Available Updates

Plixer International, Inc. Scrutinizer NetFlow and sFlow Analyzer

### IMPORTANT NOTES ###  

  • It is important to backup your database before upgrading any software.
  • It is recommended to upgrade to this version. 

For more details on the new features below, reference the Plixer website and Scrutinizer documentation.

Version 12.0.3 - 10/14/2014

 

 


Change Log History

 

Version 12.0.3 - 10/14/2014


+(13471) Citrix NetScaler Reports
+(13611) Byte rate to PfM: Host to Host Application Jitter by SSRC
+(14888) Consolidated SonicWALL VPN Report with local, name, remote
+(15048) Note in data history to let customers know syslogs/alarms expire with 1m interval
+(15176) Procera reports
+(15246) Firewall Extended event reports to Advanced Reporting
+(15284) Report runtime report types for Vitals
+(15426) Extra cleanup of temp directories
   (00000) Various Bug Fixes

 

Version 12.0.2 - 8/19/2014


+ (11918) The Virtual Appliance VM advanced properties details page is empty
+ (13321) Add the ability to turn off formatting of some elements in FV/CSV
+ (14727) New Reports - IXIA Reports
+ (15086) New Report - Volume -> Login Count by Domain Controller
   (00000) Various Bug Fixes

 

Version 12.0.1 - 7/21/2014


+ (14288) Added support to the Report Menu for right-click to open any report in a new tab or window
+ (14461) Add active exporter count to License details screen
+ (14672) Add Information Element definitions for IXIA IxFlow
+ (14763) Status Reports: Added ability to display 1000, 5000, and 10000 rows.
+ (13729) Added the last update time for the Host Reputation list to the FA Configuration gadget
   (00000) Various Bug Fixes

Version 12.0.0 - 7/07/2014


+ (1290) Data Retention Per device and template
+ (1640) Thresholds based on outbound traffic
+ (3331) Now using MySQL 5.6.19
+ (11355) Distributed Collecting and Reporting
+ (11732) More intuitive report menus
+ (12061) New faster host search interface
+ (12647) All Device report of bit rates by device
+ (13572) Running custom FA Scripts via Flow Analytics
+ (14045) Enhanced Report Designer usability
+ (14145) New, informative, Report Details Modal
+ (10758) Baseline any element and detect deviations
+ (13089) New report menu design
+ (13150) Any report can now be run by interface if interface data is available
+ (13173) Reporting interface UI enhancements
+ (13398) Added support for new IANA information elements
+ (14344) Added support for new Citrix / CloudBridge information elements
+ (13543) Added support for latest Netscaler information elements
+ (13258) Rate based thresholds
+ (12946) Improved collection rates
+ (13499) Faster loading of Status tab views
+ (13421) Updated help documentation
- (10790) PHP usage to enhance security
- (13285) 32 bit support (64 bit OS now required)
- Removed summary reports
- Removed mIAM and Top Mailservers views
  (00000) Various Bug Fixes

Version 11.5.2 - 4/22/2014


(13082) Add voice and video identification to AVC reporting
(13134) Improve VRF id descriptions
(13260) Create two new IANA "Chassis" Report Types
(13278) Add new NAT source and destination details reports
(13279) Create New IANA Open vSwitch IPFIX reports
(13370) Add Cisco Performance Routing (PfR) Root Cause Delay report
(13372) Added CBQoS and RTP Payload to Cisco VoIP Report
(13182) New Chinese translations
(13139) New Japanese translations
(00000) Various Bug Fixes

Version 11.5.1 - 1/29/2014

- New setting for collector time handling
- Alarm menu sometimes left behind
- Packet spool directories falling behind
- Mailinizer report links missing filters
- Poller errors in the apache log
- MONITOR_INT_START_TIME needs formatting function
- All Devices Summary template is using wrong formatting
- Mailinizer Filters missing from Tree menu
- Deleting one exporter can delete all exporters
- Patched possible security vulnerability for read-only user
- Add VMware Specific Enterprise elements
- Add VMware Specific template naming

