12. Release notes

MetaDefender Core v4.18.0

Released on 26 May 2020

This is a major release primarily focused on new features

New features / Behavior changes

 

Single Sign On (SSO) Authentication

Additional to already-supported various authentication models (Local, Active Directory, LDAP), now MetaDefender Core also supports authentication using SSO with widen integration coverage for most of Identity Providers (IDP) via SAML 2.0 and OpenID Connect 1.0 standard support.

Brand New MetaDefender Core API Guide (Sample Codes Available)

Brand new design and standardized API documentation (following OpenAPI V3 specification), auto-generated sample codes on various programming languages supported helps your API integration even easier.

Database Defragmentation and Optimization

When your scan database grows big, it might cause performance degradation (e.g. timeout on client requests). Now MetaDefender Core administrators can be notified on the UI (also warning logs), and you are supported to perform database defragmentation and optimization including multiple stages to vacuum and defrag your database without loss of actual scan data.

As a result, your database file size could be reduced which helps boost processing performance tremendously over usage time.

Comprehensive Statistics On Processing Data

Featured in an interactive UI help you gain deeper insights on your processing filtered by every workflow rule, breaking down into each file type. Last but not least, you are also supported to select time range to calculate statistics data.

Data Reporting (Business Intelligence)

When enabled, MetaDefender Core will auto-sync your historic processing data to OPSWAT dedicated servers. That helps us gain more visibility on your processing load and how our product is being used, and thus we could improve our product to accommodate your use-case better. You are supported to customize which piece of information should be shared with OPSWAT, and when to share.

By default, this feature is disabled to respect your privacy rights and save performance impact.

Webhook Continuous Improvement

  • New setting mode to control callback timeout and retry (configurable via REST API)

  • Stability improvement to avoid being stuck on callback and crashing on Node service

High Load Processing Improvement

When running under high load, file type usually returns "Not Available" caused by various reasons. Product logic enhanced to elaborate causes, and improved stability on the product.

We keep working on this matter to ensure our customers have the most stable product running under high load as much as possible.

Configurable Behavior On Archive Extraction Failure

Configurable settings on workflow rule to let you tweak and decide MetaDefender Core final scan verdict when a processing archive file failed to extract for some reasons.

The default selection on each designated extraction failure reasons (invalid file structure, extracted partially,...) will be different on each workflow rule depending on use-case characteristics. Please make sure you are aware of the new settings and adjust them accordingly tailored to your security demand.

Archive Extraction Failure Exposure

Archive extraction failure reasons exposed to both REST API response and UI.

Encryption on Archive & Document Sanitized Files

Help retain password protection on supported archive and document files (.zip, .7z, .pdf, MS Offices) upon sanitized successfully.

Sanitization Forensic Details Enhancement

When sanitized successfully, an even more comprehensive forensic available on both UI and REST API level letting you know all processed object details (e.g. what exact hyperlink was sanitized).

Processing File Information Enhancement (File Type Category)

File type category is now available on REST API response along with other already-supported file information.

MetaDefender Core Log Rotation Experience Improvement

This feature is now enabled by default applicable to both upgrade and fresh install scenario.

Workflow Rule For MetaDefender For Secure Storage

With the best practice to serve MetaDefender For Secure Storage use-case, we have a new dedicated workflow rule with designated configurations.

Archive Processing Result Retrieval API Enhancement

Applicable to pagination fashion polling GET /stat/log/scan?first={start_item}&size={number_of_items_next}, now the action ran information available in JSON response

FIPS Object Module 2.0 Bundled

Operating product in FIPS mode enabled on Operating System

Bug fixes

File Scanning Process Stuck

When the custom engines stopped its process for reasons (updating while scanning / crashed), the running scans on Core could not be finished and stayed at 95% forever.

MetaDefender Core Service Crashed (Webhook Mode)

When using webhook mode, and callback can't be sent back to client, the MetaDefender Core service could be crashed.

Memory Leak While Updating Engines Automatically

The memory could be leaked on ometascan-node process while updating engines in online mode.

Scan Details Missing From Recursive Scan Results

While fetching scan results on all nested files in big archive file GET /archive/{data_id} the "scan_details" field from the top-level root archive was empty.

Input Field Overflow On Management Console UI

Preventing invalid values putting in UI configuration controls (Deep CDR, Archive)

Archive Timeout File Skipped For Scanning

None of AV engines actually scanned archive file when archive timeout occurred