Date of Release: October 10, 2018
Product Name: BeyondTrust UVM-20 Security Management Appliance
Updated Version: 2.5.3
Superseded version: 2.5.2
Table of Contents
1. What's New in This Release
2. Known issues:
3. General Notes
4. Release availability
1. What's New in 2.5.3
=======================================================================
159981: [Config Wizard - PBSMC] Setting PBSMC SQL Settings Error - Bad Request
160789: [HA] 2.5.2 fix prevents HA from turning off mirroring
160972: 2.5.2 - UVM Installer fails if IIS takes too long to shut down
160973: 2.5.2 - Encountered an unknown option "featurename" with value "IIS-WebSockets"
161302: [ROLES] - COLD SPARE: When BI is updated on the Cold Spare, the Omniworker, Web Service and Manager engine service are turned back on
161493: 2.5.2 - Access code is not cleared during configuration wizard
161849: [ROLES] When toggling the ColdSpare Role the incorrect ThirdPartyPatch service is enabled/disabled
2. Known issues:
=======================================================================
48692 Certificates created on February 29th (leap year day) are invalid
50373 unable to bitlocker c:\ on 20 or 50 (TPM not enabled)
51919 all pages - Next button does not enable until unblur
52991 Favicon not present (MS Edge Only)
53195 Cannot press Enter to select buttons (space works)
53893 page jumps around when trying to scroll down - MS Edge
54055 disabled checkbox is ever so slightly different size than enabled
54061 when pressing tab through a page there is no indication of currently being on a radio button (network page)
55000 When on step 8, step 9 is valid so progress shows as 90% - but I have never been to step 9
56319 Home and End keys do not function for intended purpose within a text box (input box?)
56450 time picker does not allow input of two digits when specifying the time - Safari
61145 Appliance Discovery Tools returns "Error: The appliance did not respond" when changing the IP but IP change was successful
64222 Auto redirect to diagnostics when configuration wizard completes does not work on safari
64535 Password Safe portal error connecting to Active/Active SQL server
67795 eEye Digital Program Folder listing restored to Start Menu programs after BI update
82325 Diagnostics - There should be a warning if CAPS LOCK is on when logging in
82684 [BI Bug] - EventServer generating Service alerts on HA Secondary saying it was terminated unexpectedly
86920 [Notifications] - "Configure Notifications" or "View all notifications" pages do not allow clicking the previous page through the navigation menu
87815 [Config Wizard] - Machine reboot after rename is recorded as an unexpected shutdown and displays a prompt at next logon
92050 [config wizard] - unnecessary word wrap for Creating database line item
93400 [Header] - The username is no longer displayed when you click on the profile icon on the header
93723 [Config wizard] - new machine name in URL fields are not being applied to BI (REMEMConfig)
98220 [Azure] - Desktop shortcuts missing
98325 Syncit Update errors on non-configured UVM
100584 [Maintenance] - Backups - if the backup is taking a while and the page times out (user does not extend session) the backup progress indication is lost (backup still completes though)
100666 Time Zone, date and time picker in config wizard do not display a default value in Azure (deployed as UTC)
102856 [LCD] - plugging in another USB device when on a specific menu on the LCD screen will cause the LCD to bump back to the main screen
103150 Color Blind settings do not work
106346 change how EULA's are returned in Config Wizard - MIM potential with http injection
107570 [ConfigWiz] - Setup - Print This Page - Portrait Layout
107577 [Diagnostics] - Appliance Health - Shutting off the BeyondTrust UVM Service will shut off Diagnostics
107674 [Diagnostics] - Performance Counters - Underscore displays in selected counter
109607 [Diagnostics] - Dashboard graph shows nothing (no faded color of graph) when SQL Mem/Disk/CPU Usage is 0%
109827 [diagnostics] - BT Header does not always display on release notes page
111691 [Diagnostics] - Weekly CPU performance data may already contain data on new images
114122 [Configuration Wizard] - Microsoft and SQL Agreement pages structural formatting
117823 [BTTF] - Unable to RDP to UVM when FIPS is enabled
121816 Webpage login failures (correct username and wrong password) can set the locked flag
126248 CSP errors returned on HA page for exclamation mark image on toaster
135947 [Maintenance]- Change Product Serial Numbers - error message displays duplicate messages.
