This is a minor update with new functionality and features. The latest version with maximum stability is Pandora FMS 772 Renaissance LTS (Long Term Support).
Regular releases (RRR) are monthly releases that bring together many changes and new functionalities. They are ideal for those users who need to be up to date and are not afraid of finding unpolished details. The LTS versions are oriented to consolidate all the changes of the RRR versions and offer maximum stability.
Continuous System Security Monitoring (Hardening)
IT and cybersecurity professionals rely on system hardening to reduce the number of “open” doors that malicious actors can exploit. The Center for Internet Security (CIS) leads the development of international hardening standards and publishes securitization guidelines to improve your cybersecurity controls.
Pandora FMS uses the CIS recommendations to implement a security auditing system, integrated with monitoring to observe the evolution of security hardening throughout your organization, system by system. It supports Linux (different distros) and Windows systems (all versions).
CIS Categories audited by Pandora FMS
- Hardware Asset Inventory and Control
- Software Asset Inventory and Control
- Continuous Vulnerability Management
- Controlled Use of Administrative Privileges
- Secure hardware and software configuration on mobile devices, laptops, workstations and servers
- Maintenance, monitoring and analysis of audit logs
- Email and web browser protection
- Malware defenses
- Port, protocol and network service limitation and control
- Data recovery capabilities
- Secure configuration of network devices such as firewalls, routers and switches
- Boundary defense
- Data protection
- Controlled access on a need-to-know basis
- Wireless access control
- Account monitoring and control
- ACL System
These categories add up to more than 1500 individual checks to ensure the security of the systems managed by Pandora FMS. Not all of them are applicable in a system, but there are checks to verify if they apply or not.
Welcome wizard / Configuration wizard
The welcome wizard has been upgraded with rich, effective and fast features to help set up a new environment just right with the most common items to monitor. It also helps you to verify that your Pandora FMs is properly configured and working.
This wizard is accessible through the Configuration → Wizard configuration menu.
By choosing a filter and a time interval, it is possible to select one among several representations, as in Live view:
- Area graph.
- Circular mesh.
- Data table.
- Detailed host graphic.
- Top-N connections.
Agent Hives Widget
A grid with items is shown, which contains the agent name, the operating system icon, and the general state of the agent in a colored stripe on the left. Click on any item in the box to go to the agent detail view, or click the wheel to access the editing view.
Policy management from the agent detail view
Now seeing and managing is possible: adding, deleting and seeing the policies an agent is participating in.
Sound alerts integrated into the console (and the Metaconsole)
Now the event console can work in two different modes: either embedded into the view or minimized in the event view as a pop-up window. This allows you to work with events while you will keep receiving sound alerts in the background. You may also leave a separate window in the background and work with other sections.
Although it makes no difference with the previous version visually, it implements a new way to add centralized monitoring wizards with automatic discovery. These wizards can be uploaded/downloaded from our plugin library (and therefore be created by anyone) through .disco files.
In time we will migrate lots of server plugins and specific monitoring like WUX (transactional WEB monitoring) to Discovery 2.0. This is just the first step to a major change.
In future updates we will allow to migrate current setups to those of the new Discovery in a transparent way and soon there will be new applications in the new Discovery section.
New queued alert detail view
Now it is possible to see the detailed list of alerts yet to be executed, showing the Alert server queue in detail.