Release Notes
This page provides the latest information about the ActivID Validation Responder Appliance.
What's New
-
Multi-factor Authentication (MFA)
ActivID Validation Responder Appliance now supports Multi-factor Authentication (MFA) for log on to the management console.
-
Log4j2 Support
-
ActivID Validation Responder Appliance now supports Log4j2.
-
-
Software Upgrade
-
Java version update: Now supports JDK 11.
-
Tomcat minor version upgrade.
-
-
VMware Tools Support
The VMware Tools configuration utility is a command-line interface you can use in the guest operating system to modify VMware Tools settings, shrink virtual disks, and connect and disconnect virtual devices. This program is called vmware-toolbox-cmd.
What was New in Validation Responder Appliance 7.3
-
SNMP monitoring
ActivID Validation Responder Appliance now supports SNMP monitoring. This helps monitor proof list updates, system health, CPU load, and memory usage.
-
HTTPS Directory support
ActivID Validation Responder Appliance now can be configured with an HTTPS directory URL as a proof list source. This helps securely exchange the proof list source data when the directory option URL is chosen.
-
IPv6 support
ActivID Validation Responder now supports IPv6. For full compatibility with IPv6, all the components of Validation Suite must be in version 7.3.
-
Debian upgrade
ActivID Validation Responder Appliance now uses the Debian 11 operating system.
What was New in Validation Responder Appliance 7.2
-
Audit Log Improvements
ActivID Validation Responder Appliance now also supports audit logs for user management to meet security requirements. System captures below User Management events:
-
User creation / deletion for admin or non-admin role
-
User role upgrade / downgrade (admin to non-admin, vice versa).
-
Password change admin or non-admin user.
-
User logged in and logout
-
Login failed in case of wrong user name or password.
-
If the user password is too old (expired) and Password Change (New Password)
-
-
Latest Environment Support
ActivID Validation Responder Appliance leverages the latest Apache Tomcat® 9. ActivID Validation Responder Appliance and Virtual Appliance are now based on Debian Linux 9 x64.
Hotfix Information
Tomcat upgraded through a hotfix (FIXS2408000) to fix the vulnerabilities. For details on the Tomcat upgrade and how to install this hotfix, refer to the readme file that comes with the hotfix zip package.
SSL Ciphers
Validation Responder Appliance is configured by default with the following list of ciphers – used with TLS 1.2 protocol.
List of Ciphers:
-
ECDHE-RSA-AES256-GCM-SHA384
-
ECDHE-RSA-AES128-GCM-SHA256
-
ECDHE-RSA-AES256-SHA384
-
ECDHE-RSA-AES128-SHA256
-
SSL_ECDHE_RSA_WITH_AES_128_CBC_SHA256
-
SSL_ECDHE_RSA_WITH_AES_128_GCM_SHA256
-
SSL_ECDHE_RSA_WITH_AES_256_CBC_SHA384
-
SSL_ECDHE_RSA_WITH_AES_256_GCM_SHA384
-
SSL_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
-
SSL_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
-
SSL_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
-
SSL_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
-
SSL_DHE_RSA_WITH_AES_256_CBC_SHA256
-
SSL_DHE_DSS_WITH_AES_256_CBC_SHA256
-
SSL_DHE_RSA_WITH_AES_128_CBC_SHA256
-
SSL_DHE_DSS_WITH_AES_128_CBC_SHA256
-
SSL_DHE_RSA_WITH_AES_256_GCM_SHA384
-
SSL_DHE_DSS_WITH_AES_256_GCM_SHA384
-
SSL_DHE_RSA_WITH_AES_128_GCM_SHA256
-
SSL_DHE_DSS_WITH_AES_128_GCM_SHA256
Known Problems and Limitations
-
When the initial setup is through DHCP, the default gateway is not displayed in the UI. When you use the UI to set the gateway, it will show an error. The work around is to use the terminal console to set the default gateway.
-
For Multi-factor Authentication (MFA):
-
User “admin” created during the boot time will not support MFA. Only users created from the management console will support the MFA.
-
Connecting to the Validation Responder Appliance via SSH will not support the MFA.
-