140221 [2014 R4 Image] - Invalid name space error returned on config wizard
140234 [Maintenance] Refreshing the Analytics And Reporting Web Service Endpoints fails on UVM's running SQL 2008R2
140444 BI database initialization fails on 2014R4 image (ssrs error)
142947 [Roles] Auto Update (SyncIT) - When turning the role to on ON state from OFF, the AutoUpdate URL is not changed back to default
146539 [Azure] 2.4.1 - Retina Agent is not renamed after configuration wizard is completed
146560 [Azure] 2.4.1 - Spectre/Meltdown card not showing UVM as patched, even though it is
149485 Unable to use Emergency Recovery tool when password has been set to blank
149703 HA and session archiving fail when SHA is disabled
151972 [diagnostics] - stopping the BTUpdater service results in it being displayed twice on the stopped services side
153143 [Diagnostics] - large white space area in log export card
153469 [AWS] Spectre/Meltdown card indicates that the necessary security patches.
154941 [CHROME] - Opening any page on UVM seems to cause a 'shake' effect, more-so on right side of page.
154950 [ROLES] - PBSMC - when Enabling the role, the spinner is not long enough and the pending state change page takes too long to return to normal
155472 [DIAGNOSTICS] - Performance counters: large numbers are right aligning. See screeny.
3. General Notes
=======================================================================
- The 2.5.3 installer is now the primary install package - it will upgrade 2.2.4 - 2.5.2 appliances.
- With this release, there is also a 2.5.0 Standalone Roles Editor Installer available for Software Installs.
4. Release availability
=======================================================================
- This update is available via BeyondTrust Updater or as a manual installer from the download tool.
- Shipping on new Appliance Images at the end of October 2018.
Date of Release: August 20, 2018
Product Name: BeyondTrust UVM-20 Security Management Appliance
Updated Version: 2.5.0
Superseded version: 2.4.6
Table of Contents
1. What's New in This Release
2. Known issues:
3. General Notes
4. Release availability
1. What's New in 2.5.0
=======================================================================
79038 2.5: Add PBSMC to the UVM
PBSMC Integration
Add a Role for PBSMC
Add toggle in PBSMC role for local or remote databsae
Refactor High Availability for multi DB mirroring
Add PBSMC database to HA mirroring
Ability to enable/disable PBSMC
Add reverse proxy to IIS for PBSMC
Add PBSMC database to Backup Restore process
Rename Database Access role to BeyondInsight Database Access
118805 2.5: Export log files to remote location for Splunk consumption
Add UI in Diagnostics for log file export process
Add schedule options for log export
Add mew logs to logs page and include with log export
102200 2.5: Design microservice architecture for future scheduler plugins
141670 Web-based Command Line Engine (Ping & IPConfig)
147521 [2.4.4] HA Blackout Start Time - fix endpoint call
145572 [Roles Editor] : Create Role Templates specific to Standalone Roles/Software installs.
149320 BI Event Forwarding and partial matches on certificate subject name
130388 [Maintenance] - Security Settings - Date/Time Settings - zone, date and time does get not applied
153910 Allow more logs files before rolling: Session Monitoring and HA Monitoring services.
153913 Add pop up for the "Suspend" button to warn that it's not meant for long term.
150772 Notify BI of error when: Manual Archiving and restoring and viewing session files leads to locked files and session retrieval errors.
146942 [HA] Detect the entry of IP addresses instead of hostname and inform the user that it isn't supported.
150430 [Roles] - Event Collector role has a misaligned radio button
142947 [Roles] Auto Update (SyncIT) - When turning the role to on ON state from OFF, the http://localhost/UpdaterServer URL is not changed back to default http://update.eye.com/UpdateServer
145354 [MAINTENANCE]- Security Settings - EVENT SERVICE SSL REQUIREMENT: Determine card functionality based on escalation 121017
145324 If there is an error when changing HA settings it doesn't get raised to the UI and appears to have been successful
145672 [Diagnostics] - Performance Counters - Investigate the values that can be used to match what Perfmon is using to measure. Looks to only allow up to 100%, not high value bytes etc..
