/or features will reach end of support and be removed in a subsequent release of Enterprise Recon:

• Linux 2.4 Node Agents
  To continue scanning Linux server Targets, install the Linux 2.6 Node Agent instead.

• Email Targets - Microsoft Exchange (EWS)

  To continue scanning the Microsoft Exchange Server, use the Exchange Domain protocol instead.

• Microsoft 365 - Exchange Online (EWS)

  To continue scanning Exchange Online, use the Exchange Online (Graph) protocol instead.

• Web Browser - Internet Explorer

  To access the Enterprise Recon Web Console, please use other supported browsers. See System Requirements - Web Console for the list of supported browsers.

Changelog

The Changelog is a complete list of all the changes in Enterprise Recon 2.6.1.

What’s New?

• New Platform Integrations:
  • NEW FreeBSD 12
  • NEW FreeBSD 13
  • NEW Windows Server 2022

Enhancements

• Improved Features:
  • The Singaporean NRIC data type has been enhanced to include the new prefix "M" for Foreign Identification Numbers (FINs).
  • Clearer confirmation messaging when performing remediation actions.
  • Minor UI enhancements.

Bug Fixes

• Users can now scan workstations and servers that are running FreeBSD 12 (x64), FreeBSD 13 (x64), and Windows Server 2022 (x64).
• Added support for Global Filters for SharePoint Online and SharePoint Server Targets.
• In certain scenarios, the "This report has old format and is not supported" error would be returned when attempting to download Raw Isolated Reports for Distributed Scans on multiple locations via the Enterprise Recon API.
• In certain scenarios, running Distributed Scans would result in errors where (i) Isolated Reports were not generated for all scan locations, or (ii) the Target's scan history and generated Isolated Reports were corrupted, and all fields in the scan result reflected zero (0) for the impacted scan locations.
• Scans for database tables with columns that contained UTF-16 data before primary key columns would result in errors where (i) the scan could not be completed successfully, or (ii) keys for matched data would be reported incorrectly.
• The Master Server index service would generate a failure if Access Control actions were taken on unsupported locations (e.g. local process memory, databases), causing the issue where Targets could no longer be expanded in the Investigate page.
• The match count and "Status" column in the Investigate page did not get updated after performing remediation actions (False Match, Remediated Manually, Confirmed, and Test Data remediation) or after using the Trash function to remove scan results for selected Targets or match locations. The error would occur if the timestamp for when the remediation action is started is equal to the time when the remediation action is completed.
• The value of the calculated total remediation actions in the exported Operation Log did not match the number of entries in the file.

Features That Require Agent Upgrades

Agents do not need to be upgraded along with the Master Server, unless you require the following features in Enterprise Recon 2.6.1:

• With Enterprise Recon 2.6.1, you can now scan workstations and servers that are running FreeBSD 12 (x64), FreeBSD 13 (x64), and Windows Server 2022 (x64).

For a table of all features that require an Agent upgrade, see Agent Upgrade.

Ensuring we are delivering the best technology for our customers is a core value at Ground Labs. If you are interested in future early builds of Enterprise Recon with forthcoming features, please email your interest to product@groundlabs.com.