Version 11.5.0 - 1/20/2014

+ Status Tab
   * There is a new All Devices view that can be set as the user default view. (Great for users who don’t export interface information)
   * Per interface reports can be run from the device tree in Device Explorer now
   * Improved exporter icon pip color information
+ Flow Analytics
   * All algorithms reviewed and updated
   * Alarms are now de-duplicated
   * Messages were updated to clearly indicate what happened
   * Limits were removed (and ordering)
   * Default thresholds have been adjusted to minimize false positives
   * New indices were added. See Alarms
+ Alarms
   * Major code overhaul that improves speed, reporting, and maintainability
   * Added username and country/IP Group
   * Added Threat Index
   * Added Host Index
   * Added user name column
   * Export to CSV of current Alarms view
   * Added Default Flow Report for Interface Exceeded Threshold Alarm
+ New Reports
   * There are around 80 new reports that include support for:
     + Cisco HSL
     + Exinda
     + F5 Networks
     + NetASQ
     + Probe
     + Riverbed
     + Long term username reporting
     + Cisco ASR high speed logging
     + Connections by flows
     + Cisco AVC reports for IOS XE
+ Updated SonicWALL template names
+ Enhanced Cisco TrustSec (CTS) reports
+ Added total to vitals reports
+ Added support for 2048 and 4096 SSL key sizes
+ Improved LDAP, interface thresholds, and IPFIXify Mailinizer documentation
+ Improved collector performance on Windows
+ Added an IPFIX formatting engine for converting data to IPFIX
+ Upgraded MySQL to 5.1.72
+ Upgraded Apache server to 2.4.6 and PHP to 5.5.4
+ Our virtual appliance now supports vmx9 and ESXi 5.5
+ Added new information element details for:
     + Cisco AVC
     + Cisco WAAS
     + NetAsq
     + Barracuda
     + Exinda
     + QoF
+ Updated Country names
+ Updated AS names

- Need better y legend formatting and description in Status graphs
- ASA NF_F_USERNAME filter fails if domain included in username
- Disallow deleting of a designed report template that is used by a saved report
- AVC report type
- Not seeing AS reports available from Cisco ASR 9K
- Drill in on a gadget and step becomes a line in the graph
- Missing table column in Conversations Exported Infrequently
- TI gadget, Status TI, and Tree Menu all using different rules for icons
- Add group_concat_max_len to my.ini (Endace probe and FA)
- Table formatting after sorting for Status reports
- Improve Device Explorer searching
- Device tree stops responding
- Microsoft Visual C++ Redistributable is failing to install
- On AS reports the percent legend on graph shows incorrectly
- Appliance upgrades without internet access don't install mod_fcgid
- Status > Report Graph: glitch when two consecutive points have coordinates outside graph
- Status report thresholds don't allow for a check of 1
- Notification daemon some notifications failing (Can't locate SNMP_util.pm)
- Web Interface doesn't load in IE11
- IP Group filter not reflected in map connection
- Update username install instructions for IPFIXify to include quotes around path
- Summaries Reports are not loading for certain users
- Palo Alto userId_PA filter showing no results
- Report open from Search view uses wrong time interval
- Truncate Map labels on doesn't work
- Dashboard view name display formatting
- Out bound graph color is wrong
- Threshold - Utilization error when saving settings in free mode
- Allow for mplsLabelStackSection element decodes
- Update scrutinizer Chinese
- Make popups the active windows when we open one
- Keep Autonomous System Numbers current
- Message in dark skin is unreadable
- Top Mail Servers view shows Exchange 2010 as "Unclassified Mailserver"
- PDF report defaults to Graph: Show others on top
- There is an error coming from logalot.pm when fa_cli is run
- Adjust NBAR summary table for Cisco Betas IOS
- Setting user preference for Host Display Type to IP still resolving host in reports and FA gadgets
- Report Designer -> Devices dropdown confuse if two devices have the same name
- Tighten up access to the CSV directory from the browser
- Acknowledge Per Violator - Removes all for a Policy
- Maps utilization should be consistent with its report
- Deleted Maps Objects still generate conflicts in mapping configuration
- Add System Description to Device Overview
- IP Group Delete confirmation says message "application"
- Toggling Rate/Utilization on maps doesn't change anything
- ASA default firewallEvent report filter doesn't work for older ASA versions
- Scrutinizer User Statistics gadget broken in 11.1
- Volume -> Traffic Volume report displayed in Totals shows peaks in rates
- Allow reporting on Huawei egress exports
- Mac OS X 10.9 and Safari 7 errors
- FA: Medianet Jitter Violations Default Flow Report causes Oops! error
- Add v6 support to the IP Address violation algorithm
- FA Exclusions will not update unless w/o an exclusion IP
- Scheduled reports get renamed after upgrade from 10.x to 11.0.3
- Report map link shows no measurement or report name when report is no longer valid
- Addressed possible security vulnerabilities reported by Secunia
- Subnet filter vs ip group for the same subnets: report result don't match
- Updating account with a password that includes a single quote breaks frontend

