Command Center Updates: 2.8.1 & 2.8.2

By Barbara posted 09-28-2021 15:47

  
We have just released version 2.8.1 AND 2.8.2 of Command Center! We wanted to make sure that everyone is aware of the newest features and enhancements that you can expect once you download the latest update!

Command Center 2.8.1 - New Features

Improved Security
  • A user will not be able to log into Command Center until the ConfigOS Admin has assigned one or more roles.
  • A new user is required to change their password on their first login to access Command Center.
  • Password complexity improved. Passwords require 3 of the following: 1 uppercase letter, 1 lowercase letter, 1 non-cased letter, 1 number, 1 special character, and be at least 12 characters long.
  • Existing users on first login of 2.8.1 will be required to reset their password to use the new password complexity.
Improved UX
  • Adjusted log file names to better reflect their content.
  • New User Control Panel added replaces the Users Preferences.
  • Queued rollback jobs can be cancelled.
  • Added persistent filters toggle, to the Result’s filter bar, allowing users to lock in their filter selection when switching between policies or Endpoints for their session.
  • Fixed push inheritance for the disallow checkbox for remediation in the policy container.
  • Fixed crash when changing hostname/IP address on a Linux endpoint that has a private key.
  • Added functionality in the Scan and Remediate area for the column Rollback Status buttons to show the worklog when errored or open to the results.
Additional Signature Support
  • Improved Windows Server 2016 STIG coverage
  • Active Directory Machines: Time Synchronization (Scan only) | Passwords Last Set (Scan only) | Inactive Accounts (Scan only) | Data files access (Scan & Remediate) | User properties (Scan only)
  • Domain Controllers: LDAP Connection Idle Time (Scan & Remediate)
  • FTP Servers: Anonymous Authentication (Scan & Remediate) | Path Validation (Scan only)
  • ICACLS for file permissions (Scan only)
  • Advanced Permissions Registry Path (Scan only)
  • Expiring/Expired Accounts (Scan only)
  • Group Policy (requires GPO management) (Scan only)
  • BIOS information (Scan only)
  • Device Guard Virtualization (Scan only)
  • Added remediation for Windows Server Roles and Features.
Improved Reports
  • Added the mode of Scan, Remediation, Post-Rollback, and Consolidation to the HTML reports title section
  • Fix for HTML report filters Accepted and GPO.
  • Adjusted the calculation totals in the Current State Report to match with Command Center results
  • Fix to shorten long report file names that would cause errors.

Command Center 2.8.2 New Features

Additional Signature Support
  • Now scans clustered SQL servers!
  • Two new fields added to the Database Connection Info section for “Instance Name” and “Database Connection Port”.
Improved Linux Support
  • Authentication Method selection and Private Key field have moved to “General Connection Info” section to share the credentials needed for authentication.
  • Expanded authentication method choices:
    • Selecting the “Password” method exposes the “Username” and “Password” fields.
    • Selecting the “Private Key” method exposes the “Username” and “Private Key” fields.
    • Selecting “Both” exposes the “Username”, “Password”, and “Private Key” fields.
    • Can remove a private key file path when set.
Improved Cisco Switch Support
  • Added Endpoint and Group field for “Cisco Secret Password” to support Cisco switches on an Endpoint.
Improved Setup Groups and Endpoints
  • Active Directory bulk load includes a selection for “Unsorted Computers”, when checked it will load computers that are not within an organizational unit.
  • When using Active Directory scan or the bulk file import, duplicate Hostname/IP Addresses in endpoints are rejected and logged in the console.
  • Enhanced Active Directory scan to return more endpoints found within sub-OU levels.
  • Can “Expand all groups” or “Expand group and children” to expand the tree.
  • When deleting endpoints, the confirmation includes the total number of endpoints impacted.
  • Improvements to performance when deleting endpoints.
  • Additional Hostname/IP Address validation:
    • These fields cannot contain the following characters: comma, ~, !, @, #, $, %, ^, &, \, (, ), {, }, space.
    • The value cannot end with a hyphen or a period.
    • The first character must be alphanumeric.
  • Fixed moving an endpoint to a new group that has rollbacks was disappearing from the Rollback screen.
  • Improved performance on pushing inheritance to children.
  • Improved performance when selecting and deselecting ready endpoints, including a wait indicator.
Improved Job Support
  • Restored warning message for when attempting to run a job, if there are duplicate endpoint selected, one with IP and the other with hostname. Stating that the duplicate endpoint was consolidated into the newer endpoint and rename the older with “_DUPLICATE” appended.
  • Prevents the addition of new endpoints and groups to the running job.
  • Prevents selecting scan/remediate features when an immediate rollback is selected.
Improved Results
  • Added expand view for a specific control to open in a new window
  • Reduced the overlap of the right-side color key on the scrollbar.
  • Overall improvements to charts and result displays to show the latest results.
Current State Report
  • Returned the Projected Passed, Failed, and Compliance Percentages.
  • Minor improvements to presentation.
Unencrypted Json Report
  • Added extension of .json to the unencrypted Json Report from CLI.
Improved UX
  • Performance updates around bulk loading CSV, Ping Sweep and Active Directory endpoints.
  • Fixes to Manage Job status indicators for level of inclusion by endpoint or group.
  • Fixed Manage Job not always showing when adding a sub-level endpoint to a job.
  • Performance updates when pushing inheritance on large endpoint lists with new wait indicator.
  • Updated CLI help text with more usage examples.
  • Determine whether the correct encryption key was used when Command Center was installed.
  • Replaced Linux SSH connection error codes with connection error descriptions.
  • In the “Results” view, the User has the option to “expand, zoom in” a selected control to view the control details.
  • Improvements to scrollbar visibility on Results screen.
Improved Security
  • Upgraded application to .Net 5, supports running on Windows 10 and Windows Server 2016+.

Questions? Give us a call, shoot us an email, or comment on this post!

5 comments
91 views

Permalink

Comments

02-14-2022 13:30

Sure thing! Ideally you want to be on version 2.8.3 because of all of the additional features that have been added. The powershell signatures will work on 2.8.3.

02-14-2022 11:50

Thank you, that helps. I was wondering what that folder was for. I will check it out. An these signatures only run on the latest (2.8.3) version of Command Center, correct? They won't work on the previous versions?

02-11-2022 15:43

Thanks, Fred!!

02-11-2022 15:39

Hey Hugo, 

With our quarterly updates we have a folder with in the Microsoft OS folder called "Windows OS With Powershell". In that folder you will find relevant Windows operating systems with additional PowerShell controls. There is a Server 2019 DC and MS Powershell signature as well as an updated Coversheet documenting the additional PowerShell controls.

02-11-2022 14:20

For Command Center version 2.8.3, are the additional signature support  that was added part of the actual Command Center capabilities along with signatures from a specific date onward? How do I know which signature files include the STIGs which Command Center was not able to at least scan in the past and is able to in 2.8.3? Is there a list of which STIGs were added for Server 2019? I'm looking to see which STIGs we no longer have to perform manual checks on for Server 2019 DC and MS. Thank you