NetIQ VigilEnt Policy Center |
Version 5.6 Service Pack 5 |
Release Notes |
Date Published: May 2013 |
|
This service pack improves usability and resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure our products meet all your needs. You can post feedback in the VigilEnt Policy Center forum on Qmunity, our community Web site that also includes product notifications, blogs, and product user groups. For more information about this release and for the latest release notes, see the VigilEnt Policy Center Documentation Web site. To download this product, see the VigilEnt Policy Center Product Upgrades Web site. What's New?The following section outlines the key features and functions provided by this version, as well as issues resolved in this release. Enhancements and Software FixesThis VigilEnt Policy Center service pack includes software fixes that resolve several previous issues. For the list of software fixes and enhancements in previous releases, see Previous Releases.
Includes VigilEnt Policy Center 5.6 Service Pack 1 and Hotfixes 72390 and 72258This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 1, including Hotfix 72390 and Hotfix 72258. For more information, see Previous Releases. Includes VigilEnt Policy Center 5.6 Service Pack 2 and Hotfix 73354This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 2 and Hotfix 73354. For more information, see Previous Releases. Includes VigilEnt Policy Center 5.6 Service Pack 3This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 3. For more information, see Previous Releases. Includes VigilEnt Policy Center 5.6 Service Pack 4This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 4. For more information, see Previous Releases. Denying Manage Folder Permissions Still Allows Subfolder CreationPermissions for adding documents to a folder are now separate from other folder management operations. Users without Manage Folders permissions can no longer change the names of folders or create or delete subfolders. (ENG258922) Deleting an Incident History Deletes the Entire IncidentAdministrators can now delete an incident history inside an incident report without VigilEnt Policy Center deleting the entire incident. (ENG324166) Apache Tomcat Error 5.5.9 When Trying to Send an Email from a ReportVigilEnt Policy Center now allows administrators to send emails to multiple users from the Combination Exception - Compliance report without errors. (ENG274274) License Count Does Not Increment ProperlyVigilEnt Policy Center now corrects calculates license usage. (ENG251437) Dashboard Combination Reports Do Not Finish RunningDashboard combination reports for policies and quizzes now complete successfully as expected. (ENG326546) Using Styles With HTML Documents in Internet Explorer 9If you create a new HTML document using the VigilEnt Policy Center HTML editor in Internet Explorer 9, you can now change the formatting of text using the drop-down style list in the browser. (ENG324958) Dashboard Reports Do Not Display Correct User Count In Some Versions of VigilEnt Policy CenterDashboard reports now show the correct number of users for policies created in any version of VigilEnt Policy Center. (ENG324099) Incident Report Start and End Date Are Auto-Populating in DD\MM\YY FormatVigilEnt Policy Center now formats Incident reports in the standard US MM\DD\YY format by default. (ENG310516) Synchronizing With LDAP Does Not WorkVigilEnt Policy Center now synchronizes properly with LDAP. (ENG304442) System RequirementsThis service pack is a complete installation and can be installed without any previous version of NetIQ VigilEnt Policy Center installed. You can also upgrade to this version of VigilEnt Policy Center from any of the following versions:
Installing This VersionComplete the following steps to install VigilEnt Policy Center 5.6 Service Pack 5. To install this version:
Verifying the Service Pack InstallationComplete the following steps to verify that the service pack installation was successful. To check the installed service pack version:
Known IssuesNetIQ Corporation strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.
