Release Notes
1.7.1
October 23, 2023
Upgrade Paths
Security Monitoring supports upgrades from these previous versions:
- 1.4.0 - 1.7.0
If your Security Monitoring version is older, you may need to upgrade to an intermediate version before upgrading to the target version.
What’s New
This release includes the following updates:
-
Stability and performance improvements
This release includes stability and performance improvements.
Known Issues
You can find information about known issues in the Known Issues topic.
1.7.0
October 18, 2023
Upgrade Paths
Security Monitoring supports upgrades from these previous versions:
- 1.4.0 - 1.6.0
If your Security Monitoring version is older, you may need to upgrade to an intermediate version before upgrading to the target version.
Changes in Default Behavior
This release has the following changes in default behavior:
-
Security Monitoring backend service
The backend for Security Monitoring is now served by the
nms-sm
process instead ofnms-core
. Thenms-sm
process must be started after installation of thenms-sm
package.
Known Issues
You can find information about known issues in the Known Issues topic.
1.6.0
July 20, 2023
Upgrade Paths
Security Monitoring supports upgrades from these previous versions:
- 1.3.0 - 1.5.0
If your Security Monitoring version is older, you may need to upgrade to an intermediate version before upgrading to the target version.
Resolved Issues
This release fixes the following issues. Select an issue’s ID link to view its details.
- Using empty values as filters returns inaccurate results (42941)
Known Issues
You can find information about known issues in the Known Issues topic.
1.5.0
June 12, 2023
Upgrade Paths
Security Monitoring supports upgrades from these previous versions:
- 1.2.0 - 1.4.0
If your Security Monitoring version is older, you may need to upgrade to an intermediate version before upgrading to the target version.
What’s New
This release includes the following updates:
-
Improved security monitoring with violation and signature details
This release adds violation and signature details to Security Monitoring. This information helps you identify false positives and gain a more comprehensive understanding of violations, allowing you to fine-tune your security policies and optimize your threat detection.
Known Issues
You can find information about known issues in the Known Issues topic.
1.4.0
April 26, 2023
Upgrade Paths
Security Monitoring supports upgrades from these previous versions:
- 1.1.0 - 1.3.0
If your Security Monitoring version is older, you may need to upgrade to an intermediate version before upgrading to the target version.
What’s New
This release includes the following updates:
-
View violation context for requests in Event logs
You can now view the request entity and its associated details that triggered a WAF violation from the event logs.
Changes in Default Behavior
This release has the following changes in default behavior:
-
Update to the Signature context pie chart
The Signature context pie chart now shows information related to signature-based violations in requests and URIs, in addition to the already available header, parameter, and cookie information.
Known Issues
You can find information about known issues in the Known Issues topic.
1.3.0
March 21, 2023
Upgrade Paths
Security Monitoring supports upgrades from these previous versions:
- 1.0.0 - 1.2.0
If your Security Monitoring version is older, you may need to upgrade to an intermediate version before upgrading to the target version.
What’s New
This release includes the following updates:
-
Top Signatures section added to the Main tab
The “Top Signatures” section is now available in the “Main” tab of the Security Monitoring module dashboard.
Security Updates
Important:
For the protection of our customers, NGINX doesn’t disclose security issues until an investigation has occurred and a fix is available.
This release includes the following security updates:
-
Instance Manager vulnerability CVE-2023-1550
NGINX Agent inserts sensitive information into a log file (CVE-2023-1550). An authenticated attacker with local access to read NGINX Agent log files may gain access to private keys. This issue is exposed only when the non-default trace-level logging is enabled.
NGINX Agent is included with NGINX Instance Manager, and used in conjunction with API Connectivity Manager and the Security Monitoring module.
This issue has been classified as CWE-532: Insertion of Sensitive Information into Log File.
Mitigation
- Avoid configuring trace-level logging in the NGINX Agent configuration file. For more information, refer to the Configuring the NGINX Agent section of NGINX Instance Manager documentation. If trace-level logging is required, ensure only trusted users have access to the log files.
Fixed in
- NGINX Agent 2.23.3
- Instance Manager 2.9.0
For more information, refer to the MyF5 article K000133135.
Changes in Default Behavior
This release has the following changes in default behavior:
-
Improved error message when NGNIX Management Suite server is not running
The Security Monitoring module now displays the message “Upstream unavailable” when the NGINX Instance Manager server is not running, instead of the previous message “Oops something went wrong.”
-
Single quotes are automatically escaped in filtered values
Single quotes in filtered values are automatically escaped to ensure that the data is parsed correctly.
Known Issues
You can find information about known issues in the Known Issues topic.
1.2.0
January 30, 2023
Upgrade Paths
Security Monitoring supports upgrades from these previous versions:
- 1.0.0 - 1.1.0
If your Security Monitoring version is older, you may need to upgrade to an intermediate version before upgrading to the target version.
What’s New
This release includes the following updates:
-
Get the latest Signature and Geolocation Databases
Update the Signature database to get the latest attack signature details.
Update the Geolocation Database to get the most accurate mapping of IP address to Geolocation.
Resolved Issues
This release fixes the following issues. Select an issue’s ID link to view its details.
- The field retrieving URIs is incorrectly listed as URL (38377)
Known Issues
You can find information about known issues in the Known Issues topic.
1.1.0
December 20, 2022
Upgrade Paths
Security Monitoring supports upgrades from these previous versions:
- 1.0.0
If your Security Monitoring version is older, you may need to upgrade to an intermediate version before upgrading to the target version.
Changes in Default Behavior
This release has the following changes in default behavior:
-
Removal of Total Requests count
The Total Requests count was removed from the Security Monitoring dashboards, to avoid customer confusion, as the value didn’t convey different configuration scenarios for NGINX App Protect on NGINX instances.
-
Removal of WAF PASSED requests count
The count of WAF
PASSED
requests was removed from the Security Monitoring dashboards to avoid customer confusion, as it counted only requests with violations and not all requests filtered by NGINX App Protect WAF.
Known Issues
You can find information about known issues in the Known Issues topic.
1.0.0
November 17, 2022
What’s New
This release includes the following updates:
-
Introducing the NGINX Security Monitoring module
Use the NGINX Security Monitoring module to monitor the NGINX App Protect WAF protection of your apps and APIs. View protection insights for analyzing possible threats and tuning policies.
The Security Monitoring module includes the following:
- Informative dashboards that provide valuable protection insights
- In-depth security log details to help with analyzing possible threats and making policy decisions
Refer to the Installation Guide to get started.
Known Issues
You can find information about known issues in the Known Issues topic.