Release Notes for FLM-TR RHEL 7 / CentOS 7 Version --- Build 9069 Jul 13, 2021 New: Imported ACL lists now check the filename for v6 and warn user if applied to an interface designated as IPv4 and vice versa --- Build 9056 Jan 25, 2021 Improvements: Authentication module support FIPS mode. --- Build 9047 Nov 23, 2020 Improvements: Added SELINUX support. Now using Oracle Instant Clinet 18.5 Libraries FLM-TR must be over-installed for this patch. --- Build 9040 Aug 7, 2020 Improvements: When using database stored user accounts, now using SHA512 for password encryption. For software patches and automatic updates, now using SHA512 for signing. FLM-TR must be over-installed for this patch. --- Build 9027 Apr 29, 2020 New: Juniper filters now are deployed into configuration groups. Juniper filters now use prefix-lists where terms include many source or destination networks. This is controlled with the "PrefixListThreshold" setting on the advanced configuration settings for each interface. --- Build 9009 Dec 11, 2019 Initial Release of RHEL 7 version of FLM-TR NOTE: Previous builds listed below show release notes for RHEL 6. --- Build 8939 Oct 17, 2018 New: ACL Simplification process considers module boundaries when building the simplified list. Speed improvements to ACL Simplification process. --- Build 8931 Aug 27, 2018 New: Allow using Radius Callback ID to pass authorization information to FLM in addition to existing use of Cisco AVPair. Fixes: Include RADIUS Message-Authenticator option in access request as recommended in RFC 5080 and compliant with RFC 5080. Include secure-only flag with all session cookies served over HTTPS. --- Build 8913 Nov 29, 2017 New: Added ability to segregate Modules such that modules are not lumped together when filter list is optimized. Module names are used as prefix to ACLX term names in output Juniper filter. --- Build 8872 Apr 07, 2017 Fixes: In previous builds, user could make changes to group memberships which would result in group lists being added or removed to other lists automatically via background process. Log message for the change would use the login name of the background process rather than the originator of the change. This has been updated to accurately show the username of the user in the log message rather than the username of the daemon. Similar log message issues were possible during rollback operations and when using the 'Device List' feature and when automatically processing list entries with expiration dates/times. --- Build 8842 Aug 11, 2016 Fixed deployment to Cisco IOS possible hang waiting for file copy confirmation prompt when copying to startup-config. --- Build 8836 Jul 05, 2016 Initial release of RHEL 6 version of CyberACL Copyright 1999-2020 Cyber Operations, A Division of Folsom Metal Products, Inc. All rights reserved.