Version 11.0.3 - 9/25/2013 

+ Add Filter to adjust for ASA 9.1(2) overstating data
+ Flow Analytic query optimization
- "Use of uninitialized value" error when running scrut_util.exe -ssl
- Emailed reports come with two .csv files
- Enhance MRTG config consolidator to support legacy config files
- Installed changelog different than website changelog
- SNMP Trap notifications are not working
- Crosscheck alerts are not triggering notification profiles
- Threat import from file doesn't work
- Some columns incorrectly disallow NULL on rollup
- Rate and Total graphs are reversed for SNMP -> Port Utilization reports
- Flow Metric report graphs only display the top 10
- Backslash in the community string breaks installs
- "Other" menu in report list is gone
- IP groups don't allow for multiple subnets
- Linux: Scheduled reports that include PDF get insecure dependency error
- Nefarious Activity algorithm is not working
- Maps: Sometimes linked reports have incorrect label and time-frames
- AVC PfA Reports -> Review reports with 'Transaction Delay'. It should be 'Transaction Duration'
- Change how we define pollCount

Version 11.0.2 - 8/8/2013

+ Added names for new ASA templates
+ Element ID 65500/monitoringIntervalEndMilliSeconds not being decoded correctly.
+ Added support for new nProbe element DNS_TTL_ANSWER
+ New elements for Saisei Networks
+ New AVC reports for IOS XE
+ Added 4 new Cisco IOS XE information elements
+ Added 10 new IANA information elements
- IE 8 would get stuck on "Loading"
- Manage Exporters interface and license counts did not account for the free vitals exporter
- Variable length paddingOctets decode incorrectly

Version 11.0.1 - 6/27/2013

- Scheduled Reports: Saving "multiple" should refresh report
- No graph in pop up (From top flows)
- Device tree breaks when groups contain each other
- Defined Applications and Protocol Exclusions not loading into the collector
- Search would not find undefined well known ports
- Defined Applications formatting issue
- Emailed reports CSV always resolved IP addresses
- Device Tree Group CrossCheck link is always returning no results

