Log Correlation Engine 4.4.1 Release Notes The following notes describe the changes that are included in Log Correlation Engine (LCE) version 4.4.1, significant enhancements to LCE, and information about upgrading. General Upgrade Notes  As with any application, it is always advisable to perform a backup of your LCE installation and stored logs before upgrading.  Detailed instructions and notes on upgrading are located in the Log Correlation Engine 4.4 Administration and User Guide.  Upgrading to LCE version 4.4.1 from LCE version 3.x or earlier is not supported. An intermediate upgrade to LCE 4.2.2 must be performed before upgrading to LCE 4.4.1.  After upgrading to LCE version 4.4.1, the text-based configuration files (e.g., lce.conf) will be migrated to a database and are no longer used. Compatibility Notes  LCE version 4.4.1 is compatible with SecurityCenter version 4.6.2.2 or later. Older versions of SecurityCenter will work with LCE 4.4.1 without issues, but will not support some new features.  LCE version 4.4.1 is compatible with LCE Clients version 4.0.0 or later. Older LCE Clients will not be able to log in and send event data to LCE 4.4.1.  Prior to upgrading or deploying LCE 4.4.1 with High Availability, please contact Tenable Support at [email protected].  Please contact Tenable Support at [email protected] if you have any questions about compatibility issues. File Names & MD5 Checksums lce-4.4.1-el5.x86_64.rpm lce-4.4.1-el6.x86_64.rpm 1a8c7056a8254c4883f456d83ee5f9e8 71d8f6e8c7c2a003599ed2e7e457a963 Application Notes Improvements  Greatly enhanced indexer performance of normalized data  Increased default RSA key length of self-generated certificate to 2048 bits Issues Addressed  Fixed an issue where silos did not roll at the configured value  Patched the LCE report proxy and web server to remove SSLv3 support (CVE-2014-3566)  Fixed an issue preventing some users from manually uploading a plugin file via the Web UI to update plugins Copyright © 2014. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc.  Fixed an issue where an Asset Summary displayed showed incorrect event counts  Fixed an issue where a client index could be re-used if the highest-indexed client was deleted  Fixed an issue where upgrading to LCE 4.4.x could cause duplicate entries in some configuration tables such as Sampleable TASLs and Trusted Plugin About Tenable Network Security Tenable Network Security provides continuous network monitoring to identify vulnerabilities, reduce risk, and ensure compliance. Our family of products includes SecurityCenter Continuous View™, which provides the most comprehensive and integrated view of network health, and Nessus®, the global standard in detecting and assessing network data. Tenable is relied upon by more than 24,000 organizations, including the entire U.S. Department of Defense and many of the world’s largest companies and governments. We offer customers peace of mind thanks to the largest install base, the best expertise, and the ability to identify their biggest threats and enable them to respond quickly. For more information, please visit tenable.com. Copyright © 2014. Tenable Network Security, Inc. All rights reserved. Tenable Network Security and Nessus are registered trademarks of Tenable Network Security, Inc. 2