RSA Archer Announces Availability of RSA Archer Release 6.7

Document created by RSA Product Team Employee on Oct 29, 2019Last modified by RSA Product Team Employee on Oct 29, 2019
Version 2Show Document
  • View in full screen mode
Summary:

RSA announces availability of RSA Archer Release 6.7.

Platforms:

RSA Archer Platform running on all supported Operating System (OS) platforms.

Details:

RSA announces general availability of RSA Archer Release 6.7. This release delivers enhancements to the RSA Archer Platform, focused on improving user experience, reporting, and administration. In addition, the release includes updates for Public Sector, Enterprise & Operational Risk Management, IT & Security Risk Management, and Third Party Governance use cases. 

 

Release 6.7 is immediately available in all languages supported by RSA Archer, including English, French, Spanish, German, Italian, Brazilian Portuguese, Japanese, and simplified Chinese.

 

Updates to the RSA Archer Platform in Release 6.7 include:

  • User Experience enhancements:
    • The Global Header has been updated to provide single-click access to global search, reports, tasks, and notifications from any page within RSA Archer.
    • The Navigation Menu has been redesigned to improve usability and reduce the number of clicks required to access items of interest.
    • A new Quick Link bar located between the Navigation Menu and the Dashboard header provides users with easy access to Quick Links associated with a workspace.
    • Display control for the Global Header and Navigation Menu allows users to increase the content viewing area of the page.
    • Dashboard updates enable easier navigation, with quick links to frequently accessed user actions and dashboard options that remain at the top of the page when scrolling through iViews. Updated iViews enable easier viewing of data and charts and include enhanced scroll bar appearance and spacing.
    • New Landing Page iView provides a clean, simple dashboard for "first line of defense" users to interact with RSA Archer. It provides business users with easier access to common tasks and reports. All elements of the iView are configurable.
    • New Environment bar allows administrators to customize text and color at the top of every page within RSA Archer to help reduce confusion as to which environment the business user is working in.
    • Record pages updates include a cleaner layout and easier navigation.
      • A new View and Edit toggle enable end users to quickly edit the record.
      • A new Action drop down allows end users to take action on records that leverage Advanced Workflow, Save, and Save and Close.
      • Updated toolbar displays actions allow business users to create a New record, Export the record, Email the record link, Copy the record, Print the record, Delete the record, Recalculate, show Related records, and see Access details.
    • Track Record Progress through Advanced Workflow enables business users to view previous and current user action nodes within the record header for records enrolled in Advanced Workflow. 
    • User interface updates provide a consistent color scheme, allowing administrators to control the color of menus, section headers, and field borders. Administrators can apply images and color schemes to the headers and footer of the RSA Archer system.
    • Silverlight has been removed in back office pages for Manage Languages.

 

  • Reporting enhancements:
    • Charting improvements provide a cleaner appearance and additional interactive functionality, including dynamic filtering, dynamic chart markers including a new Average marker, and drill-in capabilities with multiple chart types.
    • New chart types include tree map, sunburst, combination charts, and updated gauge charts to view thresholds.
    • Featured Metric chart type updates present summary values in specific colors providing viewers added graphic context for the values and delivering the ability to add color options, set threshold markers, and export the chart into multiple formats.

 

