Security

Reply
Aruba Employee

Re: ClearPass Release Announcements

All,

We are proud to announce the immediate availability of ClearPass 6.6.7! In addition to bug fixes, this release also includes several new features that our Engineering and QA team have worked tirelessly to include:

  • Aruba Integration
    • Support for ArubaOS-Switch Downloadable Roles (requires AOS-SW 16.04)
  • Logging/Alerting
    • Trigger system event when OCSP server checks and/or CRL download fails
  • Authentication
    • Ability to fall back from OCSP to CRL when OCSP is unavailable
    • Ability to write TACACS+ policies matching on Service type
  • Enhanced Support for Third Parties
    • Support for Palo Alto Networks timeout variable.
    • A new “Compliance” attribute for endpoint entities added to support Airwatch compliance flags
  • Insight
    • New Guest Devices-Expired report
    • New Guest Users-Expired report
  • Onboard
    • Ability to customize the ‘subject’ used in certificate signing request (CSR) when defining a new Registration Authority
  • OnGuard
    • Upgraded OnGuard Plugin (OEISIS SDK) from v3 to v4)
    • Ability to learn OS Build Number for use with Windows 10 posture policies
    • Automatic language change based on Windows OS settings (English, French, Japanese, and Korean)
    • Ability to present a custom wizard/interface to guide users through remediation
    • Ability to modify the way OnGuard agent communicates with ClearPass (FQDN, IP, or hostname)
  • Platform
    • Support for NTP authentication
    • Added Console timeout support and unified WebUI timeout
    • Notify successful/unsuccessful logins & last login information in Console, SSH, and WebUI when running in Common Criteria mode

 

As always, please take note of the ‘Changes of Behaviors’ section of the release notes (attached).

 

The update images have been posted to the support site (Aruba Support site) and the software updates portal.

 

A big thanks and congratulations to the ClearPass Engineering and QA teams for reaching this milestone!

 

Best regards,

The ClearPass Team

Guru Elite

Re: ClearPass Release Announcements

New hotfix for ClearPass 6.6.7 now available

This hotfix patch will includes the following features:

  • Support for SMBv2 and SMBv3
    (commonly used with PEAPv0/EAP-MSCHAPv2)
    • Ability to use SMB v3 and SMBv2 automatically
      • SMBv3 will be preferred
      • SMBv2 will be used only if SMBv3 is not enabled on server
      • SMBv1 will be used only if SMBv2 is not enabled on server
  • Resolves RADIUS server crash when EAP-TLS clients send zero length certificates during TLS exchange

This patch should be applied after upgrading to ClearPass 6.6.7 for customers leveraging EAP-TLS and/or MSCHAP-based EAP methods (commonly PEAPv0/EAP-MSCHAPv2).

 

The patch has been posted to the support site (Aruba Support site) and the software updates portal.

 

Hotfix release notes: http://www.arubanetworks.com/techdocs/ClearPass/CP_ReleaseNotes_6.6.7_HOTFIX_SMBv1-v2/Default.htm


Tim Cappalli | Aruba Security TME
@timcappalli | timcappalli.me | ACMX #367 / ACCX #480
Aruba Employee

Re: ClearPass Release Announcements

We are pleased to announce the immediate availability of ClearPass 6.6.8!  This release is predominantly around bug and security fixes.  Some of the issues resolve in this release that our Engineering and QA team have worked tirelessly to include:

 

  • SMB v2/v3 Support
    • Roll-up of 6.6.7 hot fix for SMB support
  • OnGuard support for MacOS 10.13 (High Sierra)
  • Security Fixes for the following vulnerabilities
    • CVE-2017-9804 and CVE-2017-12611  (Apache Struts)
    • CVE-2017-9001 and CVE-2017-9002 (ClearPass)
    • CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, and CVE-2017-9229 (PHP)

 

 As always, please take note of the "Changes of Behaviors" section of the release notes (attached).

 

The update images have been posted to the support site (Aruba Support site) and the software updates portal.

 

A big thanks and congratulations to the ClearPass Engineering and QA teams for reaching this milestone & to the TechPubs team for their work on the Release Notes and manuals!

 

Best regards,

The ClearPass Team

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: