Arc v1.17.0

The release notes for Arc version v1.17.0.

New features

A list of new features that have been introduced in this release.

  • Arc-645: Hardware components are now also extracted for Linux hosts.
  • Arc-854: The Sigma rules syntax is now extended to support boolean fields.
  • Arc-874: The Sigma rules engine now prevents the acceptance of malformed Sigma rules that contain duplicated keys in a map.
  • Arc-879: The Sigma rules syntax is now extended to support classless inter-domain routing (CIDR) modifiers.
  • Arc-909: Extended support to Red Hat Linux Enterprise down to version 7.3.
  • Arc-929: Arc functionalities are now available either as a complete package or through two separate licenses:
    • Arc Endpoint: covers all local detections on the endpoint
    • Arc Sensor: includes network sensor features such as Traffic Monitoring, Discovery, and Smart Polling
    Note:
    A separate license is still required for Smart Polling. This license split applies only to standard Arc, not Arc Embedded.
  • Arc-946: Arc can now extract and show processes with open ports for Linux and macOS.
  • Arc-950: Improved the user experience (UX) for the installation process on Windows that uses the Microsoft Software Installer (MSI). Options have been simplified and tooltips have been added. Also, Arc now appears also in the Windows Start menu.
  • Arc-951: The local user interface (UI) experience has been improved, minimizing the options and actions that the user needs to take to accomplish a configuration.
  • Arc-961: On Linux and macOS, only a root user can now access the arc.json configuration file.
  • Arc-968: Discovery and Smart Polling:
    • Discovery
      • Addressed an issue that caused Discovery to fail due to network errors when using network interfaces with link-local addresses. Discovery no longer run on interfaces with link-local addresses
      • Introduced improvements to the ONVIF Discovery strategy
      • New Discovery strategies:
        • Sick CoLa 2
        • Moxa
        • CODESYS
        • AutomationDirect Productivity
    • Smart Polling
      • Addressed an issue that caused the parameters for some Smart Polling targets to be wrongly interpreted and resulted in failed polls
      • The S7 strategy is more resilient to malformed packets
      • New Smart Polling strategy AutomationDirect Productivity
      • Improvements to the simple network management protocol (SNMP) Smart Polling strategy. Smart Polling is now able to:
        • Get the list of software packages installed in a Linux system
        • Use LLDP to obtain network infrastructure information
        • Get asset information for a broader set of network devices
      • Improvements to the MELSOFT Smart Polling strategy. Smart Polling is now able to:
        • Directly or indirectly query devices that are connected to an iQ-R series device
        • Get information from these devices even if they the sensor cannot reach them directly
      • Improvements to the Bently Nevada Smart Polling strategy. The output of Smart Polling is now identical to that which is obtained through passive detection
  • Arc-980: Improved operating system (OS) version parsing for RedHat Linux distributions.

Resolved issues

A list of all the issues that have been resolved in this release.

  • Arc-990: Fixed an issue that prevented the retrieval of hotfixes on some Windows machines.