143236 [Maintenance] -Security Settings - The Spectre/Meltdown card is not properly reflecting the correct state on 2008 images (Stream 1/2)
152481 [MAINTENANCE] - Backups -**Internet Explorer only** Cannot create new backup location
152620 [Roles] - Apply roles not functioning in Internet Explorer 11
137490 [LCD PANEL] - Enabling RDP from LCD panel does not enable console access
151251 [2.4.5][Config Wizard] - Offline (sandbox) licensing method for Print/Fax does not generate the Reference codes
2. Known issues:
=======================================================================
48692 Certificates created on February 29th (leap year day) are invalid
50373 unable to bitlocker c:\ on 20 or 50 (TPM not enabled)
51919 all pages - Next button does not enable until unblur
52991 Favicon not present (MS Edge Only)
53195 Cannot press Enter to select buttons (space works)
53893 page jumps around when trying to scroll down - MS Edge
54055 disabled checkbox is ever so slightly different size than enabled
54061 when pressing tab through a page there is no indication of currently being on a radio button (network page)
55000 When on step 8, step 9 is valid so progress shows as 90% - but I have never been to step 9
56319 Home and End keys do not function for intended purpose within a text box (input box?)
56450 time picker does not allow input of two digits when specifying the time - Safari
61145 Appliance Discovery Tools returns "Error: The appliance did not respond" when changing the IP but IP change was successful
64222 Auto redirect to diagnostics when configuration wizard completes does not work on safari
64535 Password Safe portal error connecting to Active/Active SQL server
67795 eEye Digital Program Folder listing restored to Start Menu programs after BI update
82325 Diagnostics - There should be a warning if CAPS LOCK is on when logging in
82684 [BI Bug] - EventServer generating Service alerts on HA Secondary saying it was terminated unexpectedly
86920 [Notifications] - "Configure Notifications" or "View all notifications" pages do not allow clicking the previous page through the navigation menu
87815 [Config Wizard] - Machine reboot after rename is recorded as an unexpected shutdown and displays a prompt at next logon
92050 [config wizard] - unnecessary word wrap for Creating database line item
93400 [Header] - The username is no longer displayed when you click on the profile icon on the header
93723 [Config wizard] - new machine name in URL fields are not being applied to BI (REMEMConfig)
98220 [Azure] - Desktop shortcuts missing
98325 Syncit Update errors on non-configured UVM
100584 [Maintenance] - Backups - if the backup is taking a while and the page times out (user does not extend session) the backup progress indication is lost (backup still completes though)
100666 Time Zone, date and time picker in config wizard do not display a default value in Azure (deployed as UTC)
102856 [LCD] - plugging in another USB device when on a specific menu on the LCD screen will cause the LCD to bump back to the main screen
103150 Color Blind settings do not work
106346 change how EULA's are returned in Config Wizard - MIM potential with http injection
107570 [ConfigWiz] - Setup - Print This Page - Portrait Layout
107577 [Diagnostics] - Appliance Health - Shutting off the BeyondTrust UVM Service will shut off Diagnostics
107674 [Diagnostics] - Performance Counters - Underscore displays in selected counter
109607 [Diagnostics] - Dashboard graph shows nothing (no faded color of graph) when SQL Mem/Disk/CPU Usage is 0%
109827 [diagnostics] - BT Header does not always display on release notes page
111691 [Diagnostics] - Weekly CPU performance data may already contain data on new images
114122 [Configuration Wizard] - Microsoft and SQL Agreement pages structural formatting
117823 [BTTF] - Unable to RDP to UVM when FIPS is enabled
121816 Webpage login failures (correct username and wrong password) can set the locked flag
126248 CSP errors returned on HA page for exclamation mark image on toaster
135947 [Maintenance]- Change Product Serial Numbers - error message displays duplicate messages.
