Lastline Defender and Analyst Hosted Release Notes

Version 6.8

New features

  • Additional appliance metrics graphs
  • Improved notification configuration UI
  • Check Point firewall integration
  • Generic HTTP POST notifications
  • Improved password reset functionality
  • Home network configuration
  • Sensor improvements

Additional appliance metrics graphs

In addition to the System metrics page, the Lastline Portal now displays graphs for additional metrics about Lastline appliances:

  • Network metrics: displays metrics about network monitoring, such as traffic processed or files captured. This page is applicable to SENSOR and PINBOX appliances.
  • Mail metrics: displays metrics about mail analysis, such as number of mails processed or mail attachments analyzed, or the status of mail analysis queues. This page is applicable to SENSOR and PINBOX appliances that have mail analysis enabled.
  • Analysis metrics: displays metrics about analysis of artifacts, such as the number of artifacts (files or URLs) analyzed, or the status of analysis queues. This page is applicable to MANAGER, ENGINE, ANALYST and PINBOX appliances.

Improved notification configuration UI

Different types of notification integrations are now configured through separate menu options under the integrations menu in the Admin tab of the Lastline Portal.

The tables displaying configured notifications of each type now include additional information that is specific to the type of integration, and therefore provide a more useful summary of the current configuration.

Check Point firewall integration

Lastline Enterprise Hosted installations can now integrate with Check Point Firewall through Check Point's SAM API to block malicious external hosts on the fly. Check Point firewall integration can be configured here.

Generic HTTP POST notifications

Lastline Enterprise Hosted installations can now send notifications of detections on the monitored network using HTTP POST to a custom URL. The body of the POST request includes a JSON message provifing information on the detection event. Generic HTTP POST otifications can be configured here.

Improved password reset functionality

The password reset functionality for users who have lost their password has been revamped to improve the security and convenience of the password reset process.

Home network configuration

A new configuration option is now available for selecting the "home network", the ranges of IP addresses that are protected by each Lastline Sensor. In this version, this setting only affects the Check Point SAM integration. In later versions, the effects of the home network configuration will expand to other aspects of an installation.

Sensor improvements

  • Improved document prefiltering on the sensor
  • Improved reporting of network activity metrics
  • Enhancements to SMTP parsing in the IDS component

Released appliance versions

As part of this release, we are making available the following versions of Lastline appliances for use with Lastline Hosted:

  • Lastline Sensor version 610.1

Deprecation of API methods

No additional methods of the legacy API (/ll_api/ll_api) are being deprecated or removed in this version.

The Lastline API documentation includes a deprecation schedule for methods in the legacy API, as well as information on how to replace usage of these deprecated methods with supported methods.

6.7 6.9