Data Is Not Synchronized Over an SSL Connection to an LDAP ServerWhen trying to synchronize an external VigilEnt Policy Center repository over a Secure Socket Layer (SSL) connection to an LDAP server, no data is synchronized. The VPCSyncDebug Log reports errors, indicating that VigilEnt Policy Center is unable to access the socket. (ENG299149) If you want to use the SSL option and the Active Directory server is correctly configured with SSL, import the certificate to VigilEnt Policy Server as described in the following procedure. This procedure is required only once per VigilEnt Policy Server installation. If you have different certificates for different Active Directory servers, import each certificate to VigilEnt Policy Server. If you change domain controllers, you do not need to import the Active Directory certificate unless the certificate has changed. To synchronize an external repository with the VigilEnt Policy Center server using an SSL LDAP configuration:
C:\Users\Administrator\Desktop\test>"%JAVA_HOME%/bin/keytool" -import -file client.crt –keystore "%JAVA_HOME%/lib/security/cacerts" -alias adserv
Audit Log Not Displaying Double-Byte Languages ProperlyA known issue existed in VigilEnt Policy Center 5.5 where the audit log did not display special characters and double-byte languages properly. VigilEnt Policy Center 5.6 includes a conversion utility that provides special support features for these languages. This utility creates a backup of the audit log and then converts the existing audit log text from unicode to UTF 8. The utility affects only the current vpc-audit.log and vpcDebug.log files and does not apply to the daily backups. For more information about running the converter utility, see NETIQKB72158. (ENG284358, ENG283215)
Sorting of Documents on User SiteSelecting the Published Date option for sorting of documents on the User Site does not result in consistent sorting of documents on the User Site. Policies are sorted based on the Published Date field, but quizzes are sorted based on the Last Modified Date. Enabling Sync Logging Before Synchronizing Does Not Update Sync LogIf you upgrade to VigilEnt Policy Center 5.5 Service Pack 2 from Service Pack 1 and synchronize the repository, and then enable sync logging and synchronize the repository again, VigilEnt Policy Center does not register the updated information in the sync log. The sync itself is unaffected. To register the newly synchronized information in the log, restart the VigilEnt Policy Center service. Searching for Text in TablesWhen searching for text in VigilEnt Policy Center, if the text for which you are searching is in a table, the search does not find the specified text. (DOC246741) Tutorial References to User Site Linking OutdatedUser Site linking has been modified for this release. The references to User Site linking in the tutorials describe how the functionality worked in a previous release. (DOC239758) Using Anonymous BindIf you want to use Anonymous Bind to attach to your repository, you must configure your LDAP server to allow anonymous queries. In addition, your user and group objects must have anonymous permission. (DOC220007) Uploading Images When Using Netscape 7.1Using Netscape 7.1, you cannot upload an image when editing an HTML policy document. (ENG218943) Issues With Displaying or Reporting Results
Additions to DocumentationSupported ProductsThe VigilEnt Policy Center documentation contains a number of topics that refer to older versions of third-party software that are no longer supported in this release. In addition, the documentation has not been updated to include newer versions that are now supported. VigilEnt Policy Center no longer supports the following versions:
This release includes support for the following versions:
VigilEnt Policy Center also supports the following versions of Java:
For the most recent information about third-party software requirements, see the VigilEnt Policy Center Supported Versions page at https://www.netiq.com/support/vpc/supportedproducts/default.asp. Previous ReleasesThis service pack also includes enhancements added in VigilEnt Policy Center 5.6 Service Pack 1, Hotfix 72390, Hotfix 72258, VigilEnt Policy Center 5.6 Service Pack 2, Hotfix 73354, VigilEnt Policy Center 5.6 Service Pack 3, and VigilEnt Policy Center 5.6 Service Pack 4.
