Start Using New FeaturesStart Using New Features
There are many exciting new features that you can enable after you have upgraded to 11.7.1.0. The following is a list of the new features for each area of NetWitness. For a detailed description of the new features in this release, see the Release Notes for RSA NetWitness Platform 11.7.1.0. Go to the NetWitness All Versions Documents page and find NetWitness Platform guides to troubleshoot issues.
The following sections are a complete list and description of enhancements to specific capabilities:
- Upgrade
- Investigation - SIEM and Network Traffic Analysis
- Endpoint Investigation
- Concentrator, Decoder, and Log Decoder Services
- Event Stream Analysis (ESA)
- Platform
UpgradeUpgrade
-
Pre-stage the upgrade repo to minimize downtime
-
Support for Additional Pre-Upgrade Check Utility
Investigation - SIEM and Network Traffic AnalysisInvestigation - SIEM and Network Traffic Analysis
-
Investigation Enhancements
Endpoint InvestigationEndpoint Investigation
-
Capabilities for Detecting Ransomware That Use the Registry
-
Endpoint Agent Support for macOS Monterey and Windows 11
-
Support for Offline or Standalone Scans on Air-gapped Windows Hosts
-
Support for Full System Scan
-
Redesigned Alerts Tab for Optimized Navigation
Concentrator, Decoder, and Log Decoder ServicesConcentrator, Decoder, and Log Decoder Services
-
Centralized Configuration Management Enhancements
-
Enhanced Network Decoder to Support Load Balancing Deployments
Event Stream Analysis (ESA)Event Stream Analysis (ESA)
-
Enhanced Performance when Retaining Incident Network Data Artifacts
Configuration UpdatesConfiguration Updates
-
Feed Case Sensitivity
-
NetWitness Topology Feature
Platform Platform
-
Backup and Restore CLI Improvements
-
Better Error Handling for Core Services Messages
