TrueSight Server Automation 21.02 offers the following key features and enhancements:
Smart Agent enhancements
The Smart Agent feature of the RSCD Agent now supports the following capabilities:
- Auto update of server properties - Monitors the server properties and shares the updated property values with the Application Server. For details, see Auto update of server properties.
- Auto configuration - Monitors and updates the agent configurations on target servers using Agent Configuration Policies. For details, see Agent Configuration Policies.
This release offers the following patching enhancements:
- Downloading and applying patches on Oracle Linux Unbreakable Linux Network (ULN) systems is now supported. For more information, see Getting started with Oracle Linux ULN patch analysis.
- The partner.manifest file now includes the dynamic URLs used by Ivanti technologies to download patches on Windows systems. For details, see Global Configuration parameter list.
- Retrieval and configuration of the custom XML file for AIX is now consistent with the other supported platforms. For details, see Global Configuration parameter list.
- The Warning Targets node is added to the Patch analysis results view. For details, see Viewing Patching Job results.
- The REST API support is now available for patching jobs on CentOS and OL ULN systems. For details, see REST API endpoints.
Compliance content enhancements
This release includes the following compliance content enhancements:
- A new DISA STIG for RHEL 8 compliance content template is added. For information about downloading and updating the template, see Updating DISA STIG for RHEL 8 to newer benchmarks.
- Updates to the following templates:
- CIS for Oracle Linux 7 is updated to version 3.0.0. For details, see Updating CIS for Oracle Linux 7 to newer benchmarks.
- CIS for RHEL 7 is updated to version 3.0.1. For details, see Updating CIS for Red Hat Enterprise Linux 7 to newer benchmarks.
- CIS for Windows 2016 is updated to version 1.2.0. For details, see Updating CIS for Windows Server 2016 to newer benchmarks.
REST API enhancements
This release offers new REST APIs for:
- Compliance and batch jobs
- Execution tasks
- Displaying database statistics and configuration details on the Operations dashboard
- Connecting TrueSight Automation Console to TrueSight Server Automation
For details, see REST API endpoints.
Deploy job enhancements
For advanced deploy jobs, you can now define a timeout for the staging phase of a job before the job is canceled. For more information, see Defining timeouts for jobs.
Operations dashboard enhancements
You can now view the database cleanup statistics and related configuration details on the Operations dashboard. For more information, see Operations dashboard.
Auto cleanup enhancements
You can now schedule weekly cleanup jobs to remove additional data that is not cleaned up by daily cleanup jobs. For details, see Scheduling the automatic data cleanup.
This release includes new BLCLI commands to create and update web repositories and update enumeration values of the ProperyClass name space. For more information, see BLCLI commands added, updated, or removed in recent versions.
For authentication between RSCD Agents and clients such as Application Server, NSH, or repeater, the following hash algorithms are now supported in addition to SHA1: SHA224, SHA256, SHA384, and SHA512
For information about using these algorithms, see these topics:
- Provisioning agents and repeaters with a fingerprint of the Application Server self-signed certificate (Windows)
- Provisioning agents and repeaters with a fingerprint of the Application Server self-signed certificate (UNIX)
- Provisioning agents with a fingerprint of the repeater's self-signed certificate
Updates in the TLS parameters
After you upgrade to version 21.02, the values of the
EnabledTlsContextProtocol properties need to be updated to avoid communication failures between the TrueSight Server Automation components, as follows:
- After you upgrade TrueSight Server Automation from a version earlier than 8.9.02, update the appserver-options.properties file to change the TLS protocol setting for the
TLSv1,TLSv1.2and restart the Application Server.
- After you upgrade to version 21.02, the value of the
EnabledTlsContextProtocolproperty is set to
TLS, which means both
TLSv1.2are supported. However, if none of the agents are using
TLSv1, we recommend you to change the property value to
TLSv1.2is not supported in your environment, set property value to
TLSv1. To avoid any communication failure, update the java.security file.
Make sure that these TLS properties are updated for all the deployment types. For more information about these properties and how to configure them, see Configuring the TLS protocol.