09 March 2014

Wanguard & Wansight 5.4

Tags: Announcements, Changelog, Press Releases

April 4, 2014 - http://www.andrisoft.com - Andrisoft, developer of advanced traffic monitoring and anti-DDoS solutions, today announces the release of the WANGUARD 5.4 software platform.

WANGUARD 5.4 brings the following new features:

  • New decoders for the latest DDoS attacks: NTP, RDP and SNMP.
  • Both Sensors can generate tops and graphs for Countries and tops for external IPs. To enable set the Top Generator parameter to Extended for the Sniffing Sensor and to Full for the Flow Sensor.
  • Both Sensors can generate tops and graphs for Autonomous Systems based on GeoIP data.
  • Add IPFIX compatibility with the Juniper MX and with other flow exporters that maintain the Start Time of flows.
  • New API for manipulating IP Zones and Sensors from the CLI, located in /opt/andrisoft/api.
  • All widgets in a dashboard can share a single Time Frame. This can be enabled from the Dashboard Configuration.
  • Updated Autonomous Systems ( Organizations ) database with the latest entries from Internet Routing Registries.
  • New FLOWSYN decoder that matches all packets from flows with the SYN flag set.
  • New keyboard shortcuts: Ctr+E toggles South Region, Ctrl+R toggles Reports/Configuration, Ctrl+← and Ctrl+→ switches Central Region tabs, Alt+Ctrl+← and Alt+Ctrl+→ switches bottom tabs.
  • New Flow Collector output mode called "Debug" that lists flows and tops from all flow exporting interfaces, not only from the interfaces monitored by the Flow Sensor.
  • Communication between Console and remote components can be encrypted using SSL.
  • New "Per All" option for the Profiling Data parameter in IP Zones that enables profiling for the included IPs and subnets.
  • Unprivileged users can execute Anomaly Actions if the proper permission is enabled in the user profile.
  • New roles for BGP Connections to see the number of BGP announcements from Reports » Alarms & Tools » BGP Prefixes in red for “Black-holing” and in blue for “Diversion”.
  • New Dashboard Widgets: Flows List and Flows Top
  • New Dynamic Parameters: {filter_ip_isp} and {filter_ip_country} to get the ISP and the Country of attacking IPs.
  • New button in Reports » Alarms » Anomalies » Anomalies Archive to force the clearing of active anomalies.
  • New button in Reports » BGP Prefixes » BGP Archive to force the clearing of active BGP announcements.
  • Reports » Tools » Flow Collector » Autonomous Systems moved to Reports » Components » Sensor » AS Graphs.
  • Configuration » Components panel title button enables starting/stoping of all Components with a single click.
  • Fix Console slowdown caused by the summarization of Events in the South Region » Latest Events when the Events Log is very big.
  • Better User Manual & Admin Guide
  • Fix for the Filter TTL bug, false positives on outbound attacks on decoders other than TOTAL, fix HTML code for Scheduled Reports
  • Few other smaller bug fixes.

For more information on Andrisoft WANGUARD 5.4 and its features, please visit http://www.andrisoft.com/software/wanguard.

About Andrisoft

Andrisoft was founded early 2006 with a strong business focus on software development, implementation and support of applications needed in Network Operations Centers. Andrisoft provides complete traffic monitoring and accounting, network protection and policy enforcement solutions for IP networks using the scalable, innovative, high performing WANGUARD software platform.

Wanguard 6.3 was released! Changelog and upgrading instructions on https://t.co/VksdOHbOHi
Follow Andrisoft on Twitter