🛡️ Top New Features
User Access Detection: Show servers that a user is connecting to after logging in
The new User Access Detection feature now shows the servers a user connects to after logging in. Instead of aggregating servers around the user, the view now centers on all IPs the user has logged into, displaying traffic from these IPs to other servers. This view, similar to the search view, uses parameters like source IPs logged into by the user, any target, and a configurable list of ports. Connections are shown with arrows from the IPs the user logged into, to the accessed servers, complete with port numbers. These connections are time-filtered based on user login time.
Official support for GCP Mapping
We are thrilled to announce that we have now added official support for Google Cloud Platform (GCP). This is a significant update as, up until now, Faddom only supported GCP rightsizing as part of our migration module. However, we have expanded our offering to include a more comprehensive support for GCP. We have integrated the use of GCP APIs and flow logs to map environments on Google Cloud. This new feature means that you will now be able to conveniently search, build application maps, and perform a variety of other tasks.
Traffic Behavior Investigation
Investigate server traffic anomalies to allow the comparison of two timeframes to identify deviations, assisting in determining causes and impacts. For example, we could examine server connections before and after an anomaly, focusing on significant traffic changes. This could provide insight into what occurred and help you perform root-cause analysis.
External Traffic Detection (North-South Traffic)
This new feature enables the detection, analysis, and alert generation for external traffic (North-South). This can significantly improve your overall security posture. Faddom can now give you a view of all servers with external connectivity (whether incoming or outgoing), along with the ability to set up “blacklisted countries” to be alerted on.
Security Dashboard - Added Application View
Currently, the security dashboard displays data based on the entire topology. A new feature allows the user to select either "All Servers" or specific applications. Once an application view is selected, all fields, charts, and graphs will provide a security overview from the perspective of the selected applications.
CVE Updates
CVE - Added support for Windows based servers
We have added support for detecting CVEs for software installed on Windows.
Allow running CVE discovery without running the full software discovery
You can now refresh CVE data on detected software without running a full software discovery
🆕 Additional New Features
Inventory: Added servers using Faddom’s agent (Host sFlow) to the Inventory page
This will enable customers using physical servers, or those without access to vSwitches (e.g., in a hosted VMware Cloud), to view all their servers in a unified view, similar to other data sources. You are also able to export this list.
Deployment - update OVA template to Oracle Linux 9
As the previous OVA was based on CentOS7 which is nearing EOL, we have released a new OVA based on Oracle Linux 9, which will be supported until the year of 2032.
There is a new script to allow easy migration to the new OVA.
There are also new OVAs for the sensors (based on PhotonOS 5). To update the sensors, you can delete the existing sensors from your vCenter and redeploy through the Faddom UI.
If you are using a proxy, you can also delete that and deploy the new Oracle Linux 9 based version.
Global Parameters Modifications
We have redesigned the Global Parameters screen to enhance both usability and functionality.
Maps - added dotted connections to the color legend
We have incorporated the dotted line connections to the legend to reflect connections related to a server which are not part of that particular application map.
Find Failed Connections
When performing a search, you now have the option to look only for those connections that have failed.
Automated Split Installation
We have a new script available to allow easy separation of the Faddom application and database servers. This will allow you to avoid a manual process to do this when desired.
Permission Management Improvements
We have improved the Access Control screen in the UI making the different permission groups clearer.
If a user does not have permission to view a screen, they will be redirected to a permission-denied screen. If they cannot edit a screen, the relevant controls will be disabled.
Maps - Allow creating discovery filters from list view
Enhanced Software Discovery for Windows Servers
We have improved the software discovery process. Now, software packages are successfully located under Server Properties. In addition, a thorough search in Inventory > Software by server also results in a comprehensive list of all software packages.
Hypervisor sizing - data display enhancement
We've updated the main screen to display the disk size and VM Name, ensuring that all collected data is readily visible without needing to access server properties.
Inactive Servers - Updated Ignore List Functionality
We have updated the ignore list in Inactive servers. Now, when adding a server to the ignore list, all traffic from those IPs is effectively ignored for inactive servers calculation, as intended.
Discovery - VM names are updated in the server display name
We have improved our discovery process - we set the VM name as the display name for each server. Now, when that name is changed in VMware or AWS - we update the display name to match the new name.
Load Balancers - NetScaler discovery now works for Virtual Servers with long names
Application Map: Fully displayed on the screen
We have addressed the issue where the application map was not utilizing the full-screen space in Edge and Chrome. Now, regardless of the browser size, users will view their application maps fully extended to the edges of the screen for a better user experience.
Inventory: The IP/hostname of vCenter ESXi hosts now displays the management IP/hostname
Resolved issue where leaving a browser open for a long time, sometimes caused 408 errors
IP Groups - Permanent Deletion of IP Group Implemented
When deleting an IP Group that is automatically discovered from a data source, this IP Group will no longer be restored during the next discovery. You can manually restore them if desired via the IP Group screen.