Protocols, Smart Polling and Arc

  • Fields populated through passive detection now have a protocol information field. This field is visible in the asset details dialog through the information tooltips, and it is queryable through the *:info fields in the nodes and assets tables.
  • N2OS can now extract asset information for WAGO devices using the HTTP protocol.
  • N2OS now passively extracts Bently Nevada asset identification data, function codes, and hardware components.
  • Added a Smart Polling Strategy for Bently Nevada devices.
  • Guardian can now detect Ubisense DIMENSION4 UWB RTLS devices both through passive detection and Smart Polling.
  • Guardian now supports the ubisense-uwb Ultra Wideband (UWB) protocol.
  • Refined the import variables function to avoid an error, and requiring to map all the 3 primary keys to enable the import.
  • Extended and refined the capabilities for Allen Bradley L5X project file imports.
  • Improved support for CanBus (Controller Area Network) protocol.
  • Added support for MVB (Multifunction Vehicle Bus) protocol.
  • Introduced a new Smart Polling HTTP strategy for Lanner IPMI Card that includes Tyan BMC cards and other AMI MegaRAC SP-X implementations.
  • Guardian can now extract network-related information about nodes from the DHCP protocol.
  • Improved asset identification for the PSI KETEL protocol.
  • The minimum interval between Time machine snapshots is now one hour.
  • The Capture Device values populated for nodes discovered by Arc now show also the network interface by which traffic was found (e.g. arc[10.0.0.1@eth1] ).
  • Improved support for the CAPWAP (Control and Provisioning of Wireless Access Points) protocol by implementing the reassembly of fragmented messages.
  • Improved the device module and firmware detection for Siemens S7 devices.
  • Previously, Guardian alerted about extra tailing data in DNS packet. Now, extra tailing data in DNS packet is no longer considered a malformation and does not represent a potentially malicious action, so Guardian no longer alerts on this condition. Additionally, in both the HTTP and FTP protocols, we have lowered the frequency of SIGN:PASSWORD:WEAK and SIGN:CLEARTEXT-PASSWORD to a single instance per source node and destination node.