VigilEnt Policy Center 5.6 Service Pack 1VigilEnt Policy Center 5.6 Service Pack 1 includes the following enhancements and resolved issues. Resolves a Cross-Site Scripting IssueVigilEnt Policy Center 5.6 Service Pack 1 addresses a cross-site scripting issue that allowed users to execute malicious code on the VigilEnt Policy Center Administration Site or User Site. VigilEnt Policy Center now includes a filter for both sites that detects user attempts to introduce malicious code in any text entry field. When the filter detects malicious code, VigilEnt Policy Center forces the user to log out of the site and displays the login page again. The filter no longer allows the use of angle brackets (<>) in either the title or the properties of a policy document, whether you are creating or importing a document. If you try to enter new data containing angle brackets in any field, VigilEnt Policy Center will log you out of the site. In addition, if you are using the VPC Policy Editor to create a new .xml policy document and you introduce angle brackets anywhere in the document, including the body of the document, VigilEnt Policy Center will log you out of the site. However, you can still use angle brackets within the body of a policy document that is in .doc, .html, or .pdf format. If you have existing custom properties containing angle brackets in your VigilEnt Policy Center environment, after you apply this service pack you will be able to continue creating and working with policies in any format, including .xml files in the VPC Policy Editor. However, if you attempt to edit or add anything to an existing custom property containing angle brackets, such as a detailed description, VigilEnt Policy Center will require you to modify the custom property so it no longer contains angle brackets. Similarly, if you attempt to add a new value containing angle brackets for a custom property, even if the custom property name already includes angle brackets, VigilEnt Policy Center will log you out of the site. VigilEnt Policy Center logs events for attempts to execute malicious code in the vpcDebug.log file, using wording similar to the following: (ENG292411) 2010-09-16 13:26:16,890:FATAL malicious code execution was attempted: text of script detected (pentasafe.util.XSSfilter [http-8080-Processor25])
Includes Hotfix 72390VigilEnt Policy Center 5.6 Hotfix 72390 resolves an issue where VigilEnt Policy Center displayed an error when customers tried to upload new policy documents. This issue occurred in VigilEnt Policy Center environments where customers had installed Java 6 Update 20. After you apply this hotfix, VigilEnt Policy Center allows you to upload policy documents without errors. (ENG290115) Includes Hotfix 72258VigilEnt Policy Center 5.6 Hotfix 72258 resolves the following issues and provides the following enhancements:
VigilEnt Policy Center 5.6 Service Pack 2VigilEnt Policy Center 5.6 Service Pack 2 includes the following enhancements and resolved issues. Disables Cross-Site Scripting Filter by Default and Adds Option to EnableWith this service pack, the cross-site scripting filter that was added in VigilEnt Policy Center 5.6 Service Pack 1 is now disabled by default, but you have the option to enable it any time on the Administration Site and the User Site as needed for your environment. Cross-site scripting is a type of computer security vulnerability typically found in Web applications that enables attackers to inject client-side script into Web pages viewed by other users. A cross-site scripting vulnerability may be used by malicious users to bypass access controls such as the same origin policy. You can replace the default web.xml configuration file to enable or disable the cross-site scripting filter in your environment. (ENG292411, ENG312239, ENG313570) To enable or disable the cross-site scripting filter:
Includes Database Cleanup ScriptThis service pack includes a SQL database cleanup script to ensure that all existing users have the documents that they have read correctly assigned to them in the VigilEnt Policy Center database. The script also cleans up unused privileges of deleted groups, ensuring that groups are correctly assigned to documents and preventing errors when displaying documents to users. This script is saved to the VigilEnt Policy Center computer when you install the service pack, but is not automatically executed. If you have a small database or the documents in your database are already correctly assigned to users, the script will take a short time to execute. However, if your database is large, the script could take up to five hours to execute. You should first install the service pack and then run the script at night or another convenient time when users do not need access to VigilEnt Policy Center. For more information about running the database cleanup script, see Installing This Version. (ENG303729)
