New In Version 3.1

Functionality

New Identifier Input Adaptor

This new input adaptor allows for the processing of structured data dumps from systems such as mainframes.

Improved data base configuration error message

Bad configuration of data base settings now results in a meaningful message being shown in the console.

Added Access Rules

A new type of plug-in allows the administrator to configure additional logon requirements, such as a second factor or network access restrictions. In this release only a local host access only and email second factor plug-in is shipped. However, this plug-in structure enables logon extensions such as single sign-on, LDAP, tokens, Tivoli Access Manager etc., to be used for the console. These plug-ins can be custom written on demand.

PHP Support via the PHP/Java Bridge

A new configuration setting (preserve stream) and a setup template that illustrates how the filter can be used to protect PHP applications has been added.

Repositories

This new console extension allows for configurations, rule sets and deployable data to be logically separated amongst users. Specifically this allows repositories to be created that are unique to a given task or workflow (such as Test, Staging and Production). Different individuals can be assigned different permissions (through the user roles) to determine if they can view, update and deploy from a given repository. When coupled with server permissions this allows complete control over who edits, checks and deploys rules to any given server.

Automated versioning of data in repositories

Any changes to configurations, rule sets or data are now automatically backed up for perpetuity. This includes the deletion of any given file that is linked to a repository. Older versions of files can be restored by a simple point in time selection.

Intelligent copy between repositories

Files can be seamlessly copied between repositories of the same kind (data to data, rule sets to rule sets and so on). To make it simpler to administrate large collections of rule sets that belong to a given configuration, copying of configurations also allows the automated drag-along of all the rule sets the configuration requires to function. Optionally this drag-along can be preceded by the clearing of the target rule set repository. Copying that override or clears target files results in an automated backup or the target files first.

New rules

HTTP Session Attributes

The HTTP Session Attributes rule is designed to be used during exploration of a new application. It will list the contents of anything stored in the application session during the flow of the application. This rule is not for production use.

Language Hash

The Language Hash rule provides a phonetic simplification of any word provided to it, so that it can be used to compare to other words. This is commonly used to catch basic misspelling of names and addresses..

MD5 Hash

The MD5 Hash rule can take any textual input and convert it to a one way encryption using an RSA compliant MD5 algorithm. This is mainly used to encrypt credit cards numbers when they need to be used for future reference in a data base. The resulting hash can not be decrypted, but instead an encrypted version of another provided text can be used to verify equality.

Changes to look and feel

Allow enter key to be used for logon Add TOC to documentation PDF On copy, make sure the newly copied rules is selected On delete, make sure the parent id of the deleted item is selected Do not allow main frame to be broken out from logo header

Bug fixes

– none –

Main Documentation changes

New rules added (MD5 Hash, HTTP Session Attributes, Language Hash) Access Rule Configuration PHP Setup and details Repositories Repository security additions for users