Version 11.0.0 - 6/20/2013

+ Improved, searchable Device Explorer
+ Alarms Heatmap
+ System metrics support
+ MRTG SNMP
+ Multi-Interface reporting
+ Ability to configure custom internet threats
+ Reporting:
   -Cisco Wireless (WLC)
   -Cisco Application Visibility and Control (AVC) -> Performance Routing (PfR) reports
   -ASA Access Control List (ACL) descriptions and filtering
+ Smartphone and Tablet Support running iOS 6+ or Android 4.2+
+ New Information Element support
+ Vitals are now in a Dashboard, not the Admin tab
+ Alarms History and Reporting now use the Status reporting engine
+ IPFIX Exports from the Scrutinizer server’s IP for MRTG and Vitals
+ Windows 8 and Server 2012 installs are now supported
+ Collector optimizations allow for processing more flows with the same resources.
+ Reporting optimizations render reports more quickly.
+ Ability to send multiple reports in one scheduled email.
+ New Graph Type: Steps graphs
- Searching mIAM Switches view only works by IP
- Log administrative changes
- Filtering report on IP Group is encountering report timeouts
- SNMPv3 issues addressed
- Can't configure notifications for saved reports with certain filters
- nProbe Host to Host Latency calculations
- Email alerts not generated if email server not port 25
- Report Designer -> Review logic that checks for duplicate report names
- Clicking on Dashboard tab brings up blank screen
- The DNS server information is not present on VA (Virtual Appliance) installs
- vmwareToolsInstall.sh is not working
- New connectors appear curved in flash maps
- Google API loads when viewing a flash map
- Scheduled reports failing
- Some services are failing to install in 10.1.x
- White on grey in login screen very hard to read
- Add / Remove box formatting is off in FF
- Status > Views > Define CrossCheck Thresholds
- (Manual) Update manual to talk about MaxMind where we discuss AS
- Nagios 3rd Party Integration %H and %h
- Pie Charts and Bar Charts don't render in PDF files
- Duplicate IPs In crosscheck database - some polled objects in maps blue not in crosscheck
- Device with no templates hangs opening report list
- Security Vulnerability: HTTP TRACE / TRACK Methods Allowed (appliance)
- Security Vulnerability: TLS CRIME Vulnerability
- CrossCheck Summary Graph -> Y axis not always starts at 0
- Host To Host With Next Hop report -> Rank column with wrong width
- Flow and Poller reports don't work with SSL
- GPS Coordinates lookup not working
- FlowHopper lost device hops after upgrade to 10.1.3
- Can't see groups under status
- plixer_flowalyzer_svc service is not included in the Service/Daemon Status LED
- Scrutinizer generating odd syslogs/orphans
- Cannot report drill in on Palo Alto User report
- Custom gadgets show up as null on the Dashboard Gadgets permissions page
- Can't put a policy at the end of the list in Policy Manager
- Citrix flowFlags need a different aggregation type or smarter rollups
- SQL Injection vulnerabilities with PHP
- Can't delete orphans
- Logged collector errors cleaned up
- Interfaces come and go
- Can't delete an application
- Notify that a reboot or all service restart is required after a password change
- v5 header count and actual flows disagree
- Don't warn on ESP data in sFlow
- Crashed tables for new nProbe template
- Grab the latest IANA IE list
- Collector lost connection to database
- Layout for Mapping Configuration seems off
- FA exclusions update fails with no IP Address
- Users-Events-Ext: column name formatting in 1024 x 768
- Missing plus sign on protocol in Network Transports
- syslogd dying
- Some designed reports totals may not add up correctly

Version 10.1.3 - 3/14/2013

+ Added additional database tuning options
+Increased the default UDP buffer size
+ Upgrade install to now include Adobe Flash Player Distribution 11.6.602.180

- Fixed an issue with data aggregation calculations in some reports
- Fixed an issue where unnecessary database connections were being created