  • Administration enhancements:
    • Data Gateway RESTful API provides commands to add, update, and delete Data Gateway connections, content mapping, and field mapping. New Data Gateway documentation provides instruction for coding a Data Gateway connector. Updates enable administrators to configure the feature without the need for professional services. 
    • New Automated Deployment of Packages enables the automated generation and installation of packages between Development, Testing, and Production instances.
    • Definitions for on-demand application (ODA) statuses (Development, Production, Archived, and Retired) have been updated to clarify the purpose and intent of each application status.
    • On-demand applications in the "Development" status, including the application and any related questionnaires, will automatically change to the "Archived" status and the records will become read-only after a 90-day trial period.
      • After the 90-day trial period, on-demand applications will require a license for continued use of the application.
      • If an on-demand application was created prior to upgrading to RSA Archer release 6.7, the status of the application will change to "Archived" 90 days after the upgrade to Release 6.7 is complete.
      • If an on-demand application was created after upgrading to Release 6.7, the status of the application will change to "Archived" 90 days after the creation date.
      • The time remaining for "Development" status appears in the administrator's user interface each time an application that is in the "Development" status is saved.
      • Please review the blog for more information, along with answers to frequently asked questions regarding this feature.
    • New Application Configuration Administrator and Application Content Administrator roles separate the assignment of duties to meet compliance requirements. Content Administrators have unrestricted access to all record content in their applications or questionnaires. Configuration Administrators have full editing rights over their applications or questionnaires and can fully customize their properties.
    • New Proxy Bypass enables administrators to add exceptions for specific IP addresses and domain names to bypass the proxy, reducing the load on proxy services.
    • New Secure connection for FTP data feed is available by enabling SSL and including the IP address in the Outgoing IP Address field in the RSA Archer Control Panel.
    • New capability to specify IP addresses in the Outgoing IP Whitelist allows designation of a range of IP addresses to which the RSA Archer Platform can make connections. The outgoing connection can be initiated by the LDAP Synchronization Service and the job engine. This restrictive connection mechanism is applicable only for Data Feed transporters that pull data over the network and LDAP Configuration.
    • New Naming convention for log files assigns unique names for each log file to easily track specific log files, eliminate the need to manually rename files, and improve troubleshooting.
    • Elasticsearch deployment has been updated with coupling at the Installation level, rather than the Instance level, allowing administrators to index multiple instances into the same Elasticsearch cluster residing under one installation.
    • Elasticsearch has been upgraded to version 6.8.3. Customers using Elasticsearch must perform a rolling upgrade, as recommended by Elastic, and install the join-search-plugin version 6.8.3 to maintain Elasticsearch integration.
    • New Indexing Service Manager plug-in enables administrators to configure and manage the Indexing Service from the RSA Archer Control Panel user interface. As part of installation or upgrade, configuration file parameters for Elasticsearch cluster configurations are migrated to the RSA Archer Configuration Database.
    • Content API performance improvements include implementation of code refactoring, in-memory caching, and the addition of the OData Filtering parameter "$top".

 

Updates to RSA Archer use cases in Release 6.7 include:

  • The RSA Archer Continuous Monitoring use case for the Public Sector has been updated with new application capabilities for managing vulnerabilities, including vulnerability reference lists, vulnerability tickets, historical vulnerability data, technologies, malicious code, subsystems, support of NVD, Qualys, Tenable and Rapid7 data feed integration, and more.
  • The RSA Archer Assessment & Authorization use case for the Public Sector has been updated with new application capabilities aligning with the RSA Archer Continuous Monitoring use case which include Hardware, Software, Offices, Agencies, Department, Mission/Business Processes, POA&M, and Risk Acceptance applications.
  • The RSA Archer Top-Down Risk Assessment and RSA Archer Operational Risk Management use cases have been updated to provide enhanced support for  Monte Carlo. Risk Scenarios provide greater granularity for risk assessments and can now leverage Monte Carlo approaches such as expert elicitation or historical loss method for greater flexibility and precision in assessing risks. The Monte Carlo assessment approach leverages integration with Palisade @RISK.
  • The RSA Archer IT Risk Management and RSA Archer Information Security Management System use cases have been updated to incorporate new Risk Register capabilities.
  • The RSA Archer IT Security Vulnerabilities Program use case includes additional fields supporting the new CVSS 3.0 format to receive data from NVD, as well as data points related to the Third Party Security Risk Monitoring – Own Enterprise and Rapid7 integrations.

  • The RSA Archer Risk Catalog use case documentation has been updated to include content to assist end users in identifying risks and managing risk hierarchy. In addition, new swim lane diagrams provide administrators with a detailed view of the Risk Catalog business processes.
  • Documentation for all RSA Archer Third Party Governance use cases has been updated to include content to assist end users in managing third party information and new swim lane diagrams.
  • The RSA Archer Enterprise Catalog package has been updated. This package aggregates frequently-used shared applications across multiple use cases and has been updated. It does not require new licensing. The package is a prerequisite that must be installed for many RSA Archer use cases. Please refer to the use case Help documentation for more information and installation instructions.

 

Recommendation:

RSA recommends that customers running RSA Archer Releases 6.2, 6.3, 6.4, 6.5, or 6.6+ apply this latest update. Please note that all releases are cumulative.

 

Documentation:

To read the Release Notes for RSA Archer Release 6.7 and additional release documentation, please visit the Release 6.7 subspace on the private RSA Archer Customer/Partner Community on RSA Link. Not yet a member of RSA Link? Register for an account on RSA Link with access to the private RSA Archer Customer/Partner Community.

EOPS Policy:RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.

Attachments

    Outcomes