Our release notes provide information on changes and enhancements in each release.

Note: Unless otherwise specified, the changes described here are rolled out throughout the week and may not be immediately available in all accounts.

In this release:

New Features

None.

Enhancements

New Imperva Data Center in Bogota, Columbia

We are starting to roll out a new data center (PoP) in Bogota, Columbia and expect it to be fully functional within the next few weeks.

The Bogota PoP is the newest addition to our world-wide network of 47 data centers, helping you deliver your applications securely and optimally across the globe.

For the full list of PoPs, see Imperva Data Centers (PoPs).

Website dashboard enhancements

Real-Time Dashboard: The following sections were added:

  • Imperva data centers: Real-time data according to the Imperva data centers handling the requests.

  • Origin servers: Real-time data on your origin servers. Select multiple servers to view and compare simultaneously.

Performance Dashboard: Design enhancements include:

  • Changes to layout, coloring, and graph types

  • New options for expanding each graph for an enlarged view or saving the graph as an image file

  • The DC status and Origin status columns were temporarily removed from the All websites table while we reevaluate these statistics

Where it’s located: In the Cloud Security Console, navigate to Application > WAF > Dashboards.

For more details, see Website Dashboards.

Cloud Security Console menu change

To align with Imperva’s offering categories (Application, Network, Data), the Edge menu item in the Cloud Security Console was changed to Network.

Enhanced security of role-based access policy

For enhanced security, a subaccount user who is not assigned a role in the parent account can no longer view assets in the parent account.

What changed: Previously, when a subaccount user logs in to the Cloud Security Console, they can view assets in the parent account by entering the Application, Network, or Data areas. These menu items are no longer visible until the user enters a subaccount in which they have an assigned role.

To allow a subaccount user to access the parent account, the user must be assigned an appropriate role in the parent account. This can be done by the account admin, or by any user who has the Manage users and Manage user roles permissions in the parent account. For more details, see Manage Roles and Permissions.

Certificate renewal process change

There has been a minor change in the certificate renewal process.

If an Imperva-generated certificate for your website includes unverified SANS, they will be removed from the new certificate and the old certificate will be replaced 72 hours before the actual expiry date. Previously, the change was made 24 hours before the expiry date.

If you did not verify all SANs and they were removed from the new certificate, this time extension allows Imperva to republish the previous certificate that has not yet expired. This provides you with a last opportunity to verify all required SANs before the actual expiration date and maintain your SSL support.

Typically, when your site's Imperva-generated certificate needs to be renewed, the process is completed automatically by Imperva. In some instances, you will receive an email notification from Imperva requiring you to revalidate ownership of your domain.

It is critical to review the required action and deadline as specified in the email, and take prompt action. If your websites are not revalidated before the deadline, SSL support will be removed and the sites will be unreachable over SSL.

Security Mitigation

Recently mitigated CVEs

Mitigation for new Common Vulnerabilities and Exposures (CVEs) is added weekly by Imperva Research Labs.

To view the latest CVEs for which coverage was added, see Recently Mitigated CVEs.

Fixes

Heads Up: SIEM log change for user agent

The following change is scheduled to roll out during the week of February 20th, 2022.

SIEM logs will now report the value of the user agent field for each request instead of according to the session as a whole.

Previously, the user agent reported for each request on a session was based on the first request in the session.

For more details on SIEM log files for the Imperva Cloud WAF log integration, see Log File Structure.

Known Issues

None.

 

 

 

Tip: Open the latest release notes directly from the Cloud Security Console's Help menu.

 

To subscribe to updates about weekly releases, add the following link to your RSS feed reader: https://docs.imperva.com/bundle/cloud-application-security/page/release-notes.rss