Version 10.1.2 - 2/11/2013

+ Added Cisco wireless access point reports
- nProbe radius info elements
- Percent threshold messages don't need /s
- Manage Exporters: "Microsoft's Personal Firewall..." message on Linux install
- Error in the collector logs
- Turn on resolve DNS when a device is added to the network volume algorithm
- Investigate Vulnerability Labs issues
- Need improve upgrade for information elements
- Scheduled reports not working
- Unable to email or schedule email a report with a CSV attachment
- custom_reports_thresholds fa_script is stuck in a state of running
- Report Designer "Report Field" never finishes loading
- Apache log error from mapping library
- Scheduled reports not being sent when addressed to multiple email addresses
- Update AS numbers
- Upgrades can change the control port
- Search function not working when some devices are included
- NetFlow from an Avaya device is crashing 1min data table
- Host Names: Can't save a new host name with "Queued" Resolved DNS
- "Copy to" in dashboards only works the first time
- Bulletin Board: Policy Name with an apostrophe breaks JavaScript
- Sometimes the Latency by Interface gadget does not work.
- Status > CrossCheck List loads JSON in main div and fades out
- Broken image in notification queue for "SnmpTrap" Alert Type
- PfR report value formatting
- Report Designer -> Make Copy fail for reports which there is no longer a exporter.
- After you delete all you dashboards, you can't create one
- mIAM OSes report pagination says 'null of null'
- A space in an IP Range filter prevents it from working correctly
- Mapping objects don't keep IP address changes
- Optimized collection across distributed collector ports
- Filter on TOS shows Uncategorized rather than the TOS name
- Source and destination IP should only allow LIKE / NOT LIKE for advanced filters
- Underscore in advanced filter causes oops error
- Policy Manager: Broken link for a policy that has an action of delete
- Report type becomes undefined >> undefined
- Apostrophe breaks search.html query
- NF_F_XLATE_SRC_ADDR_IPV4 and NF_F_XLATE_DST_ADDR_IPV4 filters from table menus did not work

Version 10.1.1 - 1/2/2013

- Status > Top Interface content not loading
- The plixer_flow_collector service is stuck in stopping state after upgrade
- Sonicwall icons are displayed instead of Paloalto icons for paloalto devices in device tree
- Rollups failing after upgrade to 10.1
- Status tab -> Report wrapping under browser's fold in demo server.
- Email of Pie Chart reports is failing

Version 10.1 - 12/4/2012

+ New Sonicwall CPU Report Type
+ Added Interface Speeds to Emailed Reports
+ Added forensic audit report type
+ Added Virtual Appliance soft shutdown with VMTools
+ Added option to display traffic indicator dots/ants in mapping
+ Created a migration tool for Windows to appliance upgrade
+ Added more flexibility by allowing the use of count treatment in Report Designer
+ Added a new firewallEvent denied flows algorithm for new ASA export format (and any firewall exporting the standard firewallEvent element)
+ Added new firewallEvent reports to work with the new ASA export format (and any firewall exporting the standard firewallEvent element)
- Alarm Orphans: Delete Orphan formatting
- Should be a tooltip when the Default Report is not available
- Reset report default globals when changing reports
- Must be a number warning for NF_F_FW_EVENT search in Flowview
- Vitals syslog rrd graphs don't appear to be updating after rebooting the Virtual Appliance
- Connection fails to mail server for email alerts if authentication required
- Scrutinizer can only generate one PDF at a time for emailed reports
- IP Groups rename / delete bug
- Calculated column filter doesn't work with availability
- Graph colors should be closer to the report table colors
- Can't change scrutdb password on Linux
- Can't read Scrutinizer logo on the login page
- Link between device and object not showing up
- Launching a report from topints_popup.html does not remember the Default Flow Report setting
- Keep track of group in html popup of mapping configuration
- Have flash maps scale better in dashboards
- Switching \theme\" system preference to SonicWall in non-SonicWall EOM installs breaks login screen"
- Alarm related services don't always start on Linux after a reboot
- Fix "undefined" message when saving MTM license
- Investigate Flowalyzer DB post install script errors
- Detached maps do not resized vertically
- can also be detached again.
- IP group report shows entries that are not defined
- Cisco PfR category is missing after 9.0.0 upgrade to 10
- Duplicate SonicWALL applications
- v10 - Top Interface reports no longer show interface names (only ifindex instance)
- Multiple entries were created in the xcheck_hosts table for some exporters
- Appliance Avail HDD graph looks at the wrong partition
- Unable to save 3rd party integration in Crosscheck
- Saving a gadget refresh to 0 causes loop
- Cannot filter out TOS without losing TOS description.
- Crashed tables for option templates
- Enable default report only where applicable?
- Insert into crontab fails on upgrade because the ID is already taken by a scheduled saved report
- Verify flow rates and MFSNs for v9 and IPFIX
- Report Designer: Make cursor a pointer for Trend by and delete
- XML load errors when a report link in a map no longer works
- Map links disappear on refresh
- MFSN LED's are not properly activating
- New devices are blue after Windows -> Linux database migration
- Make sure mail server template ID dependencies are resolved
- 5m conversations on the hour are being doubled
- Reports don't work with migrated data
- Country icons missing on appliances
- Palo Alto report category shows on ASA device
- Connections by report only show total in mapping
- Crontab entries collide on multiple tasks during upgrade on a server with scheduled reports
- Phone home might need to be updated due to ASA changes
- Denika connections error when trying to load report in mapping
- Percentage threshold option not in Flow Reports Thresholds gadget
- Mystery rate column in some reports
- Mapping undo does not visually undo connector
- TIMEOUT when deleting an exporter in Manage Devices
- Reports display in English instead of native language
- Context menu positioning breaks after scrolling down
- Grab the latest IANA IEs
- Check for Update revision version incorrect in 10.0
- Report Designer not loading template list for some devices
- Report table > Not all columns with IPs addresses resolve their domain
- Map works under the maps tab, but not in a dashboard
- Report breaks from Conversation WKP to Host to Host report
- Labels for Denika Connections in Google Maps are wrong

