Change Log

Native Instance Type Support

New

Users are now able to select a specific Instance Type when launching a Deployment in CONS3RT using AWS Commercial, AWS GovCloud, Azure Commercial, or Azure Gov. This update brings behavior in line with the Cloud providers that natively support instance type-based hosts (i.e. Azure, AWS EC2, and OpenStack), and provides users with another layer of customization of and control over their Deployment Runs.

For more information please consult this KB Article.

Express Interface Now Available to All Users

New

Standard users can now enter the Express User Interface by expanding the Account Management menu from the user icon in the upper right and selecting Express Mode. This new shortcut gives Standard users quick and easy access to the Express UI for training, demos, and troubleshooting. To return to the Standard Interface, select Exit Express Mode from the same dropdown menu.

Users are able to set their preferred interface to the Express UI if they so choose. By doing so, users will be shown the Express UI upon logging in.

For more information about the Express User Interface, consult the Express User Interface guide.

Amazon Linux 2 and Enhanced VyOS Support

New

We have added first-class support for the newly released Amazon Linux 2 in all AWS EC2-backed Clouspaces managed by CONS3RT. Additionally, some Cloudspaces can now access updated VyOS templates, including 1.1 (Helium) and 1.2 (Crux).

As always, we encourage you to consult the appropriate resources for information about these operating systems and check the template notes when launching Deployment Runs for any known limitations.

First Quarter Fixes

Fixed

  • A defined Recurring Schedule on a Deployment Run in a Cloudspace could prevent that Cloudspace from being deallocated
  • Additional networks in EC2 have IP addresses that can change on NAT reboot, which could break IAM policies or security group rules
  • Cloudspaces in maintenance mode could not be taken out of maintenance mode if the parent Cloud was in maintenance
  • Added the ability to land on a c5n.4xlarge instance type in EC2 Cloudspaces
  • Routing issues when clicking links in CONS3RT-generated emails
  • Inconsistencies in metrics data reporting across Projects
  • Microsoft Azure OS templates were not being filtered by region in all cases
  • Some Team Managers were not able to see dashboard metrics for their Projects
  • Deployments containing only a single Physical Host would sometimes fail to bind to a Cloudspace
  • By default, AWS security groups restricted traffic across networks within a Cloudspace

Publishing Deployment Runs to Consumers

New

Asset Publishers now have the ability to share reserved Deployment Runs with Consumers who access resources through the Express User Interface. Unlike publishing from Scenarios, which creates resources that Express Users can manage on their own, publishing Deployment Runs allows the publisher to maintain control of the resource lifecycle. Consumers accessing the deployed Hosts through the Express User Interface will be allowed to connect to the remote Host with the click of a button, provided the publisher has provided them credentials.

Publishers can read more about this feature in the associated Knowledge Base article.

For more information about managing what Consumers see in the Express User Interface, consult the Express User Interface guide.

File Transfer for VNC Connections

New

You asked for it, and we delivered.

Remote Access-based file transfer is now supported when connecting to your Host using a VNC Remote Access Connection. As with RDP and SSH Remote Access, users are now able to upload and download files using the “Drag-and-Drop” method, the Remote Access sidebar, or through the On-screen Clipboard.

To combat VNC’s lack of native file transfer capability, this solution is built on top of the existing secure file copy functionality of SSH. As with SSH remote access connections, only the initial user credentials set by the owner of the Run during deployment can be are used for determining file and folder permissions. Changing to a root user, or any other user on the system, won’t impact the files and folders you can upload and download.

File transfer is now standard on all VNC remote access connections. If you connect to your remote Host using credentials that aren’t managed by the CONS3RT Host provisioning process, you’ll need to define a custom connection with the correct credentials and use that definition to access your Host.

GPUs in Commercial Clouds

New

Users can access GPU instance types in commercial Cloud providers for their advanced compute requirements. Support includes:

  • AWS: P3 (NVIDIA Tesla V100) and G4 (NVIDIA T4 Tensor Core)
  • Azure: NC (NVIDIA Tesla K80), NCv3 (NVIDIA Tesla V100) and NV (NVIDIA Tesla M60)

Use of GPUs in commercial Cloud requires the installation of the appropriate drivers. There is a Certified, shared Asset (GPU Driver) that includes the drivers for all supported instance types. Please remember to include it the deploy.

