iC3 2.2.35697.0 GA

May 1, 2019

Enhancements:

  • Added the ability for the Portal, MMC and Endpoints, to function when Redis is unavailable. Performance may be degraded during a Redis outage.
  • If the portal is unable to communicate with Redis, you will be unable to access it. However, your endpoints will still be able to communicate with iC3, ensuring that your estate remains protected in the event of a Redis outage.
  • The default minimum adapter poll time for pending commands is now 60 minutes. An additional delay is also applied based on the CPU load of the node that the adapter is connected to. The minimum adapter poll time that we support is 5 minutes. This is held in the SystemParameter table after you upgrade your iC3 Management database to this release.
  • Provided instructions to rotate the SSL Certificates in environments as required.
  • Added an upgrade process for Azure PaaS and On-Premise deployments.
  • Updated the EULA in the On-Premise deployment wizard for the BeyondTrust business entity.
  • Improved the performance of the Computers grid to allow the selection of all rows.
  • Updated the EULA in the Windows adapter installer for the BeyondTrust business entity.
  • Improved the performance of the iC3 portal to support a large number of commands.
  • Added a validation check for the Azure PaaS deployment to check that the selected Azure Location has enough cores available to deploy iC3.
  • Migrated the SystemConfiguration table to a new SystemParameter table, that uses rows rather than columns. After an upgrade, the SystemConfiguration table will no longer be used.
  • Added a visual representation in the Computers and Groups grids to show when a command is being actioned.

Bugs Fixed:

  • iC3 Windows Adapter
    • Fixed an issue to ensure the SID is removed from the registry when the iC3 adapter is uninstalled.
  • iC3 Application
    • Changed the string name in Settings from Application ID to MMC Client ID to match the MMC name.
    • Fixed an issue to ensure that computers that are deactivated are removed, in real-time, from the grid.
    • Fixed an issue with the time and date stamp for events to ensure they are reported correctly.
    • Fixed an issue to ensure you cannot have multiple iC3 sessions open simultaneously for the same user.
    • Fixed an issue to ensure you can always connect to the iC3 MMC snap-in with TLS 1.2 enabled.
    • Stale errors in the ServiceFabric explorer are now correctly removed.
    • Fixed an issue to allow you to apply policy to a group containing more than 32,767 endpoints.
    • Improved the performance of event processing by ensuring that events are distributed across all of the nodes correctly.
    • Rows in the portal now correctly flash green the first time, and subsequent times, actions are applied to them.
  • iC3 Database
    • Added additional database indexes to improve the performance of the portal.
  • Azure Deployment
    • All iC3 services now only accept communication over TLS 1.2.
    • Versions of TLS 1.2 are no longer disabled as this was preventing non-iC3 applications from running on the server.
    • Fixed issues with incorrect data in *.json files that caused unnecessary message processing.
    • Fixed an issue with malformed *.json files that caused the EndpointEventPump to shut down.
  • On-Premise Deployment
    • When you select LDAPs authentication on the Authentication tab, the Next button is now correctly disabled until you provide a DN (Distinguished Name).
    • The deployment wizard now correctly accepts numbers as well as letters.
    • You can now proceed past the Databases tab when you have set up the databases manually.
    • All iC3 services now only accept communication over TLS 1.2.
    • The iC3 connection string is now correctly supplied to iC3 in lower case letters irrespective of the case used in the deployment wizard.
    • If you are deploying with an existing database, the database creators username and password fields are now correctly grayed out in the Authentication tab.
    • The Authentication tab in the deployment wizard now correctly displays the TenantID GUID when it first loads.
    • Versions of TLS 1.2 are no longer disabled as this was preventing non-iC3 applications from running on the server.
    • Added validation to the On-Premise deployment wizard to validate the characters entered for the domain to ensure they are correctly formatted.
    • Updated the text-based help on the iC3 Reporting tab to reflect both Windows and SQL authentication methods.
    • The terms and conditions in the deployment wizard are now rendered correctly.

Prerequisites

Defendpoint Clients

The prerequisites for the Defendpoint clients can be found in the Client Release Notes.

iC3 Windows Adapter

You need to deploy iC3 prior to installing your Windows adapter so you can access the Installation Key and Installation ID which are parameters for the adapter installation.

iC3 Mac Adapter

You need to deploy iC3 prior to installing your Mac adapter so you can access the Installation Key and Installation ID which are parameters for the adapter installation.

Compatibility

Defendpoint Client

Windows

  • 5.3.x (all versions)
  • 5.2.x (all versions)
  • 5.1.x (all versions)

Trusted Application Protection (TAP) events are not supported in Defendpoint 5.1.95 GA.

Mac

  • 5.2.x (all versions)
  • 5.0.19950.0 SR1

Defendpoint Management Console

  • 5.3.x (all versions)
  • 5.2.x (all versions)
  • 5.1.149.0 SR1

Earlier versions of the Defendpoint Management Console are not supported for use with this iC3 release.

iC3 Adapters

Windows Adapter

  • 2.2.35697.0 GA
  • 2.1.26339.0 SR1

Mac Adapter

  • 2.0.28710.0 SR2

Reporting Database

  • Defendpoint Privilege Management Reporting 5.1.x (all versions)

Supported Operating Systems and Browsers

Please see the relevant Installation Guide for your chosen method of deploying iC3 for the different machines and operating systems that are required.

Deployment Machine

  • Windows 10
  • Windows Server 2016 Standard or Enterprise

For the Windows iC3 Adapter:

  • Microsoft Windows 7 and higher
  • Windows 2012 R2
  • Windows 2016

For the OS X iC3 Adapter:

  • macOS 10.12 Sierra
  • macOS 10.13.2 High Sierra
  • macOS 10.14 Mojave

For the iC3 portal:

  • Microsoft Internet Explorer
  • Google Chrome
  • Apple Safari
  • Mozilla Firefox