5.1.1 Central Management release

18 May, 2018

Central Management 5.1.1 is intended to be a maintenance release. It tries to address issues arose in the previous version that –to some extent– was a completely new product (previously Central Management was capable to manage MetaDefender Core only; now Kiosk, Client, Email Security and ICAP server are supported as well).

Reconnect Not Managed instance

Previously it was not supported out of the box to take an instance back under Central Management control after it has been disconnected.

We have a function now to reconnect an unmanaged instance:

LDAP user directory type

Besides Local and Active Directory type user directories, from release 5.1.1 Central Management supports the new, LDAP type user directories. This new feature will help organizations that use LDAP directory services, to integrate their directory service based user management to Central Management's user management.

To add users from your LDAP directory service to Central Management's Web Management Console, go to Settings > User Management / USER DIRECTORIESand click ADD NEW USER DIRECTORY. Select LDAP as USER DIRECTORY TYPE.

Multiple LDAP and AD servers support

To support redundant (load balancing or high availability) directory service systems, it is now possible to specify multiple LDAP and Active Directory servers for LDAP and Active Directory type user directories respectively.

Central Management will try all the servers to establish a successful connection when authenticating users.

Manually specify API keys

The only way to create an API key was previously to generate it using the Generate link.

Now it is possible to enter API keys manually. It is useful when the same API key needs to be used for a certain account on all instances of a product so that this API key can be configured in Central Management.

Please note that validation rules apply.

Minor usability improvements

• Pagination is now supported for the Unhealthy Instances page. Previously the long list of unhealthy instances could slow down or even crash certain browsers.

• When the Settings or the Policy of an instance have just changed, Central Management now displays a message to warn the user to remember committing the changes:

  

Periodically upgrade schema version of instances

Previously Central Management queried the configuration descriptor (schema) for a certain product at the time of the addition of the first product instance. Later this schema was no updated automatically. As a result, the configuration capabilities did not improve on Central Management side even if a newer version of the product has already been taken under management.

Now Central Management periodically queries the schema version of each connected instance of a product and updates its own configuration capabilities to the newest possible version that is supported by all connected instances.

Central Management failed to deploy updates

Under special circumstances Central Management failed to deploy huge anti-virus database updates. It was a timeout issue.

Server profiles were not centrally manageable

Server profiles are an integral part of the security rules of ICAP Server and Email Security. The Email Security and ICAP Server security rules were previously supported by Central Management, but server profiles were not.

With version 5.1.1 Central Management supports centralized configuration of server profiles of ICAP Server and Email Security type instances.

Rights were not configurable for Unhealthy Instances

It was not possible to restrict access rights to the Unhealthy instances page. It is configurable now under Settings > User Management / ROLES .

Clients were reported as Not Activated

MetaDefender Client instances' license status was reported in Central Management as Not Activated. Client can, however, be not activated at all. From now on license status for Clients will be displayed as N/A (not applicable).

(Similarly for health status: it is not applicable for Clients. It will be N/A.)

Some labels were not completely clear

Some lables of the Central Management UI were not expressive enough or downright misleading.

Maximum parallel update settings were not used

Under Settings > Global there was the Maximum number of parallel update transfer option that was not implemented at all (it did not do anything).

It was renamed to Maximum number of instances managed in parallel and it controls the maximum number of instances that are managed in parallel, in the same time. The goal is to provide option for administrators to restrict Central Management's footprint in the network traffic.

Assign users to custom Kiosk workflows

Central Management is not yet capable to assign member users to custom Kiosk workflows.

As a workaround, custom Kiosk workflows are removed from under Central Management control with Kiosk version 4.2.2.

For details see Kiosk section in 4.5. Product integration limitations.