Cloudspace Network Management

Improved

Simplification of options and presentation for cloudspace network configuration.

Certificate Management

Improved

New internal certificate management reduces complexity and change-over to ensure greater uptime.

Fourth Quarter Fixes

Fixed

  • Resolved “oops” error when multiple clicks were made in project member management
  • Corrected an issue with vCloud template catalog sharing
  • Some users experienced a crash when accidentally uploading media in the Asset script windows
  • Slack account and channel creation sometimes hung when Slack was slow to respond
  • Some users could not connect to a Deployment Run more than once per session.
  • ReST API fixes
  • Smoother presentation on Composition Builder interface
  • Addressed jScript CVEs
  • Assets shared to everyone can be downloaded non-members of the Project
  • RAM and CPU sliders were showing inaccurate info
  • Some Team managers could not enable Snapshot feature
  • Quickly changing projects sometimes caused lost project context or UI stall
  • Azure networks would only be /16
  • ReST queries to retrieve Software or Container Assets were not sorted and would return a different list each time
  • Incomplete Network settings would cause a Run to fail
  • Large metric retrieval would cause some users to see a Maintenance Page

Cloud Resource Scheduler

New

Project resource managers can schedule all Systems to be automatically powered off and back on in order to save money when they are not in use. They can create a weekday and/or weekend sunset/sunrise schedule for all Systems in their Project. For more information, please see the Knowledge Base article.

Upload Size

New

Increased the maximum upload size via browser from 3GB to 4GB.

Cloud Security

Improved

The Cloud Security overlay is now standard on all Clouds.

Launch Error Emails and User Timezones

New

Launch Error Emails

Express users will receive an email notification if their Run fails to launch.

User Timezones

Profiles now have a user-definable timezone. These timezones are used for managing recurring and power management schedules.

Domain Login Options

New

When making RDP Remote Access connections, users can choose to enter their domain credentials when setting up their connection. The Team Managers can define a domain name per Cloudspace to autofill the field.

Compositions and Express User Interface

New

A whole new way for users to interact with the Systems.

Compositions

Compositions allow users to create and publish pre-configured Scenarios for consumption by the Team. In addition to the standard Scenario design, the publisher defines the launch parameters, making for a quick and easy user experience. Compositions are available to users of the new Express User Interface (see below). For more details, please see the Knowledge Base article.

Express User Interface

The Express Interface shows the available Compositions and allow users top quickly deploy, connect to, and/or undeploy their runs. There is no need for them to navigate the whole library or to build up Systems and Scenarios.

Ubuntu 18 in vCloud

Improved

The network issues with Ubuntu 18 in vCloud have been addressed with new customization via CONS3RT.

Container Metadata

Improved

The Container workflow will pull name and tag information from the uploaded image rather than making the user enter it.

Cloud IPs

Improved

If there are no IPs in the Cloud pool, an IP address will be dynamically assigned.

Windows 2019 and Ubuntu 18 Support

New

Windows 2019 and Ubuntu 18 added as fully supported Operating Systems across Cloud providers.

Known limitation: There is an issue with Ubuntu 18 in vCloud that results in unreliable network connections. The team is working with the vendor on a solution.

Snapshots

New

Users across all Clouds can now take and restore from a single Snapshot. Note: Snapshots are not intended to replace the proper use of assets for System Design and management, but rather to augment the iterative development process. Snapshots come with a performance hit and storage cost.

Enabling Snapshots

Team Managers can enable or disable the new Snapshot functionality for their Team.

OpenStack Snapshots

Improved

Admins can change the owning Project of an active Deployment Run.

