Release Notes
Introduction
nShield® Monitor is an Entrust nShield® HSM monitoring solution. It is delivered as a virtual appliance (OVA format) to operate in a VMware virtualization environment, and as a Hyper-V image to operate in the Microsoft Hypervisor environment.
These release notes apply to version 2.9.5 of nShield Monitor. They contain information specific to this release such as new features, defect fixes, and known issues.
The Release Notes may occasionally be updated with issues that have come to light after this release has been made available. Please check Entrust nShield Support at https://nshieldsupport.entrust.com for the most up to date version of this document and the nShield Monitor user documentation.
Access to support is available to customers under maintenance. Please contact Entrust nShield Support at nshield.support@entrust.com to request an account.
Changes in this release
The nShield Monitor 2.9.5 release introduces a number of enhancements. These are discussed in the following sections.
Reset links in forgot password emails
On selecting Forgot your Password, and entering a username, an email containing a reset link will now be sent to the email address associated with the username. The link will prompt the user to change the password before accessing their account.
The reset link expires after 15 minutes. |
Ability to disable auto-logout for users with a group manager role
Users with a Group Manager role are now able to disable auto-logout by selecting Never for their auto-logout duration. This option is only available for Auditor and Group Manager roles. If the Group Manager is also an Administrator then this option is not available.
Defect fixes
The following table lists the defects fixed with this release.
Reference | Description |
---|---|
NM-900 |
Users with the Group Manager role should be able to disable auto-logout |
NM-875 |
nShield Monitor clients show "Client Host does not belong to a security world. Associated nShields may be orphaned" after enrolling |
NM-850 |
Generated OTPs do not adhere to updated password length |
NM-811 |
Upgrading nShield Monitor resets "From" address to default |
NM-806 |
Forgot password emails should employ reset links |
NM-804 |
SNMP connection reports "unreachable" due to latent responses from some client hosts |
Known issues
The following table lists the known issues with this release.
Reference | Description |
---|---|
NM-880 |
Generated OTPs do not adhere to password complexity settings, for example, special characters |
Upgrading from previous releases
To use nShield Monitor v2.9.5 either:
-
Load a new instance of nShield Monitor
-
Use the upgrade
.cmf
file to upgrade an existing nShield Monitor installation
If upgrading from any version before v2.5.5, you must first upgrade to v2.5.5 before upgrading to version v2.9.5. |
Upgrading to this version of nShield Monitor will disable further upgrades using CipherTrust update files. |
nShield Monitor eliminates monitoring of payShield devices and only monitors nShield HSMs. Upgrading to nShield Monitor will remove all payShield information. |
Contact Entrust nShield Support for further information.
Compatibility
nShield Monitor is provided as a CMF to upgrade images in Open Virtual Appliance (OVA) format and the Microsoft Hyper-V format. The OVA / Hyper-V image includes a 64-bit Linux based OS and OVT.
For the latest information on compatibility and system requirements, see the nShield Monitor Installation and User Guide.
Hypervisor compatibility
The OVA can be installed on the following virtual platforms:
-
vSphere ESXi 6.0
-
vSphere ESXi 6.5
-
VMware Workstation 12
-
VMware Workstation 14
-
VMware Fusion 10
-
Oracle VirtualBox 6.0
The Hyper-V image can be installed on the following virtual platforms:
-
Microsoft Hyper-V
-
Microsoft Azure
Host server requirements
The host server should meet the following requirements:
-
64-bit host OS
-
CPU: 2 core 2.0GHz multicore CPU (can be increased as needed)
-
Memory: 8GB dedicated memory for nShield Monitor (can be increased)
-
Network: Single network attached interface to bridged or physical network
-
Disc size to sufficiently accommodate a minimum OVA download size of 1.1 GB or Hyper-V image size of 3.3 GB. Size on disc:
-
2.3 GB (OVA) / 3.3 GB (Hyper-V) (thin provisioned)
-
326.0 GB (OVA) (thick provisioned)
-