September 17, 2018 (EMP 11.1.0)

Update for: m25, m35, r45, v35

Release notes for Enterprise Monitoring Point version 11.1.0.

Enhancements and new features

  • Enhanced system access controls—We have made improvements to system access control by disabling SSH access by default and by providing the ability to configure Access Control Lists (ACLs). Access to the SSH service will be disabled upon upgrading to the EMP 11.1.0 release. It can be enabled via the Monitoring Point API if required. Endpoints include:
    • GET /access_control/ssh/
    • PUT /access_control/ssh/ ACLs can be configured using the API as well. Endpoints include:
    • GET /access_control/acl/
    • PUT /access_control/acl/
    • DELETE /access_control/acl/
  • IPsec tunnel support—We have added API support for IPsec tunneling. This enables you to create an interface that uses an IPsec tunnel when monitoring a target. Endpoints include:
    • GET /tunnel/
    • POST /tunnel/ipsec/
    • GET /tunnel/ipsec/
    • GET /tunnel/ipsec/{id}/
    • DELETE /tunnel/ipsec/{id}/

Changes to be aware of

  • The API endpoints for LDAP have been moved from /ldap/ to /access_control/ldap/ in order to keep all the access control endpoints in one place under /access_control/.
  • The API endpoint for SSL has been moved from /tunnel/ to /tunnel/ssl/ in order to make room for IPsec tunnel configuration.

Resolved issues

ID Keyword Description
MP-136 NTP We fixed an issue where loading NTP configuration information onto a virtual Monitoring Point caused the Web UI to fail.
MP-20 Security We fixed an issue where there was a delay after network or Monitoring Point restart in which the ACL list was not applied. This caused an system access vulnerability for the delay period.