Version 10.0 - 10/22/2012

+ New collector featuring improved flow rates, improved communication with the frontend, and a mechanism for sending alarms to scrutinizer
+ Add links in maps based on saved reports
+ Allow report thresholds to be set based on exceeding a rate
+ FA Top n algorithms can be configured per device
+ Upgraded MySQL version to 5.1.63
+ Scrutinizer is now using Apache 2.2.22
+ Added dotted outline underneath Dashboard gadgets when moving them
+ Added support for Riverbed NetFlow-v9 custom elements
+ Added Google Map "Hybrid" option via Show Labels
+ Google Maps remember settings when they refresh
+ Allow sFlow devices to be included in FA algorithms
+ Include the time frame in Top Interfaces for emailed reports
+ Allow direct access to Dashboards tabs by URL
+ Send a syslog when any of the services are running low on memory
+ Added informative title bar to indicate which "View" a user is in
+ Send an Alarm when users or their passwords are changed or created
+ Improved CrossCheck alert formatting
+ Added IP Grouping definition interface, reports, and filters
+ Added new Report Designer to create custom reports
+ Added a percent option to Inbound Thresholds
+ Caching of NBAR application definitions from option templates to improve report speed and ensure application names are always displayed.
+ Improved mapping
+ Improved sFlow decoding
+ Improved Exinda template support
+ Improved template naming and flexibility
+ Added Extreme IPFIX support
+ Icons can now be set to change colors based on a chosen Primary Status option (e.g. Flows, Polling, etc.)
+ Polling can now be configured with "up" and "down" dependencies per-device for more intelligent status monitoring
+ Added NBAR support for multiple vendors
+ Added more flexibility to Flash map editing
+ Added customized background images to mapping
+ Maps are now more theme aware
+ Map connections now support connecting two icons with a saved report
+ Added multiple connectors between devices in mapping
+ Added option from Device Overview to view all interfaces
+ Added an easier way to navigate to rename templates
+ Added more time interval options for reports
+ Flowalyzer data is now available beyond 1 minute intervals
+ Added Host to Host with Next Hop report
+ Added Availability by device report
+ Added connections RTT medianet report
+ Reports can now be viewed using rate or percent in maps
+ Added Barracuda device icons
+ The watcher service has been replaced
+ mIAM OSes Views report now provide a list of switches
+ The emerging threats list is now based on IP Reputation and includes categories
+ An IP / DNS button has been added in mapping
+ Added a ASA Denied Flows Algorithm
+ Added IP Group filter to reporting
+ Added a new dark teal skin theme
+ The unfinished flows and internet threats algorithms can now be configured to use source or destination IP as the violator
+ Added Cisco ASA biflow support
+ Added HD test to scrut_util
+ New view: mIAM Hosts by OS added
+ Use totals tables when there is a template filter
+ Added additional checks and balances for security between components
+ Enhance template naming capability
- [fixed] Don't insert noSuchObject when SNMP object doesn't exist
- [fixed] Scheduled reports running at times different than when they are scheduled
- [fixed] Vitals skip under high load
- [fixed] Scheduled alarms and top interfaces reports are emailed several hours late
- [fixed] No message in Manage Exporters when SNMP fails
