FireMon Asset Manager 5.0.x

Release Date: 2 May 2024

Summary

FireMon is pleased to provide this overview of the new features and enhancements made for this Asset Manager 5.0 release, which is recommended for all users.

With this release, FireMon Asset Manager moved from Centos 7 OS to Rocky 9 OS. Please note that this OS change will require a more involved upgrading procedure. Please see Upgrading to Asset Manager 5.0 for more details.

FireMon Asset Manager Edition 5.0  

The upgrade file is now available in FireMon User Center > Downloads.
The supported upgrade path to Command Center 5.0 is from the 4.10 and 4.11 versions.

For the upgrade procedure, see Upgrading Asset Manager. 

We recommend upgrading your Scouts whenever you upgrade your Command Center. However, Scouts 4.10.x and 4.11.x are compatible with the Command Center 5.0 version

Database Schema

The database schema provides a visual representation of the database. You can request the 5.0 database schema from Asset Manager Support.

CLI Commands

The Asset Manager CLI is a powerful hierarchical menu-driven interface that provides virtually all administrative functionality in the browser interface.

To administer your system using the command-line interface, see System Administration via CLI.

Security Updates & STIG 

5.0 resolves Common Vulnerabilities & Exposures (CVEs) and incorporates a variety of security-related (and non-security-related) enhancements. See Security Advisories 5.0 for a list of CVEs resolved in this release.

Highlights

With this release, FireMon Asset Manager moved from Centos 7 OS to Rocky 9 OS. Please note this OS change will require a more involved upgrading procedure. Please see Upgrading to 5.0 for more details.

To use Windows 2016 AD, you must disable FIPS in Asset Manager.

  • Create a backup file of the old system configuration

    • Install 5.0 on either a new virtual machine or the existing virtual machine

    • License the 5.0 system with a new Asset Manager license

    • Restoring data from the backup file

Meraki Improvement

Retrieve Meraki endpoints from Meraki API-derived routers/switches to facilitate endpoint discovery

Axonius Adaptor Availability

The FireMon Asset Manager Adapter is now available in Axonius. The adapter supports versions 5.0 and 4.11.

Axonius Adapters: Search IT Intergrations for Asset Manager

Carbon Black Integrations

  • Carbon Black Cloud Support. Retrieve Devices from Carbon Black Cloud into FireMon Asset Manager

  • Carbon Black EDR Enhancements

System Improvements

  • SSH Access to Asset Manager Devices via port 443. Using the Command Center command line, connect to your scouts over port 443 to access the scout shell.

  • Support TLS 1.3 in HTTPd

  • GUI Support for File Upload with Supplemental Syslog-ng Config

  • Send CEF messages to multiple syslog servers

Change Log

Improvements

LUM-4811 Meraki integration not showing any Meraki devices

LUM-4800 Amazon flags impacket, impacts WMIScanner

LUM-4795 Ingested attributes should be more distinctly named

LUM-4760 Carbon Black On-Prem Integration Updates

LUM-4759 Carbon Black Cloud Support

LUM-4735 Use "integration" scan results like "external" and generate TCP Ports and SNMP targets

LUM-4726 Restore network, hostname, license if UUID is the same

LUM-4715 Support gzip encoding when downloading feed data

LUM-4672 Update LDAP code to use sssd

LUM-4665 Rocky | AD | Refine AD Functionality

LUM-4661 Create an Integration Simulator Framework and support Meraki

LUM-4652 Support TLS 1.3 in HTTPd

LUM-4434 Add ability to send CEF messages to multiple syslog servers

LUM-4419 Security | Uptick requests

LUM-4414 Security | Uptick Flask

LUM-4198 Add SSH Access to Asset Manager devices via port 443

LUM-4174 Carbon Black Support

Resolved Issues

LUM-4765 Scanning | tcpPorts and httpDetails scanning is not working for IPv6 devices.

LUM-4738 Warehouse | Race-Condition where Warehouse fails to start with value null error

LUM-4724 External Connection Service returns an error when the external table has no data

LUM-4717 Integrations | Poll Interval can intermittently not take effect

LUM-4696 Tenable Vulnerability Management (formerly io) failing initial ingestion of chunks

LUM-4664 backup restore of a 4.11 backup causes HTTPd errors and fails to start on 5.0

LUM-4644 CLI - setting DNS or NTP servers manually shows as "set via DHCP" when viewing config.