back caretBlog

What's New in 7.5 and Reveal(x) Winter 2019

Simpler workflows, single sign-on, SSL decryption, and more!

ExtraHop 7.5 and Reveal(x) Winter 2019 refine the user experience by simplifying workflows for detections, devices, and appliance administration.

Our 7.5 release notes provide a comprehensive list of new features, enhancements, and fixes for each appliance with links to the most relevant technical documentation, but here are some quick links to information about our most exciting new features.

Detection Drill Downs

Detections surface unusual activity on your network, but then what? You can launch your investigation by drilling down from detections that have metric details.

Detection Drill-Down

We also added Next Step links to specific security detections, which take you to more details that are relevant to your investigation. For example, the Next Steps links in reconnaissance scan detections provide a list of the individual clients, servers, IP addresses, or ports that were scanned by a potential attacker.

Next Steps for Security Detections

Devices Overview

We've redesigned the Overview page to make it easier to identify all of the information captured about your network devices.

Devices Overview

In addition to the information you've always been able to view, we now show you active users who have logged into the device and the known operating system and hardware vendors. New built-in roles better classify devices by their protocol activity.

Dynamic Device Groups

And when you need to classify devices by your environment-specific needs, you can now apply advanced filters to create dynamic device groups based on multiple criteria. For example, you can create a device group based on the time a device was discovered and a device tag.

Device Group Properties

Device Group Properties

Extending GeoIP Visibility

Quickly identify the geographic location of a suspicious IP address from drill down and detail pages. In addition, you can filter devices by IP addresses and by internal or external network locality.

For ExtraHop Administrators

SAML SSO

By leveraging your existing SAML identity provider, you can now configure single sign-on (SSO) access to Discover and Command appliances.

Single Sign-On Form

Local User Groups

With the addition of SAML SSO, you can now create user groups on the appliance with both local and remote users. User groups enable you to centrally manage shared access to user-created content on the ExtraHop system, such as dashboards and activity maps.

Local User Groups

Certificate-free SSL Decryption

Session key forwarding enables you to securely decrypt SSL traffic, and you no longer need to upload the certificate and private key from the monitored server. (Available for Windows and Linux servers.)

SSL Decryption

With a Trace appliance, you have the added bonus of securely storing session keys on the appliance.

Visit our Customer Portal for upgrade options and let us know if you have any questions!

Related Blogs

Sign Up to Stay Informed