CloudPassage Halo — 25 February 2015 Release
The 25 February 2015 Release of CloudPassage® Halo® includes minor enhancements, bug fixes, and performance improvements throughout the product.
New Features and Improvements
Corrected SSO login behavior when Halo password has expired
Previously, in a scenario in which SSO login to Halo was available but not required, a site administrator with an expired Halo password had been able to log in through SSO without error; however, no site administration or account features appeared in the Halo portal.
The new behavior is the following: a site administrator with an expired password attempting to log in through SSO is immediately redirected to the administrator's account page, in order to update the login password.
Also, if SSO is required for login, the user is never asked to update the Halo password.
The following issues are among those that remain unresolved as of this release. Any known workarounds are described.
- IE8 not supported for Halo reporting. The Halo reporting service does not function for a user who has logged into Halo using Internet Explorer 8.
Workaround: Log in with a more recent version of IE or with a different browser, or use the Halo API to construct server searches.
- Editing file integrity baseline expiration. If you want to change the expiration value when editing or re-baselining an existing baseline, the new expiration date is now calculated from the current date, rather than from the original baseline-creation date. However, if you keep the same setting (number of days) for the expiration value, the re-calculation does not occur and the expiration date remains based on the original creation date.
Workaround: Select a different expiration value and save the baseline. Then re-edit the baseline and specify your desired expiration value.
- False-positive file integrity security events can occur in Linux systems in which the
prelinkutility regularly resolves links to dynamic libraries in executable files and stores the results in the executable files, thereby modifying them. This action can create differences between the servers of a scan group and the baseline (golden master) server, thereby causing the false positives.
Workarounds. Take either of the following steps:
- Manually run
prelinkon the baseline server before running the baseline scan. That should eliminate most or all false security events related to
- Turn off pre-linking on all of your servers.
- Manually run