| Оглавление |
|---|
| Якорь | ||||
|---|---|---|---|---|
|
Version 1.1.1
Added
- Display of the node name that processed the request in RADIUS / TACACS+ connection logs
- Management of PostgreSQL Replication Manager parameters via Ansible playbook variables
Improved
- Added support for restoring data from version 1.0 backups in version 1.1.1
- Added support for running Ansible playbooks on Astra Linux 1.8 and RedOS 8
- Added documentation describing the need to re-fetch groups and update their settings when using an LDAP external identity source after upgrading from version 1.0
Fixed
- Issue where roles created/edited on one NAICE node in a high-availability setup were not applied on the second node
- Issue where Last Name, First Name, and Email fields were cleared when saving changes for users from external identity sources
- Display of test events when attempting to send data to an unavailable log collector
- Issue where access to RADIUS policies required granting access to TACACS+ policies in the role
- Issue where an error occurred when attempting to log in to the web GUI after a NAICE server reboot
- Issue with granting database permissions on ursus to user phoca after upgrading from version 1.0
- Issue where the login page was not displayed after administrator logout in a high-availability setup
- Issue where reopening the login page was required after changing the authentication source
| Якорь | ||||
|---|---|---|---|---|
|
Version 1.1
Added
- Some system settings are now available in the NAICE web interface, significantly simplifying configuration and reducing the need to use environment variables
- Password policies: configurable requirements for user password complexity
- Integration with an SMTP email server (notification gateway) for sending notifications when system users are created or their credentials are changed:
- support for uploading trusted SSL/TLS certificates via the web interface
- Login to the NAICE web interface using accounts from external identity sources (MS AD and LDAP):
- support for assigning roles in the NAICE web interface based on attributes from external sources
- Support for LDAPS when working with external identity sources:
- support for uploading trusted SSL/TLS certificates via the web interface
- CA certificate validation when sending SMS via an HTTPS notification gateway
- support for uploading trusted SSL/TLS certificates via the web interface
- Integration of NAICE with Peeper 0.8 (Eltex software monitoring system)
- Distribution as a QCOW2 image
- Distribution as OVA/QCOW2 images based on RedOS as the operating system
- Ansible playbook for deploying NAICE in a high-availability setup without VRRP
Improved
- Management of user accounts from external identity sources (MS AD and LDAP) moved to a separate service to eliminate interaction between RADIUS and TACACS+ services
- Substitution of the RADIUS user password with a value from a custom attribute in external MS AD and LDAP sources
- Cloning of RADIUS and TACACS+ authentication and authorization policies
- Endpoint counting (license enforcement): reduced dependency on mandatory attributes to support a wider range of devices
- Added an event for failed system user authentication in the logs
- Added support for storing personal account settings: selected language and time zone
- Dashboards now display storage usage and retention periods for RADIUS and TACACS+ logs, including:
- RADIUS session
- TACACS+ session
- TACACS+ accounting
Fixed
- Display of privilege level and identity source in the TACACS+ connection log
| Якорь | ||||
|---|---|---|---|---|
|
Version 1.0.2
Added
- Updated public certificate naice-radius used for EAP-PEAP authentication
- Added an Ansible playbook for replacing naice-radius certificates used for EAP-PEAP and EAP-TLS authentication
| Якорь | ||||
|---|---|---|---|---|
|
Version 1.0.1
Added
- Support for using the MS AD domain prefix in the userPrincipalName attribute
- Support for MS AD machine account password rotation
Improved
- Algorithm for selecting the preferred MS AD domain controller
Fixed
- Operation of the database cluster for RADIUS and system events
| Якорь | ||||
|---|---|---|---|---|
|
Version 1.0
Added
- Role-based access control (RBAC) model
- Integration with SIEM systems, including security event logging
- User activity logging in the system
- Logging and storage of endpoint sessions in the database
- Distribution as an OVA image with a web panel for quick and easy NAICE configuration
Improved
- PostgreSQL upgraded from version 15 to 17
- Web interface redesigned using Protocol UI
- Authorization profile cloning