Third Quarter Fixes

Fixed

  • RHEL 7 converted to use firewalld for default security configuration
  • Resolved issue with additional disk naming and CentOS 7
  • Able to edit Container Asset names
  • Adjusted timeouts to allow larger Deployments Runs in slower Clouds
  • New Project members were not getting added to the existing community Slack channel
  • Authentication issue on OpenStack Clouds using Keystone v3
  • Scenario link missing when Host had a Container Asset
  • In vCloud-based Cloudspaces, the maximum number of provisioned networks can now be edited
  • More depth to ReST calls for configuring Cloudspaces
  • Corrected routing issues on cons3rt-net for Windows Systems
  • Some new users without a default Project experienced navigation errors
  • The order of all storage Disks on deployed System is consistent throughout the provisioning process; UI views have been updated to maintain this order
  • Updates to contact info on pricing page
  • Security enhancements

OpenStack

Improved

Added support for OpenStack Stein.

Container Assets Metadata and Host Action Status

Improved

Container Assets Metadata Additions

Two new fields (i.e., name and ports) added to Container Assets as part of improving the management of Run arguments.

Host Action Status

Added status messages to host actions - power on, restart, snapshot, etc.

Security Enhancements

Improved

Updates to workflow, algorithms, and versions of component.

Uniform Remote Connection Timers

Improved

All “Connect” buttons now use the same timer mechanism for monitoring user access and maintaining session activity.

Asset Submission Service

New

Users can push their Container Images from the Asset Library to an external Docker Registry or an SFTP-based Submission Service.

TLS Updates

Improved

All connections (GUI, ReST) must be at TLSv1.2.

Faster Uploads

Improved

Optimized process when importing Assets to reduce file transfer times.

Azure Improvements

Improved

Azure Instance Mapping

Refined matching algorithm to optimize instance type selection in Azure.

Oracle Linux in Azure

Added templates for Oracle Linux in all active cloud regions.

Azure Network Management

More dynamic management of NICs on Azure Systems.

Azure Cloud Security Overlay

Updates to securing Azure Cloudspaces.

Java 11 Support

New

CONS3RT infrastructure has been updated to run on Java 11.

Messaging Security Configuration

Improved

Moved messaging infrastructure to TLS1.2 and updated security configuration for latest attack vectors.

Smart Card Pass-Through (Beta)

New

Using a new Remote Access connection type, users can now present their local smart card (i.e. CAC) on their deployed System to authenticate to services from that deployed System. Contact Support if interested in participating in the public Beta.

Second Quarter Fixes

Fixed

  • Multiple ReST fixes for endpoints and calls; see the ReST documentation
  • Prevent situation where Project expiration date could be set later than Team expiration date
  • Added redirect to prevent 403 error is users tries goes direct to app endpoint
  • Corrected dependency check to allow projects to be deleted
  • Eliminated “Oops..” warning on successful remote access connection
  • Fixed broken links on spotlight content
  • Updated multiple knowledge bases articles
  • Fixed an issue when there is an error connecting to Slack that left the request in limbo

Updates to PKI Providers and Notice & Consent

Improved

PKI Providers

Added new approved PKI providers and removed expired ones.

Updated Notice & Consent flow to improve performance and security.

Docker Registry and BYOC ATO Consent

New

Docker Registry

We have added a Docker Registry interface to the Asset Library. Container Images can be pulled and redeployed either via the standard Asset install or using Docker commands.

When users register their existing Clouds to a site, they acknowledge that they have the security responsibility for those resources.

ElasticTest Push Results and Asset Clean Up Utilities

New

ElasticTest Push Results

ElasticTest results can be set to push the results to a designated endpoint at the end of the run.

Asset Clean Up Utilities

Admin functions to clean up the data for a CONS3RT site.

Database Connection Optimization

Improved

Improvements to database connections for increased speed and reliability.

First Quarter Fixes

Fixed

  • Username with a . could not be added to sudo-ers file
  • Unable to search on Hosts
  • Team Managers are unable to view expired Projects
  • User is unable to link directly to Project page
  • Remote Access connections sorting is updated real time
  • Support added for OpenStack Keystone V3
  • Project membership changes reflected immediately in the UI
  • Cleaner error message when a Cloud is unreachable
  • Corrected inconsistency on units in resource usage tables

Container Images and Web Architecture

New

Container Images

Container Images are a new top-level asset type. One or more Container Images can be deployed on a System, and, optionally, along side Application and/or Source Code assets. Container Images can be sourced from the Asset Library or an external repository. They can be redeployed individually on an existing deployment run.