140221 [2014 R4 Image] - Invalid name space error returned on config wizard
140234 [Maintenance] Refreshing the Analytics And Reporting Web Service Endpoints fails on UVM's running SQL 2008R2
140444 BI database initialization fails on 2014R4 image (ssrs error)
142947 [Roles] Auto Update (SyncIT) - When turning the role to on ON state from OFF, the AutoUpdate URL is not changed back to default
146539 [Azure] 2.4.1 - Retina Agent is not renamed after configuration wizard is completed
146560 [Azure] 2.4.1 - Spectre/Meltdown card not showing UVM as patched, even though it is
149485 Unable to use Emergency Recovery tool when password has been set to blank
149703 HA and session archiving fail when SHA is disabled
151972 [diagnostics] - stopping the BTUpdater service results in it being displayed twice on the stopped services side
153143 [Diagnostics] - large white space area in log export card
153469 [AWS] Spectre/Meltdown card indicates that the necessary security patches.
154941 [CHROME] - Opening any page on UVM seems to cause a 'shake' effect, more-so on right side of page.
154950 [ROLES] - PBSMC - when Enabling the role, the spinner is not long enough and the pending state change page takes too long to return to normal
155472 [DIAGNOSTICS] - Performance counters: large numbers are right aligning. See screeny.
3. General Notes
=======================================================================
- The 2.5.0 installer is now the primary install package - it will upgrade 2.2.4, 2.3.4, 2.4.0, 2.4.1, 2.4.2 and 2.4.3 appliances.
- With this release, there is also a 2.5.0 Standalone Roles Editor Installer available for Software Installs.
4. Release availability
=======================================================================
- This update is available via BeyondTrust Updater or as a manual installer from the download tool.
- Shipping on new Appliance Images at the end of September 2018.
Date of Release: May 29, 2018
Product Name: BeyondTrust UVM-20 Security Management Appliance
Updated Version: 2.4.4
Superseded version: 2.4.1
Table of Contents
1. What's New in This Release
2. Known issues:
3. General Notes
4. Release availability
1. What's New in 2.4.4
=======================================================================
137327 2.4.3: [CONFIGURATION WIZARD] - email to licensing should be changed from [email protected] to [email protected]
137901 2.4.3: API key - Disable Register Partner button after use (to show that you already applied the key)
139257 2.4.3: Session files are not archived when initiated from the PasswordSafe Replay Session page
139929 2.4.3: [Roles] Analysis Services Role shown on UVM Without SQL
139991 2.4.3: [Installer] Installer Missing File needed for Session Archiving - logging 443 Errors in IIS Logs
140401 2.4.3: [Maintenance] Network and RDP - Cannot click the Update IP Settings button when making changes to IP information
140590 2.4.3: HA Roles Validation for SQL-less boxes
140597 2.4.3: [Installer] IISroot gets moved to drive with largest amount of free space (2.4.1/2.4.2)
140643 2.4.3: [Installer] Add the 2.4.2 actions to the 2.4.3 installer (BI Web.Config fix)
140806 2.4.3: Difficulty determining if PBPS is licensed if the local SQL Server is not running
141339 2.4.3: [ConfigWizard] Offline licensing not working - GetReferenceCodes call failing
147513 2.4.4: [auth] - invalid username returns exception in auth logs
147521 2.4.4: HA Blackout Start Time - fix endpoint call
2. Known issues:
=======================================================================
48692 Certificates created on February 29th (leap year day) are invalid
50373 unable to bitlocker c:\ on 20 or 50 (TPM not enabled)
51919 all pages - Next button does not enable until unblur
52991 Favicon not present (MS Edge Only)
53195 Cannot press Enter to select buttons (space works)
53893 page jumps around when trying to scroll down - MS Edge
54055 disabled checkbox is ever so slightly different size than enabled
54061 when pressing tab through a page there is no indication of currently being on a radio button (network page)
