Faddom Help Center

Release Notes Highlights - v2023.5

🛡️ Top New Features

User Access Detection: Show servers that a user is connecting to after logging in

The new User Access Detection feature now shows the servers a user connects to after logging in. Instead of aggregating servers around the user, the view now centers on all IPs the user has logged into, displaying traffic from these IPs to other servers. This view, similar to the search view, uses parameters like source IPs logged into by the user, any target, and a configurable list of ports. Connections are shown with arrows from the IPs the user logged into, to the accessed servers, complete with port numbers. These connections are time-filtered based on user login time.

 

Official support for GCP Mapping
  • We are thrilled to announce that we have now added official support for Google Cloud Platform (GCP). This is a significant update as, up until now, Faddom only supported GCP rightsizing as part of our migration module. However, we have expanded our offering to include a more comprehensive support for GCP. We have integrated the use of GCP APIs and flow logs to map environments on Google Cloud. This new feature means that you will now be able to conveniently search, build application maps, and perform a variety of other tasks.

external traffic.gif

 

Traffic Behavior Investigation

Investigate server traffic anomalies to allow the comparison of two timeframes to identify deviations, assisting in determining causes and impacts. For example, we could examine server connections before and after an anomaly, focusing on significant traffic changes. This could provide insight into what occurred and help you perform root-cause analysis.

External Traffic Detection (North-South Traffic)

This new feature enables the detection, analysis, and alert generation for external traffic (North-South). This can significantly improve your overall security posture. Faddom can now give you a view of all servers with external connectivity (whether incoming or outgoing), along with the ability to set up “blacklisted countries” to be alerted on.

Security Dashboard - Added Application View 

Currently, the security dashboard displays data based on the entire topology. A new feature allows the user to select either "All Servers" or specific applications. Once an application view is selected, all fields, charts, and graphs will provide a security overview from the perspective of the selected applications.

CVE Updates
  • CVE - Added support for Windows based servers

    We have added support for detecting CVEs for software installed on Windows.

 

  • Allow running CVE discovery without running the full software discovery

    You can now refresh CVE data on detected software without running a full software discovery

🆕 Additional New Features

Inventory: Added servers using Faddom’s agent (Host sFlow) to the Inventory page

This will enable customers using physical servers, or those without access to vSwitches (e.g., in a hosted VMware Cloud), to view all their servers in a unified view, similar to other data sources. You are also able to export this list.

 

Deployment - update OVA template to Oracle Linux 9

As the previous OVA was based on CentOS7 which is nearing EOL, we have released a new OVA based on Oracle Linux 9, which will be supported until the year of 2032.

  • There is a new script to allow easy migration to the new OVA.
  • There are also new OVAs for the sensors (based on PhotonOS 5). To update the sensors, you can delete the existing sensors from your vCenter and redeploy through the Faddom UI.
  • If you are using a proxy, you can also delete that and deploy the new Oracle Linux 9 based version.
Global Parameters Modifications

We have redesigned the Global Parameters screen to enhance both usability and functionality.

 

Maps - added dotted connections to the color legend

We have incorporated the dotted line connections to the legend to reflect connections related to a server which are not part of that particular application map.

Find Failed Connections

When performing a search, you now have the option to look only for those connections that have failed.

Automated Split Installation

We have a new script available to allow easy separation of the Faddom application and database servers. This will allow you to avoid a manual process to do this when desired.

 

Permission Management Improvements

We have improved the Access Control screen in the UI making the different permission groups clearer.

If a user does not have permission to view a screen, they will be redirected to a permission-denied screen. If they cannot edit a screen, the relevant controls will be disabled.

 

Maps - Allow creating discovery filters from list view

Maps - Allow creating discovery filters from list view.gif

Enhanced Software Discovery for Windows Servers

We have improved the software discovery process. Now, software packages are successfully located under Server Properties. In addition, a thorough search in Inventory > Software by server also results in a comprehensive list of all software packages.

Hypervisor sizing - data display enhancement

We've updated the main screen to display the disk size and VM Name, ensuring that all collected data is readily visible without needing to access server properties.

Inactive Servers - Updated Ignore List Functionality

We have updated the ignore list in Inactive servers. Now, when adding a server to the ignore list, all traffic from those IPs is effectively ignored for inactive servers calculation, as intended.

Discovery - VM names are updated in the server display name

We have improved our discovery process - we set the VM name as the display name for each server. Now, when that name is changed in VMware or AWS - we update the display name to match the new name.

 

Load Balancers - NetScaler discovery now works for Virtual Servers with long names
Application Map: Fully displayed on the screen

We have addressed the issue where the application map was not utilizing the full-screen space in Edge and Chrome. Now, regardless of the browser size, users will view their application maps fully extended to the edges of the screen for a better user experience.

Inventory: The IP/hostname of vCenter ESXi hosts now displays the management IP/hostname
Resolved issue where leaving a browser open for a long time, sometimes caused 408 errors
IP Groups - Permanent Deletion of IP Group Implemented

When deleting an IP Group that is automatically discovered from a data source, this IP Group will no longer be restored during the next discovery. You can manually restore them if desired via the IP Group screen.

 

Was this article helpful?
0 out of 0 found this helpful

Comments