New Web Architecture

Beginning in this version (19.3) the endpoint for ReST API calls change from https://site_url/api to https://app.site_url/. Please update your clients.
The front end infrastructure has been re-architected to improve performance, security, and scalability. It is completely container-based with all the benefits. Remote access connections are more direct.

Updates to Main Menu and ElasticTest: Fortify

Improved

The main menu has been updated to organize assets and resources into like groups.

ElasticTest: Fortify

Fortify updated to version 18.20.

Availability Zone SDN

Improved

The software defined networks have been enhanced to provide support for Availability Zones.

Deployment Properties and User Credentials

New

Deployment Properties

The project.name, project.id, primaryNetwork, isPrimaryConnection, cons3rtNetworkIp, and primaryNetworkIp have been added to Deployment properties for use in assets and automation.

Editable User Credentials

The default user credentials displayed on the Run screen can be edited with a new value. Doing so will not affect the running system, but it will be used for future remote access connections.

Change from License to EULA

Improved

The License tab for Assets is more accurately labeled User Agreement.

ElasticTest – Script and Powershell

Improved

Script updated to run on Red Hat 7; Powershell updated to run on Windows 2016 Server.

Jenkins Update and More Regions

Improved

Jenkins Plug-In Update

Credentials can be stored at the Admin level or at the User level.

More Regions

Added support for new commercial and Gov regions in AWS and Azure.

Windows Network Discovery Disabled

Improved

The Windows Network Discovery Wizard is disabled by default to prevent problems some users were experiencing during deployment runs.

Jenkins Plug-In

New

A new CONS3RT plug-in for Jenkins with the ability to update Assets and/or launch runs as part of a Jenkins job.

Slack Workspaces

New

Each site now has a dedicated Slack Workspace, which includes a private channel for each team as well as public channels for General News, Support, and Asset Development. Users can sign up for an account on their profile page.

Team Resource Management

Improved

Changes to Team resource management allow for individual Projects to have specific or unspecified (open) resource limits. Enforcement will first check the Project limits (if any) and then the Team limit.

Additional Email Fields

Improved

Additional fields on System-generated emails to improve readability and security.

Perimeter Appliance Redeploy

New

In VMware clouds, Cloudspace managers can redeploy the perimeter security appliance in the event of network issues.

Network Registration

Improved

In addition to CONS3RT created networks, existing networks in a Cloudspace can be registered so deployed Systems can be configured to connect to them.

Pop-Up Blocker Warning

New

The System will display an extra warning if the user’s local browser blocks the opening of a Remote Access session tab.

Remote Access Container

Improved

To improve redeploy speed and security, the Remote Access System in each Cloudspace is now Container-based.

Windows File Transfer

New

In Remote Access sessions, users can open the sidebar, where they can browse, upload, and download files from their remote Windows System.

ElasticTest Logging

New

The Script(bash) and PowerShell ElasticTests now have logging output as part of the results available in the UI.

Session Management

New

All user session are stored in the database to support better load-balancing. It also improves record-keeping and audit compliance.

Teams

New

Team Managers can set and manage project creation, membership, and resource limits. Resource limits are enforced at the Team level.

Team Managers will be able to directly register Clouds, request Cloudspaces, manage Cloudspace configuration, and create Projects. Project Managers will experience the most significant impact on their workflows. A detailed email will be sent to all existing Project Managers to explain the changes.

Projects can also be designated as Private (i.e. non-browsable).

Appliances Power-On Delay

Improved

Appliances now honor the Cloudspace’s Power-On Delay (POD) as part of the launch workflow.

Data Generator Asset

New

A new web traffic generator asset is available in the Community Library. It includes a user Web UI to allow for managing the type, volume, and destination of traffic.

Windows ElasticTest Agent

Improved

The Windows ElasticTest Manager Agent was rewritten in Powershell for better performance and debugging.

