Security Agent for UNIX includes new features, improves usability, and resolves several previous issues. Many of these improvements were made in direct response to suggestions from our customers. We thank you for your time and valuable input. We hope you continue to help us ensure that our products meet all your needs. You can post feedback on NetIQ Communities, our online community that also includes product information, blogs, and links to helpful resources.
The documentation for this product is available on the NetIQ website in HTML and PDF formats on a page that does not require you to log in. If you have suggestions for documentation improvements, click comment on this topic at the bottom of any page in the HTML version of the documentation posted at the Security Agent for UNIX documentation page. To download this product, see the Micro Focus Downloads page.
The following sections outline the key features and functions provided by this version, as well as issues resolved in this release:
Enterprises and data centers need to find ways to monitor, manage, and protect sensitive data stored in large data-storage systems such as NetApp. Security Agent for UNIX 7.6, when deployed with Change Guardian 5.1 and later, can monitor data in NetApp storage. This helps you to track, audit, report and take appropriate action to secure sensitive data.
NOTE:You must install Security Agent for UNIX on a RHEL or SLES Linux platform to monitor NetApp.
There are several updates to the certified platforms:
Security Agent for UNIX is now certified on the following platforms:
SUSE Linux Enterprise Server (SLES) 12 SP3 (64-bit-kernel, 64-bit-agent)
Red Hat Enterprise Linux Server (RHEL) 7.5 (64-bit-kernel, 64-bit-agent)
Red Hat Enterprise Linux Server 6.9 (64-bit-kernel, 64-bit-agent)
Security Agent for UNIX is deprecated on the following platforms:
Red Hat Enterprise Linux Server 7.2 (64-bit-kernel, 64-bit-agent)
Red Hat Enterprise Linux Server 6.7 (64-bit-kernel, 64-bit-agent)
SUSE Linux Enterprise Server 12 SP2 (64-bit-kernel, 64-bit-agent)
For more information, see the Technical Information page.
Security Agent for UNIX includes enhancements and software fixes that resolve several previous issues.
Security Agent for UNIX no longer slows down RHEL computers. (Bug 1063296)
Install or upgrade now sets default file and group ownership explicitly to root. (Bug 1077267)
Issue: Security Agent for UNIX does not failover from a primary to a secondary Sentinel event destination. (Bug 1048396)
Fix: Security Agent for UNIX can now failover to a secondary Sentinel event destination. This destination then serves as the primary event destination until the service restarts or next failover.
Issue: Auto scan reports all agents in UAM as down, though agent processes are running. (Bug 928079)
Fix: Auto scan reports that all agents work fine in UAM.
For detailed information about hardware requirements, supported operating systems and browsers, see the Technical Information page.
You can deploy and manage Security Agent for UNIX using the following:
UNIX Agent Manager (UAM)
Change Guardian Agent Manager (CG AM)
Both UAM and CG AM allow you to remotely install one or more Agents. They also allow you to install and reconfigure the selected Agent components directly on the assets you need to monitor, without having to interact with the Agents individually. However, there are certain specific functionalities available only on UAM or CG AM. Depending on your requirements, you can decide whether you need to install UAM, CG AM, or both. UAM and CG AM can coexist. For more information, see Understanding Security Agent for UNIX.
Review the deployment considerations to understand how you can install and manage agents. For more information, see Deployment Considerations.
For more information about installing these components, see the Security Agent for UNIX Installation and Configuration Guide, on the Security Agent for UNIX documentation web site.
Micro Focus strives to ensure our products provide quality solutions for your enterprise software needs. The following issues are currently being researched. If you need further assistance with any issue, please contact Technical Support.
The installation process does not support installing Security Agent for UNIX as a non-root user. (Bug 1052123)
When you delete or rename directories on Linux platforms, audit logs show null value for a directory name. Therefore, Change Guardian might not capture the correct directory name in audit logs. (Bug 974273)
When the operating system is running in FIPS mode, UNIX Agent Manager (Linux and Windows) cannot deploy Security Agent for UNIX. It displays the following error:
SSH Install Failed - Session.connect: java.io.IOException: End of IO Stream ReadInstallation Failed - Session.connect: java.io.IOException: End of IO Stream Read. (Bug 999496)
Issue: The communication between Security Agent for UNIX 7.4 and UNIX Agent Manager 7.5.1 and later, fails due to protocol mismatch. (Bug 989481)
Workaround: Upgrade Security Agent for UNIX 7.4 to 7.5 and then to 7.5.1 or later. For more information about upgrading to Security Agent for UNIX 7.5 and later, see Upgrading Agent Using UNIX Agent Manager.
The Assets Monitoring Failures report contains Windows assets only. It does not contain data related to UNIX assets. (Bug 906282).
Issue: File was deleted events are not generated when soft link for file is deleted. (Bug 975575)
Issue: Sentinel Agent Manager Connector does not work in FIPS mode. (Bug 997589)
Workaround: Perform the steps mentioned in the Knowledge Base Article 7018187 for Sentinel Agent Manager Connector to work in FIPS mode.
When you install Security Agent for UNIX 7.5.1 and later using CG AM for new installation of Change Guardian 5.0 and SCM 6.x on the same computer, SCM registration fails due to dynamic certificate changes. To configure Security Configuration Manager server, see the Knowledge Base Article 7023134. (Bug 1045613)
Issue: SCM Registration Fails While Upgrading Security Agent for UNIX from 7.5 to 7.5.1 and later using CG AM 5.0 and later where SCM and Change Guardian are enabled. (Bug 1056447)
Workaround: Perform the following steps from UAM to re-register Security Agent for UNIX with SCM server:
Go to Configure > SCM Options.
Click Configure button.
In the SCM Configuration window, ensure that the Core Services Address is same as SCM Core IP Address and click Save.
Restart the agent service by selecting Stop and Start buttons in the Agent Controls panel.
OR
You can perform the following manual registration steps on Security Agent for UNIX:
Navigate to the following location: /usr/netiq/bin
Run the following command:./wcRegister
Run the following command to restart SCM services: /etc/init.d/uvserv restart
For information about legal notices, trademarks, disclaimers, warranties, export and other use restrictions, U.S. Government rights, patent policy, and FIPS compliance, see https://www.netiq.com/company/legal/.
Copyright © 2018 NetIQ Corporation. All Rights Reserved.