2021-2022
Call to Action!
What's new in Product Documentation
We're constantly improving our live product documentation. Find out below what's new or updated.
This list is evolving, so be sure to check back often.
Tip: Click the item's version number to see the changes in the online docs for that version.
August 2022
New content
Now you can configure incoming mail for
Updated content
This new parameter impacts the general behavior for FortiManager gateways throughout the system. Set FORTIMANAGER_Auto_Tree_Update_Enabled to yes to automatically add/remove/move gateways for Fortinet FortiManager devices.
July 2022
Updated content
Formerly presented as an optional step, we now recommend creating a custom UID parser when setting up SSO.
April 2022
New content
New instructions how to disable hyper-threading on a Azure instance.
VERSIONS: A32.00
January 2022
Updated content
We've added a step in the migration process: install A32.00 via flashdrive or iLO on AlgoSec Hardware Appliances that come pre-loaded with A32.10.
VERSIONS: A32.00
December 2021
New content
New topic that drills down into traffic and audit logs: what they are, how the system uses them, and how to troubleshoot issues with logs.
Updated content
We added instructions to disable hyper-threading on
VERSIONS: A32.00 LINK1 and A32.00 LINK2
November 2021
New content
Now you can to install ASMS A32.00 on a new or re-purposed AlgoSec Hardware Appliance using the HPE iLO 5 Web Interface.
VERSIONS: A32.00
October 2021
New content
Error message details have been added to FireFlow REST APIs pages.
We've added a new topic that explains how to increase the disk space of a newly deployed AWS instance (running CentOS 7) by extending your out-of-the-box storage device.
VERSIONS: A32.00
Updated content
We updated the steps for what to do if you have configured an SSL certificate pass phrase: how to remove it (recommended) or copy the ssl passphrase file manually to the target.
VERSIONS: A32.00
September 2021
Updated content
We've added details about required permissions for creating a custom FMC user role for Cisco Firepower devices.
VERSIONS: A32.00
Algosec_conf menu item 17 Services Status has been changed to System Health. You can check your system's compliance with prerequisite requirements by running upgrade readiness checks prior to upgrading your system. First download build files to your system. Then, in the algosec_conf menu, enter option 17 System health, and enter 3 Check upgrade readiness. To check services status, enter option 1.
VERSIONS: A32.00
August 2021
Updated content
We've added a list of OOB commands to run baseline compliance reports per vendor/device type.
VERSIONS: A32.00
We updated the Portal's Download > Software > Download AlgoSec Security Management Suite section. Now for the A32.00 upgrade/migration, you can to download software packages for all nodes in one place. This ensures that all the builds you use during the procedure are the same. We've updated the documentation to reflect this.
VERSIONS: A32.00
Updated traffic specified between Central Manager and HA / DR Site.
VERSIONS: A32.00
We added new prereq requirements for port connectivity to NAS and Mail servers for the migration target machine.
VERSIONS: A32.00
June - July 2021
New content
Allows nodes (Remote Agents / Central Manager) to receive syslog messages from devices they do not directly manage.
Updated content
We've updated the Deployment Checklist.
VERSIONS: A32.00
You can now choose to include in the response: source/destination zones of rule of zone-based devices (includeRulesZones) and devices paths (includeDevicesPaths).
VERSIONS: A32.00
May 2021
Updated content
Updated instructions to configure an external Syslog server for AFA messages.
VERSIONS: A32.00
Java 11 is mandatory for the log collection functionality of the external syslog-ng server in A32.00. Added explanations and tips when either replacing the existing syslog server or updating it.
VERSIONS: A32.00
We've added some new important tips for your AlgoSec VMware Deployment.
VERSIONS: A32.00
If your AFA is currently using a customized brand_config.xml in /home/afa/.fa/plugins/BRAND, we recommend you contact AlgoSec support before updating your ASMS to verify that all updates will be implemented. See AlgoPedia article.
VERSIONS: A32.00
Added more specific recommendation for Azure deployments on ASMS: Ensure that your Azure instance includes Premium SSD high performance storage, type P-20 and above.
VERSIONS: A32.00
April 2021
New content
SuggestSectionName is used to suggest new values for any of the extra properties of the traffic line of the current change request. It returns a hash of all suggested values for the properties.