55000 When on step 8, step 9 is valid so progress shows as 90% - but I have never been to step 9
56319 Home and End keys do not function for intended purpose within a text box (input box?)
56450 time picker does not allow input of two digits when specifying the time - Safari
61145 Appliance Discovery Tools returns "Error: The appliance did not respond" when changing the IP but IP change was successful
64222 Auto redirect to diagnostics when configuration wizard completes does not work on safari
64535 Password Safe portal error connecting to Active/Active SQL server
67795 eEye Digital Program Folder listing restored to Start Menu programs after BI update
82325 Diagnostics - There should be a warning if CAPS LOCK is on when logging in
82684 [BI Bug] - EventServer generating Service alerts on HA Secondary saying it was terminated unexpectedly
86920 [Notifications] - "Configure Notifications" or "View all notifications" pages do not allow clicking the previous page through the navigation menu
87815 [Config Wizard] - Machine reboot after rename is recorded as an unexpected shutdown and displays a prompt at next logon
92050 [config wizard] - unnecessary word wrap for Creating database line item
93400 [Header] - The username is no longer displayed when you click on the profile icon on the header
93723 [Config wizard] - new machine name in URL fields are not being applied to BI (REMEMConfig)
98220 [Azure] - Desktop shortcuts missing
98325 Syncit Update errors on non-configured UVM
100584 [Maintenance] - Backups - if the backup is taking a while and the page times out (user does not extend session) the backup progress indication is lost (backup still completes though)
100666 Time Zone, date and time picker in config wizard do not display a default value in Azure (deployed as UTC)
102856 [LCD] - plugging in another USB device when on a specific menu on the LCD screen will cause the LCD to bump back to the main screen
103150 Color Blind settings do not work
106346 change how EULA's are returned in Config Wizard - MIM potential with http injection
107570 [ConfigWiz] - Setup - Print This Page - Portrait Layout
107577 [Diagnostics] - Appliance Health - Shutting off the BeyondTrust UVM Service will shut off Diagnostics
107674 [Diagnostics] - Performance Counters - Underscore displays in selected counter
109607 [Diagnostics] - Dashboard graph shows nothing (no faded color of graph) when SQL Mem/Disk/CPU Usage is 0%
109827 [diagnostics] - BT Header does not always display on release notes page
111691 [Diagnostics] - Weekly CPU performance data may already contain data on new images
114122 [Configuration Wizard] - Microsoft and SQL Agreement pages structural formatting
117823 [BTTF] - Unable to RDP to UVM when FIPS is enabled
121816 Webpage login failures (correct username and wrong password) can set the locked flag
126248 CSP errors returned on HA page for exclamation mark image on toaster
135947 [Maintenance]- Change Product Serial Numbers - error message displays duplicate messages.
140221 [2014 R4 Image] - Invalid name space error returned on config wizard
140234 [Maintenance] Refreshing the Analytics And Reporting Web Service Endpoints fails on UVM's running SQL 2008R2
140444 BI database initialization fails on 2014R4 image (ssrs error)
142947 [Roles] Auto Update (SyncIT) - When turning the role to on ON state from OFF, the AutoUpdate URL is not changed back to default
146539 [Azure] 2.4.1 - Retina Agent is not renamed after configuration wizard is completed
146560 [Azure] 2.4.1 - Spectre/Meltdown card not showing UVM as patched, even though it is
3. General Notes
=======================================================================
- The 2.4.4 installer is now the primary 2.4 install package - it will upgrade 2.3.4, 2.4.0, 2.4.1, 2.4.2 and 2.4.3 appliances. It replaces all prior 2.4.x installers, which should no longer be used.
- With this release, there is also a 2.4.4 Standalone Roles Editor Installer available for Software Installs.
4. Release availability
=======================================================================
- This update is available via BeyondTrust Updater or as a manual installer from the download tool.
- Shipping on new Appliance Images at the end of May 2017.
Date of Release: March 28, 2018
Product Name: Update242 (released via the BeyondTrust UVM-20 Security Management Appliance BTUpdater stream)
Updated Version: 2.4.2
Superseded version: 2.4.1
Table of Contents
1. What's New in This Release
2. Known issues:
3. General Notes
4. Release availability
1. What's New in 2.4.2
=======================================================================
138898 2.4.2: Fix the BeyondInsight Web.Config
2. Known issues:
=======================================================================
This update is not known to cause any known issues. It will not affect future BeyondInsight updates.
3. General Notes
=======================================================================
- This executable has been released over BTUpdater in place of a 2.4.2 UVM Appliance Software update.
- No binaries will be modified. The UVM Appliance Software will remain at 2.4.1.
- If downloaded over BTUpdater, the BTUpdater and UVM Maintenance screens will list the UVM at version 2.4.2.
- If installed manually, the BTUpdater and UVM Maintenance screens will show at 2.4.1.
- The update is safe to run multiple times, which may occur if manually updated as BTUpdater will still want to download and run it.
4. Release availability
=======================================================================
- This update is available via BeyondTrust Updater or as a manual installer.
- The manual installer has not been made widely available (via download tool) as it's use is being controlled. Run BTupdater or contact Technical Support if you require assistance.
- New Appliance Images are unaffected as they are preloaded with BI 6.4.
Date of Release: March 9, 2018
Product Name: BeyondTrust UVM-20 Security Management Appliance
Updated Version: 2.4.1
Superseded version: 2.4.0
Table of Contents
1. What's New in This Release
2. Known issues:
3. General Notes
4. Release availability
1. What's New in 2.4.1
=======================================================================
128574 2.4.1: Bug Fixes and Escalations
Remove Blink from EMET Tracking
Add startup and reboot/shutdown events to Health Monitoring
Test communication between FIPS and non-FIPS appliances
Modify EUS Header to downgrade x-frame-options to sameorigin
FIXED: Health monitoring events exceeding BI Connector Message field size of 256 chars
FIXED: SUPI 2.4 may encounter "file not found" error
135752 2.4.1: NFS Support
Add NFS Client to UVM
Add Support for NFS Fileshares to Session Archiving
134136 2.4.1: BT Bridge Integration
Improved License Caching
135717 2.4.1: Updated Licensing Monitor
Restored/Updated codebase
2. Known issues:
=======================================================================
48692 Certificates created on February 29th (leap year day) are invalid
50373 unable to bitlocker c:\ on 20 or 50 (TPM not enabled)
51919 all pages - Next button does not enable until unblur
52991 Favicon not present (MS Edge Only)
53195 Cannot press Enter to select buttons (space works)
53893 page jumps around when trying to scroll down - MS Edge
54055 disabled checkbox is ever so slightly different size than enabled
54061 when pressing tab through a page there is no indication of currently being on a radio button (network page)
55000 When on step 8, step 9 is valid so progress shows as 90% - but I have never been to step 9
56319 Home and End keys do not function for intended purpose within a text box (input box?)
56450 time picker does not allow input of two digits when specifying the time - Safari
61145 Appliance Discovery Tools returns "Error: The appliance did not respond" when changing the IP but IP change was successful
64222 Auto redirect to diagnostics when configuration wizard completes does not work on safari
64535 Password Safe portal error connecting to Active/Active SQL server
67795 eEye Digital Program Folder listing restored to Start Menu programs after BI update
82325 Diagnostics - There should be a warning if CAPS LOCK is on when logging in
82684 [BI Bug] - EventServer generating Service alerts on HA Secondary saying it was terminated unexpectedly
86920 [Notifications] - "Configure Notifications" or "View all notifications" pages do not allow clicking the previous page through the navigation menu
87815 [Config Wizard] - Machine reboot after rename is recorded as an unexpected shutdown and displays a prompt at next logon
92050 [config wizard] - unnecessary word wrap for Creating database line item
93400 [Header] - The username is no longer displayed when you click on the profile icon on the header
93723 [Config wizard] - new machine name in URL fields are not being applied to BI (REMEMConfig)
98220 [Azure] - Desktop shortcuts missing
98325 Syncit Update errors on non-configured UVM
100584 [Maintenance] - Backups - if the backup is taking a while and the page times out (user does not extend session) the backup progress indication is lost (backup still completes though)
100666 Time Zone, date and time picker in config wizard do not display a default value in Azure (deployed as UTC)
102856 [LCD] - plugging in another USB device when on a specific menu on the LCD screen will cause the LCD to bump back to the main screen
103150 Color Blind settings do not work
106346 change how EULA's are returned in Config Wizard - MIM potential with http injection
107570 [ConfigWiz] - Setup - Print This Page - Portrait Layout
107577 [Diagnostics] - Appliance Health - Shutting off the BeyondTrust UVM Service will shut off Diagnostics
107674 [Diagnostics] - Performance Counters - Underscore displays in selected counter
109607 [Diagnostics] - Dashboard graph shows nothing (no faded color of graph) when SQL Mem/Disk/CPU Usage is 0%
109827 [diagnostics] - BT Header does not always display on release notes page
111691 [Diagnostics] - Weekly CPU performance data may already contain data on new images
114122 [Configuration Wizard] - Microsoft and SQL Agreement pages structural formatting
117823 [BTTF] - Unable to RDP to UVM when FIPS is enabled
121816 Webpage login failures (correct username and wrong password) can set the locked flag
126248 CSP errors returned on HA page for exclamation mark image on toaster
3. General Notes
=======================================================================
- The 2.4.1 installer is the primary 2.4 install package - it will upgrade 2.3.4 appliances AND 2.4.0. It replaces the 2.4.0 installer, which should no longer be used.