- [fixed] Display formatted times for flowstartmilliseconds_plxr and flowendmilliseconds_plxr in Flowview
- [fixed] Sonicwall HTTP_URL element id occasionally causing inserts to fail
- [fixed] Images plot beyond the background of image
- [fixed] Top Interface message now looks inconsistent
- [fixed] Flow Hopper information that is the same shouldn't be highlighted
- [fixed] Subnet filter and subnet display work differently (too much default)
- [fixed] Verify credentials are in CrossCheck methods after an upgrade
- [fixed] xCtrl and yCtrl are not sent back with updated values when the map is saved
- [fixed] Table '...' is marked as crashed and last (automatic?) repair failed
- [fixed] Can't generate PDFs for status tab reports
- [fixed] Crosscheck list last 5 poll cycles out of sync
- [fixed] Flowalyzer is coming into appliance, but not in the tree menu
- [fixed] Pie charts percentages don't match those in table data
- [fixed] Backup /files/log files on upgrade
- [fixed] Stacked/unstacked control showing for pie-charts
- [fixed] Policy manager report not returning results when using logical filters
- [fixed] Google map icon changes to flash map icon on tree menu refresh
- [fixed] Default 24-hour report option displays even when selecting reports in other timeframes
- [fixed] Authentification failure on special character passwords during login
- [fixed] Collector stops when expiring history
- [fixed] Vitals RRDs not ported correctly after 8.6.1- 9.5 upgrade
- [fixed] Pie chart by number of packets graphs incorrectly
- [fixed] Orphans time stamp search has unexpected results
- [fixed] PDF export doesn't include outbound traffic
- [fixed] Address issue where users want threats destination vs. threats source
- [fixed] Clicking on poller icon from device overview or crosscheck get error when using SSL certificate
- [fixed] Calls www.google.com when not using google maps
- [fixed] Upgrade always resets system skin to retro-darkalt
- [fixed] Flowalyzer trending is duplicated
- [fixed] Flow examiner is not showing egress flows when present
- [fixed] Creating a new group with a space in the name results in %20 in the name
- [fixed] Packets column should switch between rate and total in status reports
- [fixed] Emailed reports don't include comment
- [fixed] Lost style in device tree tooltips
- [fixed] CrossCheck notifications command line parameter is incorrectly formatted
- [fixed] Removing the admin tab Privileges removes the report list from tree menu
- [fixed] Bidirectional status reports don't show direction in table
- [fixed] Creating a group in Mapping and then navigating directly to connections breaks the interface
- [fixed] Total column in csv export should use bits or bytes in the column label
- [fixed] Scrutinizer: interface exceeded threshold should have a spoof address
- [fixed] Internet threats monitor shows a destination as the violator
- [fixed] Allow + signs in email addresses - [fixed] Can't email reports that have no results
- [fixed] (ASA) NF_F_USERNAME filter in Flowview fails if Domain included in username
- [fixed] Prevent multiple entries for the same object in Service Level Report
- [fixed] Missing sFlow exception - [fixed] Better data formatting in Flowview
- [fixed] Alarm filters not working for timestamp
- [fixed] Alarm email notifications failed if authentication was required
- [fixed] Saved status report disappears
- Upgrade sometimes fails to create log folder

Version 9.5.2 - 7/11/2012

- fixed potential vulnerability in calls to report filters
- disabled verbose SQL errors in PHP components