Adds New Quizzing Web ServiceThis service pack adds a new quizzing capability in the Web Services area. For more information, see the VigilEnt Policy Center Web Services Guide. (ENG300493) Adds New Incident Reporting Web ServiceThis service pack adds a new incident reporting capability in the Web Services area. For more information, see the VigilEnt Policy Center Web Services Guide. (ENG300733) Resolves Performance IssuesThis service pack resolves various performance issues with the Administration Site, the User Site, and Web Services. (ENG302661, ENG304041, ENG311266, ENG311310, ENG311411) Resolves an Issue With Duplicate Links to PoliciesThis service pack resolves a issue where VigilEnt Policy Center was displaying duplicate links to policies following the application of a performance fix. (ENG309775) Resolves an Issue With Missing Report DatesThis service pack resolves an issue where a published report on a policy that had been read prior to the last repository sync was missing the report date after the repository sync. (ENG303729) Resolves an Issue With Editing ACLsThis service pack resolves an issue where existing access control lists (ACLs) could not be edited on the Administration Site, though new ACLs could be created. (ENG305138) Resolves an Issue With Users Without Appropriate Permissions Seeing PoliciesThis service pack resolves an issue where, following the application of a performance fix, users were able to see the names of policies for which they did not have ACL permissions, though they were not able to actually open the policies. (ENG308524) Resolves an Issue With Reported Number of Seats OccupiedThis service pack resolves an issue where VigilEnt Policy Center was not accurately reporting the number of seats occupied for use of the product in a customer environment. (ENG309778) Resolves a Search Issue on the Administration SiteThis service pack resolves an issue where the Search function on the Administration Site did not return all expected results. (ENG300335) Resolves an Issue With Editing From and To Dates for PoliciesThis service pack resolves an issue where the Available From and Available To dates could not be edited on the Edit Properties page for policies on the Administration Site. (ENG306434) Resolves an Issue With Repository SyncThis service pack resolves an issue where the VigilEnt Policy Center repository was unable to perform a successful Active Directory sync. (ENG309517) Resolves an Issue With Creating QuizzesThis service pack resolves an issue where VigilEnt Policy Center was unable to create a quiz or add a new question to a quiz after the custom property Contributors was deleted and another new custom property was created. (ENG313356) Resolves an Issue With Missing Rows in Exported ReportsThis service pack resolves an issue where exporting reports to Microsoft Excel resulted in missing rows in the exported report. (ENG313626) VigilEnt Policy Center 5.6 Service Pack 3VigilEnt Policy Center 5.6 Service Pack 3 includes the following enhancements and resolved issues. Includes VigilEnt Policy Center 5.6 Service Pack 1 and Hotfixes 72390 and 72258This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 1, including Hotfix 72390 and Hotfix 72258. For more information, see VigilEnt Policy Center 5.6 Service Pack 1. Includes VigilEnt Policy Center 5.6 Service Pack 2This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 2. For more information, see VigilEnt Policy Center 5.6 Service Pack 2. Includes VigilEnt Policy Center 5.6 Service Pack 2 Hotfix 73354This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 2 Hotfix 73354. Hotfix 73354 resolves an issue where the Microsoft Word policy editor in VigilEnt Policy Center was unable to read, create, or edit Microsoft Word 2010 documents. (ENG299150) Adds Option to Enable Display of Unpassed Quizzes on User Site Home PageThis service pack adds the option for administrators to enable the display of the Quizzes Not Passed section on the User Site home page. This option is disabled by default. To enable this option:
When you enable this option, the User Site home page displays the Quizzes Not Passed section for each user. This section lists all quizzes that the user took but did not pass, and also displays the user top score (based on the configuration of the Privilege tab). Adds Horizontal Scroll Bar Where Policy Names Are DisplayedThis service pack includes a new horizontal scroll bar where policy names are displayed on the Administration Site. Users who have the appropriate permissions over ACLs can now more easily view the full names of policies, quizzes, and news documents. Published Documents Are Very Slow to Load for Power UsersWhen users who are members of the Power User's role login to the Admin site and load the Published documents, the list now loads quickly as expected. (ENG318549) Default ACL Is Not Assigned to New Documents in New InstallationIn a new VigilEnt Policy Center installation, when you set up a new ACL and configure it to apply to all new documents by default, VigilEnt Policy Center now correctly assigns this ACL to all new documents. (ENG277788) My Documents Page Displays the Last Score Obtained Instead of the Top ScoreOn the My documents page, VigilEnt Policy Center now correctly displays the top score per quiz rather than the most recent score per quiz. (ENG319614) VigilEnt Policy Center 5.6 Service Pack 4VigilEnt Policy Center 5.6 Service Pack 4 includes the following enhancements and resolved issues. Includes VigilEnt Policy Center 5.6 Service Pack 1 and Hotfixes 72390 and 72258This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 1, including Hotfix 72390 and Hotfix 72258. For more information, see VigilEnt Policy Center 5.6 Service Pack 1. Includes VigilEnt Policy Center 5.6 Service Pack 2This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 2. For more information, see VigilEnt Policy Center 5.6 Service Pack 2. Includes VigilEnt Policy Center 5.6 Service Pack 3This service pack includes the enhancements and fixes in VigilEnt