CloudShark 3.12.0
April 27, 2023
Welcome to the feature packed April 2023 release of CloudShark Enterprise! We are so pleased to have focused on application features this time around, and hope that a few of the new goodies will be something you can take advantage of right away.
New Features
Built-in Analysis Profiles
CloudShark Enterprise comes with a new set of 5 powerful analysis profiles pre-loaded on the system. These are a product of our unique partnership with packet analysis expert Betty DuBois.
Watch this in-depth video with Betty to learn about her profiles and the different situations in which to apply them to your advantage.
Nested Display Filters
The new profiles contain a wealth of pre-defined Display Filters to help you narrow down the packets displayed within a PCAP. Because there are so many, we needed to support a way to display them as an organized tree instead of a single list.
Making your own? Read about how to save your own filters in an organized tree format.
Threat Assessment
CloudShark 3.12 now ships with Threat Assessment enabled for all licenses. This allows you to run your PCAP against Suricata - a high performance threat detection tool - with a single click. See alerts and warnings displayed as a ladder diagram in the context of your network traffic.
Watch this video to see the Threat Assessment analysis tool in action!
Export Multiple PCAPs
Exporting and downloading multiple PCAPs together in a Zip archive has been one of our
most-requested features. Choose whether you want to download the originals, or
the pcapng format with your CloudShark annotations included. The new dialog will
gather, compress, and deliver a .zip file with your selection.
Improvements and Upgrades
Most of these updates came directly from customer requests. If there’s something you wish CloudShark could do, tell us! If you’ve already told us, go ahead and tell us again, we don’t mind!
Multi-user Delete
Administrators can now delete multiple users at the same time, in a single workflow, rather than one at a time. The captures owned by deleted users can be reassigned to another user, or be removed.
Admin Password Reset
It happens. We know. You lose your admin password, or it “stops working”
or… Hey, we don’t judge. We also hadn’t made it very easy to reset without
having to admit it to our Support Team first.
Today, we’re changing that. If you lose your admin password, it’s easy to reset it back to the default, as many times as you need to.
Learn how to reset the admin password from the console.
Wireshark 3.6.13
CloudShark ships with Wireshark 3.6.13 under the hood. If you need to take advantage of compiling your own custom plugins, please note the location of our source archive has moved to a new URL. You can find it here.
More Version Information
Speaking of versions, this release has added an easy way to see the underlying version of other tools included within CloudShark, like Zeek, Suricata, and Wireshark. Visit the Appliance Setup –> System Info page.
Improved RTP Codec Support
The RTP playback feature was revamped under the hood a little bit to better support listening back to the following RTP payloads (as identified in the RTP playback tool):
AAL2-G726-16,24,32, and 40g711A and g711Ug722G726-16,24,32, and 40g729opus
If you have an RTP stream you think you should be able to hear, let us know!
Bug Fixes and Other Changes
- Fixed an issue with the VoIP Calls tool throwing an exception on certain systems
- Fixed an issue where CloudShark would stop responding to packet decode requests on high-usage systems
- Fixed a missing dependency when installing with a RHEL 8
ubiDocker image - Added sticky toolbars to settings pages where scrolling made it hard to find the “Save” button
- Reworded the 400k packet-view limit dialog box for clarity
- Resolved an issue where Redis was not being started in the correct order
- Improved how processes are cleaned up if
cloudshark-threat-assessmentwas not able to start within the expected timeout
Upgrading
For help upgrading with step-by-step instructions, please see our upgrade guide.
