Home
Resources
Release Notes
Access the release notes for release-based products.
N2OS
N2OS 24.0.0
Contents and detection
A list of the improvements for the Contents and Detection that have been introduced in this release.

Resources
- Release Notes
  Access the release notes for release-based products.
  - Arc
  - N2OS
    - N2OS 24.3.1
    - N2OS 24.3.0
    - N2OS 24.2.0
    - N2OS 24.1.0
    - N2OS 24.0.0
      - Resolved issues
        A list of the bugs and defects that have been addressed in this release.
      - Security fixes
        A list of security problems that have been addressed in this release.
      - Updates in upcoming releases
        Important changes in future releases that might require additional steps or planning during upgrade.
      - Highlights
        An overview of the most impactful changes in this release.
      - Contents and detection
        A list of the improvements for the Contents and Detection that have been introduced in this release.
      - Base OS
        A list of the improvements for the operating system (OS) and graphical user interface (GUI) usability changes that have been introduced in this release.
      - Reports and integrations
        A list of improvements for the queries, assertions and reports, and new developments for data and firewall integrations that have been introduced in this release.
      - Protocols, Smart Polling, and Arc
        A list of the improvements for Protocols, Smart Polling and Arc that have been introduced in this release.
      - CMC, Remote Collector, and AAA
        A list of the improvements for the CMC, Remote Collector and Authentication, Authorization and Accounting that have been introduced in this release.
      - Update path requirements
        Follow these instructions to have a smooth upgrade experience.
    - N2OS 23.4.1
    - N2OS 23.4.0
    - N2OS 23.3.1
    - N2OS 23.3.0
    - N2OS 23.2.0
    - N2OS 23.1.0
    - N2OS 23.0.0
- N2OS Configuration
  The N2OS Configuration - Reference Guide.
- N2OS Software Development Kit
  The N2OS Software Development Kit (SDK).
- Integration Guides
  Integration guides to help you use applications that integrate with Nozomi Networks products.
- Reference Guides
  Additional reference guides with information on items such as Alerts and Incidents and Federal Information Processing Standards (FIPS).
- Quick Start Guides
  Hardware Quick Start Guides.
- Security
  Stay up-to-date with the most recent information and solutions for all vulnerabilities that affect Nozomi Networks products.
- Print format documentation
  A list of all the technical documentation that is available in print format.
- Documentation archive
  Access previous versions of the technical documentation.

Contents and detection

A list of the improvements for the Contents and Detection that have been introduced in this release.

The scan for Windows executable files for unknown protocols is now disabled by default. It can be enabled via a dedicated entry in the configuration file.
Alerts stemming from YARA and Structured Threat Information Expression (STIX) rules about files in compressed archives now expose both the archive's and the extracted file's hashes.
Retired legacy index matching and microsoft hotfixes engines. Those capabilities have been improved and standardised in cpe2cve.
STIX indicators can now be assigned a custom scoring to be reflected in the alert risk.
Added DUALUSE and PUA alerts for STIX Indicator alerts.
The extraction and analysis of files can now be enabled or disabled according to the node's identifier (ID), zone and type.
Improved stability of packet rules when generating an alert during the reload of packet rules contents.
Packet Rules and Sandbox Engine can now automatically scale the central processing unit (CPU) and random-access memory (RAM) allocation to offer increased protection under high network traffic.
Improve the consistency of asset merge for passive and active discovery.
Improved the robustness of the byte option for Packet Rules against malformed input.
Improved the ability to scan streams of unknown protocols for executable files. This is disabled by default and can be enabled via a documented instruction.
n2os_va is now considered under high load if more than 10% of recalculation tasks are discarded in the last minute.
Introduced generic Microsoft Windows signature for nodes and assets for which a precise build version cannot be inferred from passive monitoring. When more accurate information is captured from any other data ingress method, it will override the generic signature.
Improve the robustness of Sandbox while analyzing invalid and corrupted VBA macros.