New features in 8.17.0

The following are the new features available with the Xprotect version 8.17.0 released on the 28th of May 2021:

Enhancements to Reporting features

The following enhancements are added to the Reporting features on the Reports page.

  • Instance report - Instance report is a new PDF report that provides critical metrics for Hosts, Policies, and Alerts for the instance. Some of the metrics displayed in the report are Top 10 hosts with most alerts, Most frequently generated alerts, and Policy distribution by Host groups.

  • Reporting schedule for Instance reports - use one of the two pre-set schedules at the time of creating the Tenant report - Weekly, or Monthly. For Weekly and Monthly schedules, you must add at least one email recipient. You can add up to three email recipients for a schedule.

    • Weekly - generate a weekly reporting schedule for the Tenant report. The default date range is the last 7 days.  

    • Monthly - generate a monthly reporting schedule for the Tenant report. The default date range is the last 30 days.  

    • All the Weekly and Monthly reports you generate for an instance are listed in the Scheduled Reports tab. See the Last Sent On and Scheduled Next For for the details of the reporting jobs for the schedules.

    All the Scheduled reports (the initial report generated when you create the report and the subsequent ones for the schedules) are listed in the Reports History tab.

  • On-demand reports - you can also create Policies and Alerts report and Tenant report on demand. On-demand reports can be generated for a range of an hour and up to the last 30 days. All On-demand reports are also listed in the Reports History tab.  

    • You can download reports from the Scheduled Reports tab or the Reports History tab.

Enhancements to Policy editor features

The following enhancements are added to make policy creation, editing, and rule management easier in Xprotect.

  • Delete multiple rules - select multiple Application Control rules or File Protect rules in a stack or across multiple stacks and click Delete rule (in the floating panel on the top) to delete them from a policy.

  • Move rules across stacks - select Application Control rules or File Protect rules in a stack or across multiple stacks and click Move to Stack to move the rules to a target stack in the policy. If the target stack is one of the source stacks, rules are not duplicated in the target stack.

  • Delete multiple Suppressed alerts - select multiple Suppressed alerts (in the Suppressed Alerts tab of a policy) and click Delete to delete the alerts.

Instance level setting to enable User policies

Set the Enable User Based Policies toggle switch on the Settings > Configurations page to enable User policies for the instance.

  • For instances that are upgraded to Xprotect version 8.18.0, this setting is enabled by default. All the selections to enable Host groups for User policies and the User policies are retained.   

  • For instances that created after version 8.18.0, this setting is disabled by default. Enable this setting to use the User policies features. As soon as you enable this setting, you will see a Configure LDAP button (for LDAP integration with the instance).

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.