ElasticTest – Powershell

New

Runs and re-test Powershell scripts automatically. Runs on a Windows 10 Virtual Machine.

Nested Hypervisors

New

Run KVM and VMware ESXi hypervisors as VMs in the Cloud.

This should be for development, testing, or training only; performance is not sufficient for production.

Remote Access Low-Bandwidth and Maintenance Modes

New

Remote Access Low-Bandwidth Mode

To improve performance on poor networks, users can select a low-bandwidth mode when opening RDP or VNC Remote Access sessions. This reduces requested resolution (DPI) and color depth for VNC and RDP connections, as well as disabling wallpaper for RDP connections.

Maintenance Mode

New Cloud and Cloudspace Maintenance Modes allow site and cloud Admins to isolate maintenance work to specific resources without affecting all users. Requests submitted during maintenance are queued up, and they are executed when the resources are ready.

Asset States

Improved

We have reduced the number of Asset States and simplified the workflow. Please see the Knowledge Base for more details.

Authentication Workflow

New

Users are now asked to present their certificate for authentication only after they attempt to sign in. This will allow users having trouble with their certificates to reach the Support resources.

Remote Access Enhancements

Improved

There have been several enhancements in order to better understand and prevent Remote Access issues. These include hiding the Connect button if the system is turned off,disabling re-connect retries if there is a password problem, preventing attempts to make a connection when someone else is on the system, improving disconnect messages, and implementing browser behavior changes. These should help reduce user side problems that appeared as “disconnects.”

Speedtest

New

We have added a speed test to the site to help users identify possible network issues that might affect performance. Clicking the Speedtest link at the bottom of the page will collect results from the user’s System to the site.

More Approved Certificate Authorities

New

Additional Certificate Authorities (CAs) have been added to support more users.

Java 10

Improved

All code and infrastructure have been updated to support Java 10 and its new coding and security standards. This included multiple optimizations for better performance as well.

CRL Management

Improved

New granular checking and downloading of Certificate Revocation Lists (CRLs) to increase robustness and eliminate unnecessary reloads.

Cloud Network Management

New

Create and Manage Networks

Cloudspace Admins can create and manage additional routable and/or internal networks. This includes defining IP Space, Gateway, Connectivity, and so on.

Network Selection

At launch time, the network connections on each system can be selected from the Cloudspace pool.

IP Address Assignment

Users can now specify static IPs at run launch time for any and all user interfaces on each system.

More Cloud Networks and ElasticTest Nessus Improvements

Improved

More Cloud Networks

Clouds can now contain more than two networks as part of their configuration. All networks defined for a Cloud are added to each Cloudspace at creation time.

ElasticTest Nessus Improvements

Changes to the monitoring of Nessus tasks to increase reliability.

Host Workspace

New

A new Workspace for a user’s Hosts with a view across all Runs that includes real-time Deployment and install status. This view can be filtered by Cloudspace, state and OS Family.

Permanent Agent Disable

Improved

The CONS3RT Agent is now disabled when the system is Available and stays disabled through all subsequent reboots.

Automated ElasticTest Updates

Improved

Users no longer have to worry about approving updates to ElasticTest tools; it is done automatically. For existing runs, this means selecting RETEST will execute with the same version of the tool as originally installed; selecting RERUN will relaunch all Systems and create a new ElasticTest with the new version of the tool. See the Knowledge Base for more details.

Cloud & Cloudspace Security

Improved

AWS Cloud Admins can enable log collection (CloudTrail) and storage (S3) for their Clouds. When Cloudspaces are created, traffic logging (FlowLogs) is enabled, and data are persisted.

System Resizing

New

User can change the CPU and RAM resources on active Runs with a single step that handles the power-off, resize, and power-on actions.

Detailed Asset Install Information

Improved

All Software and Source Code Assets display their current status in the workflow along with timestamps and estimated durations. Users can select a Host in the Run section and immediately see where it is at in the process, making troubleshooting and monitoring much easier.

Azure Template Support

Improved

Azure Systems are now built from templates instead of from VHD file for faster provisioning and improved sharing.