Describes the secure installation and administration of an AlgoSec Appliance 2xx3 series device, installed with AlgoSec Appliance software version A32.00 CentOS 7.
VERSIONS: A32.00
Added explanation of AddRecTypeWorkOrder parameter. You can set FireFlow recommendations when a Work Order is created, to modify a rule only, to add a new rule only or to enable to do either.
VERSIONS: A32.00
Added a step to open a unidirectional connection via Port TCP/9094 from ASMS to your AlgoCare DNS names.
VERSIONS: 1.2.0
If the IP address you are changing to has been used before on your system, connectivity may be blocked because the previous MAC address associated with the IP remains in cache. If this happens, wait until this resolves on its own (cache expires), or flush the switch caches that may hold old settings.
VERSIONS: A32.00
Performing any hardening procedures on the target machine before the migration process is complete may cause the migration to fail.
When relocating devices to the Central Manager (CM): first complete relocating devices to the CM before continuing to subsequent steps, or data loss may occur.
VERSIONS: A32.00
New prereq check: "The mail server [IP] on port [PORT] is unreachable from the target node [IP]".
VERSIONS: A32.00
New video
In addition to the ability to filter risks for cloud types, accounts and regions, you can now focus your risk analysis and remediation on specific categories of risks identified by tags (key/value combinations) applied to the cloud platform assets. Customers can leverage this capability to focus on analyzing and remediating risks related to specific applications.
VERSIONS: A32.00.
March 2021
New content
New topic explains how to configure AutoDiscovery to discover traffic in an environment where load balancers are present.
VERSIONS: A32.00
SuggestSectionName is used to set the value of a section of new rule when work order suggests adding a new rule.
SuggestRuleName is used to set a rule name in change requests when the work order contains a rule that does not yet have a name (i.e. a new rule).
Use to allow zone names instead of the AFF recommendation in the work order. controls the Source Zone and Destination Zone Fields in Palo Alto (Panorama) Work Orders.
Updated content
Procedure added explaining how to repurpose an ASMS machine to run as an AutoDiscovery sensor.
VERSIONS: A32.00
Added a step for virtual appliances source and target machines: to verify that the newest VMware Tools package version is installed and is up-to-date.
VERSIONS: A32.00
Added further best practices recommendations for VMware.
VERSIONS: A32.00
Added considerations for Azure deployments
VERSIONS: A32.00
New video
AutoDiscovery is so much easier to setup in A32. Find out how you setup AutoDiscovery for your production environment.
VERSIONS: A32.00.
AutoDiscovery is so much easier to setup in A32. Find out how you setup AutoDiscovery for your PoC environment.
VERSIONS: A32.00.
Running a connectivity check in CloudFlow allows you to observe how traffic is routed across your entire hybrid network. You can use this information to troubleshoot, reduce risk across the whole hybrid network, and more.
VERSIONS: A32.00.
January -February 2021
New content
Added a new page, containing tips related to each VM in your distributed environment.
See
Added a new page called Increase disk space of a new AlgoSec VM including a how-to video.
VERSIONS: A32.00
Added a requirement for disk write speed of CentOS 7 migration target: "We recommend disk write speed of at least 300MB/s; system performance will improve as the speed increases. Minimum allowable is 80MB/s. "
VERSIONS: A32.00
Added to VERSIONS: A32.00 Upgrade/migration steps. In Run system checks area: If you are not currently using FF, make sure that the value of the fireflow_configured parameter in /home/afa/.fa/config is set to no.
VERSIONS: A32.00
Updated content
Added a tip how to determine the bandwidth between the source machine and target.
VERSIONS: A32.00
Added instructions for problems with NAS connectivity and permission levels.
VERSIONS: A32.00
Added tips how to check your disk speed and for VMware, to improve disk speed performance.
VERSIONS: A32.00
This parameter can be set to allow calculation of the initial plan phase in AFF on a Device Group instead of All Firewalls
Removed a mistaken parameter from the API. This API has no request parameters.
See
These AppViz configuration parameters have been added at the request of AppViz:
application.search.page_size
endpoint.recent.page_size
endpoint.search.page_size
service.recent.page_size
service.search.page_size
See
Clarification of UUID description.
Updated explanation of where to get DeviceID parameter value.
VERSIONS: A32.00
Tech docs page Prepare an AlgoSec hardware appliance specs list was updated with additional items.
See