Page tree

FireMon is pleased to provide this overview of the new features and enhancements made for this Asset Manager 4.9 release, which is recommended for all users. Any additional maintenance releases (4.9.0.x) will be added to this topic. 

FireMon Asset Manager Edition 4.9

The upgrade file is now available in FireMon User Center > Downloads.
The supported upgrade path to Command Center 4.9 is from the 4.8 and 4.7 versions.

For the upgrade procedure, see Upgrading Asset Manager. 

We recommend that you upgrade your Scouts whenever you upgrade your Command Center. However, Scouts 4.7x and 4.8x are compatible with the 4.9 version of the Command Center. 

For customers upgrading from 4.7, previous branding customizations will be reapplied after the upgrade to FireMon Asset Manager 4.9.

For customers upgrading from 4.5 or 4.6, previous branding customizations will not be reapplied after the upgrade to FireMon Asset Manager 4.9. Contact for instructions on how to rebrand after upgrading.  

FireMon Support knows customers deploying an OVA using ovftool may receive a warning message (Warning: No supported manifest ... ). This message can be ignored, and its reason will be corrected in a 4.9 fix release or the 4.10 release. 

Database Schema

The 4.9 database schema shows a visual representation of the database. 

CLI Commands

The Asset Manager CLI is a powerful hierarchical menu-driven interface that provides virtually all administrative functionality in the browser interface.
To administer your system using the command-line interface, see System Administration via CLI.

Security Updates & STIG 

4.9 resolves Common Vulnerabilities & Exposures (CVEs) and incorporates a variety of security-related (and non-security-related) enhancements. See Security Advisories 4.9 for a list of CVEs resolved in this release. 

Release Highlights

Profile Pattern Builder

Profile Pattern Builder is our brand-new user interface that empowers field engineers and administrators by providing a UI-based environment in which to build upon Asset Manager’s vast profile pattern library.  With a user-driven search function, you can quickly search all assets for meaningful, profileable attribute matches and create a new custom profile on the fly. 

Previously, a manual method was used; you had to create a custom query to identify matching assets, write and test a regex expression, and then manually update an XML template and import that .xml file into the system. 

The manual method will remain available for anyone who wishes to still use it.  

Example of using Profile Pattern Builder

Profile Pattern Builder Step 1: Enter a Matching Expression

Profile Pattern Builder Step 2: Enter the pattern data

Profile Pattern Builder Step 3: New pattern output

Deployment Health Dashboard

The new Deployment Health Dashboard is a visual tool created for customers to aid in their deployment process and to ensure their success with Asset Manager.  Whether you are standing up a new Command Center or checking the general health of a long-standing deployment this feature provides all of the critical benchmarks needed to ensure your deployment will yield maximum results. We now provide Key Indicators by Zone, can be used to detail the size (in IPs) of your crucial configuration lists (Target, Known, Avoid and Stop).  Other counts such as actively vs passively discovered assets, DNS resolved assets, forwarders and stealths, assets with open and closed ports and individual profiling data-source responsiveness (cifs, certs, http banners).  These counts give you a very fast and very informative look into your overall deployment and the general effectiveness of your current configuration/visibility.

Examples of the Deployment Health dashboard

The Deployment Health Dashboard of Key Indicators

The Deployment Health Dashboard provides a breakdown of your private vs. public IP counts per zone as well as your SNMP credential utilization across zones.

You can review the most recent Target Status with collector, scantype and protocol in a single searchable table widget to determine how and why any asset was discovered (relative to targeting). 

The Responses by Zone, Scantype and Protocol table gives you counts of your discovery responses across the deployment.

Change Log 


LUM-4306Uptick openssh to 9.3p2 or later
LUM-4287Analyze ZoneData.getDevices.idlist for performance under many attributes
LUM-4285Scout disconnect from Command Center due to issues with httpd24-httpd service failing
LUM-4271Feature Request: CLI command System reinit display the existing network values
LUM-4256Security | Uptick python3
LUM-4252Replace McAfee logo with Trellix logo in our UI
LUM-4241Disallow console logins while system is starting up
LUM-4235Refinements of gracefully preventing user from logging in to CLI until system is completely ready to accept logins
LUM-4227Right justify numeric types in grid widgets
LUM-4224Render commas in widgets for the applicable integers
LUM-4223Support column pinning in table widgets
LUM-4222Uptick Bouncy Castle in lumeta-api
LUM-4221Add support for hyper-v and azure to platform in sysObjectId
LUM-4207Devicify integration devices
LUM-4201Add API call to list / show / set timezone
LUM-4200Clean up integrations configuration code for zones
LUM-4199Warehouse: Improvements and fixes to CSV uploads
LUM-4191Devicify Tripwire Integration Devices
LUM-4189Tripwire | CLI | Add server and credential options
LUM-4178Change to sshd_config to pass Azure certification
LUM-4177Uptick 3rd-party libraries
LUM-4176Update rpms based on Nessus and R7 scans for 4.9
LUM-4172Create "deployment health" dashboard that shows fundamental discovery statistics
LUM-4166Fix rogue "Lumeta" in enterprise SNMP response
LUM-4147Warehouse: Support Elasticsearch as an external data source
LUM-4132Create "set collector uuid" API call
LUM-4131Write script to ingest log bundle with spool files
LUM-4100Tripwire | GUI | Replace Logo to new Fortra color theme
LUM-4094FireMon | API | Server Error 500 when Risk Analyzer is not configured on SIP
LUM-4077Uptick Bouncy Castle in discovery
LUM-4067Uptick JRE to Temurin 17 latest
LUM-4044OpenSSL vulnerabilities
LUM-3702Feature Request: Profiling Improvement Zebra Technologies
LUM-3426Add timezone's to event.* tables

Resolved Issues

LUM-4317Integrations | CLI | Invalid values for purge and test commands hook to Infoblox
LUM-4308API savedQuery is failing with no error to the user
LUM-4277Warehouse saved queries, widgets and dashboards have some differences between upgrade and netboot.
LUM-4274CLI authentication pki ssh install will not accept username with period
LUM-4269Patterns | Cannot import an exported pattern file
LUM-4263Path doesn't handle responses from well
LUM-4262Patterns | Retain Pattern Database after a System Config Import
LUM-4259Patterns imported even if the user presses Escape when asked whether to Overwrite Existing Patterns
LUM-4253Patterns | Overwrite does not work deleting all existing patterns and Success popup window does not show occassionally
LUM-4236When login is disabled, GUI displays error
LUM-4228Queries | Editor | Saving the widget fails after the first save
LUM-4226error on shutting down scan agent
LUM-4203Support Tools | Import Systems | System Config import may fail when containing custom patterns
LUM-4195Cannot export 'Port Density' query
LUM-4185CLI - for tenable SC integration setting api key authentication is not working
LUM-4164Warning message about no zones is not completely visible on Zones page
LUM-4144cloud scanner with Target Discovered Devices enabled is not targeting devices
LUM-4133Integrations | API | Seeing "unable to find valid certification path to requested target" when enabling integration
LUM-4119Security | Uptick nss
LUM-4045UI | "No zone" Warning toast message is empty
LUM-3994Dashboards | Delete widget doesn't delete the widget, but displays success message

Change Log 


LUM-4371Corrected upgrade files being flagged as malware

Resolved Issues

LUM-4385Upgrade - when FIPS is enabled upgrade is getting errors
LUM-4346GUI table widgets show "No Data Available" before showing data

Change Log 


LUM-4402Need to ingest 'all devices' managed by Tenable

Resolved Issues

LUM-4394Archived Collector appearing in Integrations Dashboard to add IP to a collector
LUM-3981Infoblox | API | Bulk post fails with "Unknown argument/field: 'mac'" response
  • No labels