SolarWinds Log & Event Manager V6.0.1 Now Available – Smarter Than Your Average Dot-Release!
Last week, we released version 6.0.1 of Log & Event Manager. Normally we don’t make too much noise about service releases (minor dot releases) ’round these parts, but this time we decided to make an exception. We packed a lot of security enhancements and customer requests into this release that you should definitely be aware of.
ENHANCED SECURITY FEATURES
- Removal of several flagged "vulnerabilities" on the LEM appliance: We continuously monitor security scans and while rarely (dare I say, almost never?) has there been an issue without a mitigation (like ShellShockfor example), we do still try to make sure we reduce and ideally eliminate any vulnerability scans from flagging the LEM appliance in any way. With this release, we’ve cleaned up all known security scan flags except the visibility of the Tomcat error page which we’re looking into for a future release, and a couple of certificate triggers which are expected and would be resolved by using a CA-signed cert.
- Better support for using signed certs: We had some customers use the ability to sign and re-upload certs for the LEM console, but there were some cases where it didn’t work quite right. We shored up our support for certs and things should be much improved.
- Improved enforcement for password storage for connectors: some connectors require storing username/password credentials (connectors that use a database to retrieve log data, for example) so we’ve beefed up encryption and version enforcement for storage of those passwords. Once you upgrade your 6.0.1 appliance and console, you’ll need to also upgrade any agents that might have one of these connectors configured (or where you’ll configure one going forward).
Read the entire article here, LEM V6.0.1 Now Available – Smarter Than Your Average Dot-Release!