Certified Assets

New

Certified Assets are fully developed, validated, and include a POC for support. Users can include them in their designs with confidence. There is a Certified label on the card view, and users can search and sort on Certified state. Designated Certifiers can review and promote assets.

More Slack Notifications

Improved

More options for notifications have been added to the integrated Slack channel.

Site Co-Branding

New

Large teams can sign up for a dedicated landing page with custom theme and content.

Asset Counts and IDs

Improved

Asset Counts

In the list view of Assets the card shows how many times that Asset has been used. The view can also be sorted to show the most popular Assets at the top.

Asset IDs

Assets are often referenced by their ID in log messages and some emails. The Asset ID is now displayed as part of the data in the left side column.

Asset Wizard and Referenced Asset Media

New

Asset Wizard

Users can now create Software and Source Code Assets directly in the new Asset Wizard. It will walk users through the collection of the information and files necessary for building up an Asset.

Referenced Asset Media

Asset media can either be uploaded directly or referenced by a URL. External (URL) media will be background downloaded, scanned, and placed in the library for future use.

Automatic Disk Mounting

Improved

All additional Disks defined in the System Builder are now formatted and mounted automatically. More information can be found in this Knowledge Base article.

Automatic Firewalls

Improved

Systems are now deployed with their Firewalls enabled. All outbound traffic is allowed; inbound traffic is only allowed on the CONS3RT management network for the supported Remote Access connections (i.e. RDP, VNC, SSH). Additional changes to the Firewall can be managed via Assets.

F5 BIG-IP

New

The BIG-IP from F5 is now a supported OS type, including the installation of Software Assets. Check the template notes for any known limitations.

Certificate Management

New

The expiration date on PKI certificates is displayed and users can delete exiting certificates from an account.

Collection Filters

New

Users can apply filters on the collections page by type (Software, Test, System, etc.).

Remote Access Connections Clean Up

Improved

Users can now delete old custom Remote Access connection from the list of options.

VyOS as a Supported OS

Improved

VyOS is now an officially supported Operating System type.

Asset Debugging Exit Code

New

Assets can now use an exit code of 255 on errors, which will log the error but will not fail the Asset. In this case, the installation and Run will continue.

Automatic Project Creation

Improved

When a new Team is created, an initial Project will be created with the same name.

Embedded Application Server

Improved

To improve performance and support future features, the CONS3RT application uses a new embedded web application server.

Storage Metrics

Improved

To better support management of storage resources, the display of storage usage has changed from rounded TB values to the full value, rounded to one decimal place.

Asset Script Safety

Improved

To prevent errors that occur when scripts are written on one platform and deployed on another, all scripts now have their line endings set when uploaded or updated. If the script is .bat, .cmd or .ps1, OR if the asset platform is Windows, the line endings will be set to CR/LF; on all other scripts the line endings will be set to LF.

Native System Accounts

New

The password for all existing accounts in a System (e.g. root, administrator, x_administrator, etc.) is now set to the same as the password that the user had created at the time of launching the Deployment Run. Users can use an asset if they want to make further changes.

Account Credentials

Improved

Users now only see the links and management boxes for the credential type (username/password or certificate) supported in the site. In certificate sites, users can see the certificates registered to their account.

Architecture Changes

Improved

The frontend (GUI, ReST) is now a separate module in development. This change will allow for faster rollout of new features and shorter maintenance windows.

ElasticTest Tools

Improved

Dashboards now include a list of all ElasticTest tools available to the Project with links to the available test cases.

Added Properties

New

New Deployment properties for the default user, CONS3RT-installed user, and vGPU status.

Asset State Management

Improved

The management of Asset States has been moved from the gear icon to its own section.

Multiple Networks on Physical Hosts

Improved

Physical Hosts now support multiple networks.

Perimeter Security Configurations

Improved

Cloudspace perimeter firewalls/gateways have been updated with tighter System-level lockdowns and controls.

AWS Security Credentials

Improved

Allocated Virtual Private Clouds (VPCs) in AWS now use generated, unique, scope-limited credentials for CONS3RT driven actions.

Physical System Remote Access

New

Remote Access is now supported on Physical Hosts and Devices.