4. Release availability
=======================================================================
- This update is available via BeyondTrust Updater or as a manual installer from the download tool.
- Shipping on new Appliance Images in April 2017.
Date of Release: January 19, 2018
Product Name: BeyondTrust UVM-20 Security Management Appliance
Updated Version: 2.4.0
Superseded version: 2.3.4
Table of Contents
1. What's New in This Release
2. Known issues:
3. General Notes
4. Release availability
1. What's New in 2.4.0
=======================================================================
45059 2.4: Role Changes
Add a role for PBEPP/Blink
Separate PBPS Portal, PBPS in BI and the Omni-worker (new role)
Create Separate HA Role - manage HAAdmin password
Modify Retina Agent name in Retina role
Manage the PBW Event Service via the Event Collector
Add spinner while roles tiles are loading
Ensure backward compatibility of Templates when roles change
Change ConfigWizard to reflect new Roles
Regenerate the pre-defined templates to reflect the new role structure
77748 2.4: New Roles Editor that allows for Software Installs (w/single sign-on)
Re-architect the Roles Editor so it can be installed by itself outside of a UVM
Migrate existing roles from /RolesEditor to /Roles
Migrate all external calls from /RolesEditor/ to /Roles/
Need to add footer, move version/date to footer and replace with Appliance Name
Define Distribution Plan for Standalone Roles Editor (versioning, install and updates)
Port Template functionality to new Role Editor Service
Integrate with BI authentication in a stand alone setting
Abstract Authentication service for reuse with roles editor on appliance
Modify Notifications functionality to make it optional
Develop a Capabilities Service for evaluating install environment
Add code signing
Roles Editor needs it's own web.config
Add NetCore DataProtection to RolesEditorAppPool
Make Radius work on UVM
Handle appliance configured state with standalone in mind
Handle Role Editor state when in HA Secondary mode
92167 2.4: Add BT Analyser to Diagnostics
Add BTAnalyser card to Diagnostics
Ensure installation of BTAnalyser to UVM
Add Generate Now button to BTAnalyser card in Diagnostics
93606 2.4: Completely disable HTTP on Appliance
Configure and Test a no HTTP setup
Upgrade WMF on Appliance to facilitate future automation options.
118227 2.4: Security Improvements
Protection Mechanism Failure (hsts)
Strip Server, X-Powered-By and X-AspNet-Version from Header
Add "Secure" Attribute to all Cookies
External Control of Filenames or Path by User
Add HTTP Strict Transport Security (HSTS) Header as a configurable option
Check Session Destruction on Server & Expire All Cookies
Prevent username enumeration
retake ownership of default/root website (add to solution for future updates)
Pass the hash, haadmin
Remove internal network addresses from client side code (also Widget updates)
Implement the anti-forgery library in .net
Verify Headers meet security expectations
Add X-Frame-Options:DENY to all Appliance sites
31740 2.4: UVM API Layer Improvements (External & Internal/Cross-Product)
Implement BI Component from Core Team (BTBridge)
Test Automation considerations
Integration with BT prodctcs installed on the UVM.
