Contents
Table of Contents |
---|
Application versions
...
borderColor | green |
---|
Note |
---|
Version 2.0.0 (planned for 4th quarter of 2021) |
New features:
- Support for encryption at rest (needs to be enabled in Settings - Configuration - Encryption). Enables encryption of package files on the storage volume after finishing checks by detection engines. For details see documentation.
- Support for individual package encryption by a key derived from a password set for the package by the sender (after finishing the encryption it is not stored anywhere). Without the knowledge of the password the package files cannot be decrypted and therefore downloaded, not even by the administrator.
- Data integrity verification. It is possible to initiate a data integrity check for whole packages or single files, which computes the current checksums (SHA256) and compares them to the original ones from the time of their upload. The result is stored and displayed for both individual files and whole packages. If the integrity is compromised (file is corrupted), a notification can be sent, according to the settings. An admin can set, whether the check can be initiated even by users for their packages and files, or not. An admin can also schedule an automatic regular integrity check, in Settings – Configuration – Data integrity.
- New antivirus supported in Detection settings – FortiClient (Fortinet antivirus).
- Options to edit an existing package by its sender (author) and admin, specifically:
- An admin can set, whether the author can add new files into his existing packages or delete them (both disabled by default).
- An admin can delete files from existing packages and restore deleted files (by admin or user). A user cannot restore deleted files.
- An admin can shred files from existing packages (and therefore free up the space on the storage volume).
- When a new file is added to an existing package a new notification is sent to the package recipients, similarly, like for a new package.
- Mass actions on packages. Multiple packages can be selected in the package lists and a mass action can be performed on all of those, for example delete them all at once.
- Mass change of permissions for selected users. Multiple users can be selected in the list of users and their permissions changed for all at once.
- An admin can manually run a (re)test of the whole package or individual files through the detection engines again. Useful for example to make sure, that after anti-virus signature update, the package/file is still safe or infected.
- Support for automatic deactivation and deletion of inactive users (Settings – Configuration – User settings). Inactive users can be disabled (unable to log in) or deleted after configured time.
- Temporary user accounts. An admin can set a user account expiration during the account creation. Such an account then expires after the set time and is automatically deleted.
- Better support for different languages:
- Separated setting of primary language for e-mail messages. (Until now, it was determined by the default language of the application.)
- Optional setting of secondary language for e-mail messages. If set, the e-mails will be bi-lingual, secondary language appended below the primary.
- Logged in user can set his preferred language in his profile. This language will then be used in e-mails addressed to him, overriding the global settings of primary and secondary language, as described above.
- New notifications (written in audit log and optionally sent to e-mail) for events:
- Error during a package check. Because of a failure of one of the detection engines when checking a package, it was skipped.
- Detection engine not available. One of the detection engines stops being available. Can happen for example when an anti-virus licence expires, a sandbox connection fails, etc.
- Disk space running low. Happens if the free space drops below 10% on one of the package storage volumes and select system paths (/, /var/log, /var/lib/pgsql, /var/lib/kafka).
- An admin can move a package from active into quarantine. (Until now only the reverse was available, release from the quarantine.)
- The option to block usage of a known leaked passwords ("have i been pwned?" service). Can be enabled in Settings - Configuration - Security.
- When creating a new admin account, it is now possible to send an e-mail with the request to set a new password to the new admin, instead of setting the password directly. (Similarly like for users.)
- A download counter for each file and the archive of a package. The number of downloads of each file and the archive is displayed in the package detail view (for anonymous users, logged in users and administrators). It counts only finished downloads (the end of the file was sent from the server to the client).
Minor changes:
...
- An admin can set the time the package password is remembered, in Settings - Configuration - Security: "Download JWT token lifetime".
- If no user is logged in, the token is not stored in the browser (in LocalStorage).
- If a user is logged in, a new option to "remember password for XX minutes" (according to settings) is offered and by defaulted is not enabled.
...
- The related default email templates for these actions were updated accordinglly. If an installation xses customized templates, these must be also manually updated in the same way as the default ones were.
...
Contents
Table of Contents |
---|
Application versions
Panel | ||
---|---|---|
| ||
New features:
Minor changes:
Fixes:
|
Div |
---|
Panel | ||
---|---|---|
| ||
New features:
Minor changes:
Fixes:
|
...
Panel | ||
---|---|---|
| ||
New features:
Minor changes:
Fixes:
|
...
Panel | ||
---|---|---|
| ||
Fixes:
|
Div |
---|
Panel | ||
---|---|---|
| ||
Minor changes:
Fixes:
|
...
Panel | ||
---|---|---|
| ||
New features:
Minor changes:
Fixes:
|
...