Solaris Support

New

Solaris 11 has been added back as a supported Operating System for deployed Systems.

Power On Delay Management

New

Cloudspace Admins can manage the Power-on-Delay parameters to optimize System deploy times.

Simple & Custom Remote Access Connections

Improved

Remote Access connections will now auto-complete the user’s defined account and credentials for making a quicker connection. Alternatively, the user can select a custom connection to enter an alternate set of credentials.

Remote Access Collaboration

New

Users can invite other Project members to share their Remote Access sessions. The Host can provide Read Only access to their screens to support collaboration, troubleshooting, training, and more.

User Dashboards

New

Upon login, users land on their Project dashboard. This dashboard includes a list of Runs, graphs of resource usage, links to documentation and help, site alerts, and more.

Windows 2016 Server

New

Windows 2K16 is now a fully supported Operating System for Systems and Appliances.

Remote Access Tab

Improved

When opening a Remote Access connection, the name and ID are displayed on the browser tab for easier navigation and management.

Metrics Dashboards

New

Usage and storage metrics for VMs, vCPU, vRAM, and vGPU are collected and displayed at the Project, Cloudspace, and Site level. The built-in graph shows 24 hour, 7 day, and 30 day snapshots. Historical data has been back-filled for existing Projects. Metrics can also be queried via the ReST API.

File Transfer

New

In Remote Access sessions, a user can open the sidebar where they can browse, upload, and download files from the remote System.

Expired Projects

Improved

Closed (i.e. Expired) Projects are now labeled as such in order to prevent sign-ups by new users.

Deployment Run Changes - New View and User Account Creation

Improved

New Deployment Run View

We have reworked the Deployment Run display to make it easier and faster for users to get the information they need.

User Account Creation

To increase security and standardize behavior across Cloud technologies, users now create an account and password for each Deployment Run. Doing so will create that user account all Systems within the Run.

Asset Download Hash

New

Users who are downloading Assets will be given the hash value (SHA-256) for thst Asset such that they can confirm the integrity of the download.

User Card Updates

Improved

The card view of the user now includes their email address.

Network Cloud Configuration and Database Auditing

New

This release includes:

Network Cloud Configuration

New network Cloud object for managing configurations per Cloud.

Database Auditing

Native database transaction auditing.

Enhanced Data Encryption

Improved

Increased encryption across the application. Stronger FIPS algorithms and hashes; many more data fields encrypted by default.

My Asset Views and Windows XP

New

My Asset Views

Users can now browse their Software and Test Assets (under My Assets), Project Assets, and Community-Shared Assets separately.

Windows XP

What’s old is new! Windows XP has been re-added to the supported Operating System types to support cyber training needs.

Due to technology and licensing limitations, support is limited to VMWare Clouds at this time.

Power State Warning

Improved

Remote Access now checks that the System is powered-on before attempting to make a connection.

Power On Delay Reset

Improved

Cloudspace Admins can re-baseline the Power-On Delay setting for their Cloudspace.

Full Azure Support

Improved

This release includes all user (provisioning, Remote Access, ElasticTest) and management features.

Active Site Security Configuration

New

CONS3RT actively manages the access control lists for ancillary services directly.

CONS3RT Agent Removal and Appliance Settings

Improved

CONS3RT Agent Removal

The CONS3RT Agent on deployed Systems now shuts down by default when the System goes to Reserved. The user can override this removal if needed. If the user chooses to retain the Agent, there is a option to disable it after the System goes to Reserved.

Appliance Settings

Users can now edit the resources (CPU, RAM) on appliances at deployment launch time.

Cloud Network Management

Improved

Cloud Admins can set and manage a default CONS3RT network (IPs, firewalls, NAT, etc.) per Cloud, not just per site.

Remote Access Sizing and Redeploy Management

New

Remote Access Sizing

Cloudspace Administrators can now choose from three different sizes for their Remote Access server - Small (1 CPU x 2 GB RAM), Medium (2 x 4) or Large (4 x 16).

Remote Access Redeploy Management

Site Administrators can define the window and distribution of the automated redeployment of Remote Access servers.