HA: Move the HA functionality from the Event Service into the UVM's API
Once Bt 'Contract DLL' has the license check - use it for checking the Password Safe bit
102656 2.4: Regular Release Maintenance: Bug fixes, Patches & BI Update
Release Maintenance: Dead Code Cleanup, Reference Checks, Re-sharper Recommendations
Documentation Updates for 2.4 release
Ability to customize the Notification email on the UVM(To be sent from something other then [email protected])
When a backup is restored the roles are not applied
Investigate WinRM's failure to work on appliances
114321 2.4: BeyondInsight 6.4 support
Supercharger: Test URL Rewriting (TFS 116922)
Supercharger: Install and configure BI
Supercharger: Test Active/Active & UVM integration points
107535 2.4: Upgrade C++ Tooling on UVM
31755 2.4: Appliance Support Package
[Diagnostics] Appliance Logs improvements
Broken Authorization - Anonymous download of logs
2. Known issues:
=======================================================================
48692 Certificates created on February 29th (leap year day) are invalid
50373 unable to bitlocker c:\ on 20 or 50 (TPM not enabled)
51919 all pages - Next button does not enable until unblur
52991 Favicon not present (MS Edge Only)
53195 Cannot press Enter to select buttons (space works)
53893 page jumps around when trying to scroll down - MS Edge
54055 disabled checkbox is ever so slightly different size than enabled
54061 when pressing tab through a page there is no indication of currently being on a radio button (network page)
55000 When on step 8, step 9 is valid so progress shows as 90% - but I have never been to step 9
56319 Home and End keys do not function for intended purpose within a text box (input box?)
56450 time picker does not allow input of two digits when specifying the time - Safari
61145 Appliance Discovery Tools returns "Error: The appliance did not respond" when changing the IP but IP change was successful
64222 Auto redirect to diagnostics when configuration wizard completes does not work on safari
64535 Password Safe portal error connecting to Active/Active SQL server
67795 eEye Digital Program Folder listing restored to Start Menu programs after BI update
82325 Diagnostics - There should be a warning if CAPS LOCK is on when logging in
82684 [BI Bug] - EventServer generating Service alerts on HA Secondary saying it was terminated unexpectedly
86920 [Notifications] - "Configure Notifications" or "View all notifications" pages do not allow clicking the previous page through the navigation menu
87815 [Config Wizard] - Machine reboot after rename is recorded as an unexpected shutdown and displays a prompt at next logon
92050 [config wizard] - unnecessary word wrap for Creating database line item
93400 [Header] - The username is no longer displayed when you click on the profile icon on the header
93723 [Config wizard] - new machine name in URL fields are not being applied to BI (REMEMConfig)
98220 [Azure] - Desktop shortcuts missing
98325 Syncit Update errors on non-configured UVM
100584 [Maintenance] - Backups - if the backup is taking a while and the page times out (user does not extend session) the backup progress indication is lost (backup still completes though)
100666 Time Zone, date and time picker in config wizard do not display a default value in Azure (deployed as UTC)
102856 [LCD] - plugging in another USB device when on a specific menu on the LCD screen will cause the LCD to bump back to the main screen
103150 Color Blind settings do not work
106346 change how EULA's are returned in Config Wizard - MIM potential with http injection
107570 [ConfigWiz] - Setup - Print This Page - Portrait Layout
107577 [Diagnostics] - Appliance Health - Shutting off the BeyondTrust UVM Service will shut off Diagnostics
107674 [Diagnostics] - Performance Counters - Underscore displays in selected counter
109607 [Diagnostics] - Dashboard graph shows nothing (no faded color of graph) when SQL Mem/Disk/CPU Usage is 0%
109827 [diagnostics] - BT Header does not always display on release notes page
111691 [Diagnostics] - Weekly CPU performance data may already contain data on new images
114122 [Configuration Wizard] - Microsoft and SQL Agreement pages structural formatting
117823 [BTTF] - Unable to RDP to UVM when FIPS is enabled
121816 Webpage login failures (correct username and wrong password) can set the locked flag
126248 CSP errors returned on HA page for exclamation mark image on toaster
3. General Notes
=======================================================================
- The 2.4.0 installer is the primary 2.4 install package. It now contains a standalone sub-package for the Roles Editor which has been versioned the same as the UVM Software. This installer is available for use with software installs and will eventually move to a separate BTUpdater subscription.
4. Release availability
=======================================================================
- This update is available as a manual installer from the download tool.
- A separate release will be made available for installing the Roles & Authentication components to a software install. Do not use this installer.
- This update will be made available via BTUpdater at the end of February 2018.
- Shipping on new Appliance Images in February 2018.
