LiveWire & LiveCapture Appliances
New Features
◦ Improved performance and stability by replacing the application identification library
◦ Offered FIPS 140-2 compliance for LiveWire
◦ Removed support for .zip upgrader files, making upgrades more secure
◦ Changed the reported model numbers for all appliances in the LiveWire Omnipeek UI and the SNMP MIB for better consistency
◦ Added notification and enforcement that the .npkt format is required for compression
◦ Removed "Productivity" and "Risk" metrics from all application analysis
◦ Added DHCP application identification in LiveFlow (LiveWire only)
◦ Upgraded LiveWire to work with OpenSSL 3
◦ Added packet reconstruction for SMB3 read and write requests
◦ Disabled autodiscovery by default to increase security -- users must now opt in
◦ Added the ability for LiveWire to authenticate to NTP server(s)
◦ Added new ACL policies for creating and deleting forensic searches
Key Bug Fixes
◦ Improved stability of DNS analysis in ThreatEye Telemetry (LiveWire only)
◦ Fixed an issue where LiveWire would limit the number of captures under certain conditions
◦ Fixed an issue where error code 80004005 was sometimes being generated with forensic searches
◦ Fixed an issue where duplicate database and index database values were being created and causing errors
◦ Fixed a crash in SMB reconstructions that was affecting many customers
◦ Fixed an issue where zooming in on a traffic spike in the Compass dashboard could cause a crash
◦ Fixed an issue where LiveWire was crashing with “LiveFlow Segmentation Fault” (LiveWire only)
◦ Fixed an ACL issue where users with no access to delete capture sessions could still select that option