Policy Center 5.6 Service Pack 3. For more information, see VigilEnt Policy Center 5.6 Service Pack 3. Adds Support for Microsoft Windows Server 2012This service pack adds support for the Microsoft Windows Server 2012 operating system. Adds Support for Microsoft SQL Server 2012This service pack adds support for the VigilEnt Policy Center database running on Microsoft SQL Server 2012. Adds Support for Microsoft Internet Explorer 9This service pack adds support for the Internet Explorer 9 browser on the Administration Site and the User Site. User Site URL Allows Access to Local File SystemVigilEnt Policy Center no longer allows malicious users to gain access to the local file system or perform other malicious actions by modifying the User Site URL. (ENG324488) Document Editor Does Not Release File LockWhen a policy document is opened and edited on the User Site, the Microsoft Word document editor now releases the file lock when the document is closed, allowing other users to open that document. (ENG321985) Users with Passwords Longer Than 20 Characters Cannot Log InThe maximum number of characters that VigilEnt Policy Center allows for user passwords has been increased, so users can now log in with passwords containing up to 120 characters. (ENG314852) Not All Incident Types Are DisplayedWhen you create a large number of incident types and add them to an Incident administrator, VigilEnt Policy Center now displays them all as expected under the administrator's responsibilities. (ENG295808) Unable to Migrate User DataVigilEnt Policy Center now successfully migrates compliance and ACL data for existing users to new user accounts. (ENG321566) Pressing Enter Does Not Display Search ResultsWhen you perform a search for policies on the User Site, VigilEnt Policy Center now displays search results as expected whether you press Enter or click Go in Internet Explorer. (ENG289379) Available Documents and Selected Documents Lists Not Wide EnoughThe width of the Available Documents and Selected Documents lists has been increased so these lists now display the full title of documents. (ENG322740) Contact InformationOur goal is to provide documentation that meets your needs. If you have suggestions for improvements, please email Documentation-Feedback@netiq.com. We value your input and look forward to hearing from you. For detailed contact information, see the Support Contact Information Web site. For general corporate and product information, see the NetIQ Corporate Web site. For interactive conversations with your peers and NetIQ experts, become an active member of Qmunity, our community Web site that offers product forums, product notifications, blogs, and product user groups. Legal NoticeTHIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT ARE FURNISHED UNDER AND ARE SUBJECT TO THE TERMS OF A LICENSE AGREEMENT OR A NON-DISCLOSURE AGREEMENT. EXCEPT AS EXPRESSLY SET FORTH IN SUCH LICENSE AGREEMENT OR NON-DISCLOSURE AGREEMENT, NETIQ CORPORATION PROVIDES THIS DOCUMENT AND THE SOFTWARE DESCRIBED IN THIS DOCUMENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. SOME STATES DO NOT ALLOW DISCLAIMERS OF EXPRESS OR IMPLIED WARRANTIES IN CERTAIN TRANSACTIONS; THEREFORE, THIS STATEMENT MAY NOT APPLY TO YOU. For purposes of clarity, any module, adapter or other similar material ("Module") is licensed under the terms and conditions of the End User License Agreement for the applicable version of the NetIQ product or software to which it relates or interoperates with, and by accessing, copying or using a Module you agree to be bound by such terms. If you do not agree to the terms of the End User License Agreement you are not authorized to use, access or copy a Module and you must destroy all copies of the Module and contact NetIQ for further instructions. This document and the software described in this document may not be lent, sold, or given away without the prior written permission of NetIQ Corporation, except as otherwise permitted by law. Except as expressly set forth in such license agreement or non-disclosure agreement, no part of this document or the software described in this document may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, or otherwise, without the prior written consent of NetIQ Corporation. Some companies, names, and data in this document are used for illustration purposes and may not represent real companies, individuals, or data. This document could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein. These changes may be incorporated in new editions of this document. NetIQ Corporation may make improvements in or changes to the software described in this document at any time. U.S. Government Restricted Rights: If the software and documentation are being acquired by or on behalf of the U.S. Government or by a U.S. Government prime contractor or subcontractor (at any tier), in accordance with 48 C.F.R. 227.7202-4 (for Department of Defense (DOD) acquisitions) and 48 C.F.R. 2.101 and 12.212 (for non-DOD acquisitions), the government's rights in the software and documentation, including its rights to use, modify, reproduce, release, perform, display or disclose the software or documentation, will be subject in all respects to the commercial license rights and restrictions provided in the license agreement. © 2013 NetIQ Corporation and its affiliates. All Rights Reserved. For information about NetIQ trademarks, see http://www.netiq.com/company/legal/. | ||||||||||||||