Changelog

This page includes IDSTower releases history & a highlight of Major features/enhancements added.


2.1.0 - (3-10-2021)

Changes:

  • Feature: Now you can add a custom IDS Rules Feed, with various authentication modes supported.

  • Feature: Now you can do bulk actions on all IDS Rules and IOCs in the IDSTower.

  • Feature: IDSTower is now available as an RPM and DEB packages, a repository is available for both.

  • Various other bug fixes and improvements.

Please make sure to do a config refresh after upgrading to this version to update IDS Hosts configuration files to the latest version, you can do this via Cluster->Hosts->Hosts Actions->All Hosts->Refresh stale config


2.0.2 - (10-8-2021)

Changes:

  • Feature: Https certificate setup, please follow this guide to configure https on IDSTower

  • Feature: Added support for AWS Amazon Linux 2, now you can install IDSTower on AWS Amazon Linux 2 VMs.

  • BugFix: Fixed an issue with indicators update.

  • Various other bug fixes and improvements

Please make sure to do a config refresh after upgrading to this version to update IDS Hosts configuration files to the latest version, you can do this via Cluster->Hosts->Hosts Actions->All Hosts->Refresh stale config


2.0.1 - (14-7-2021)

Changes:

  • Feature: Addded the ability to do an all-in-one install, now you can deploy Suricata to the same Host running IDSTower.

  • BugFix: Fixed an issue with Ubuntu 18 with old ansible versions.

  • Various other bug fixes and improvements.


2.0.0 - (19-6-2021)

Changes:

  • Major release with new features & significant improvements.

  • Suricata now is auto-configured to alert on Indicators of compromise, including Malicious IPs, Domains & Hashes using IPRep & DataRep features of Suricata.

  • Out-of-the-box integration with 14 Threat Intelligence feeds (free & commercial) that covers both IDS Rules & indicators of compromise (IOCs), with total control on update frequency, assigned score & auto-expiry date.

  • Easy-To-Use Indicators Management Interface, with integrated references to investigation tools like VirusTotal, IpInfo & SecurityTrails.

  • Complete IOCs Life-Cycle Management, covering ingestion from feeds, scoring, auto-deployment & auto-expiry, with manual control when needed.

  • Rules & IOCs changes are automatically pushed to Suricata Hosts & Suricata service auto-reload rules when changes detected.

  • Full Control on Rules Transformation settings, you can now enable/disable specific Transformations.

  • Rules Transformation option to set Rule Target Keyword using Heuristics.

  • Rules Transformation option to replace $EXTERNAL_NET rule variable with “any” to expand rules detection to cover lateral movements in your network.

  • Rules Transformation options to add IDSTower Rule ID, IDSTower Rule URL, user added tags & other information to rules metadata keyword for more contextualized alerts!

  • Full Control on Indicators Alerting settings, Enable/Disable alerting on Malicious IPs, Domains & Files.

  • User Management Interface to add/remove/enable/disable users.

  • The Built-in Packages repository (for offline deployment) is now offered as a separate package to allow it to be independently updated.

  • Various other bug fixes and improvements.

  • To upgrade from version 1.0.x to this version, please follow this guide: https://www.idstower.com/docs/upgrade/upggrade_from_v1_to_v2.0.0.html


1.0.2 - (11-4-2021)

Changes:

  • Now you can force remove a cluster even when hosts are unresponsive.

  • Improved how UI handle redirection.

  • Various other bug fixes and improvements.


1.0.1 - (16-2-2021)

Changes:

  • Added support to deploy & manager Suricata in Ubuntu 18.04 (Bionic) and Ubuntu 20.04 (Focal).

  • Added all packages necessary to deploy Suricata to an offline cluster.

  • Various bug fixes and improvements.


1.0.0 - (29-1-2021)

Changes:

  • Initial public release.