Version 9.4.5
New Features
We are planning on changing the public IP addresses that are used by Lastline backend services to reflect our move away from an older datacenter provider to more scalable infrastructure.
These are the IP addresses assigned to lastline.com contacted by Lastline appliances (such as log.lastline.com, user.lastline.com, management.lastline.com, update.lastline.com, and anonvpn.lastline.com)
when accessing services like cloud APIs and image registries. This will affect both hosted and on-premise installations of all Lastline products.
It is required that these IP addresses are permitted by firewall rules to prevent service issues when these IP addresses are expected to go live by August 31st 2021.
The new IP address range is 66.170.109.0/24
Detection Improvements
- SENT-3082: Fix to an issue where the hash allowlist on a sensor appliance would not have effect on the sniffing file processing pipeline.
- SENT-3098: Fixed an issue where we would incorrectly report packet loss statistics on sniffing sensors processing limited throughput.
- SENT-3202: Performance and memory improvement to the NTA processing pipeline on sensor appliances.
- SENT-3203: Fix to an issue where a sensor appliance unable to process or upload events could have its backlog fill the available disk space, potentially corrupting its internal state. In case of low disk space the appliance will now discard records before filling the disk.
- SENT-3210: Fix to a bug in the ICAP daemon where enabling Secure ICAP would cause the daemon to crash.
- SENT-3219: Performance improvement for the sensor IDS component.
- SENT-3224: ICAP does not handle gzip encoding in absence of preview
Bug Fixes and Improvements
- LLOPS-707: On lastline appliances some ports used internally between docker containers on the appliance were being exposed externally. These internal ports are now no longer exposed.
- LLAM-7284: Fixed issue with a standby manager failing to download sandbox images.
Deprecation of API Methods
No additional API methods are being deprecated or discontinued in this release.
The Lastline API documentation includes a deprecation schedule for methods in the legacy API, as well as information on how to replace usage of these deprecated methods with supported methods.
Released Appliance Versions
As part of this release, we are making available the following versions of Lastline appliances for use with Lastline Enterprise On-Premises:
- Lastline Manager version 1110.8
- Lastline Engine version 1110.8
- Lastline Data Node version 1110.8
- Lastline Sensor version 1221.8
- Lastline All-in-one (Pinbox) version 1110.8
Released Sandbox Images Versions
The sandbox images version will remain at 2020-03-13-01.
Distribution Upgrade
Version 9.4.5 will be the final version that supports Ubuntu Xenial as the operating system distribution. In all future releases, Ubuntu Bionic will be required. To support this distribution upgrade, 9.4.5 will support both Ubuntu Xenial and Ubuntu Bionic. Before upgrading to any future version, appliances on Ubuntu Xenial must be upgraded to Ubuntu Bionic while running version 9.4.5. The upgrade of the distribution will require a reboot and may take up to an hour to complete.
You can check the distribution in use by an appliance in the Appliance Status view of the portal. The "Base Distribution" listed should be "bionic". If it is "xenial", the appliance distribution needs to be upgraded.
For help on the upgrade process, please refer to the following instructions. This update is not done automatically to prevent unexpected downtime.