This release of RSA Web Threat Detection consists of the following changes and enhancements:
Enhanced Flexibility for Multi-Tenancy Deployments
In this release, customers can customize rules, search results, and the clickstream view for each tenant based on tenant-specific data by configuring selectors, extractors and attributes per tenant. This new functionality increases the flexibility for customers with a multi-tenancy configuration where each tenant has different web sites and different data in the HTTP request and response. For example, a Technical Service Provider might have multiple tenants for customers with different web-sites. In this type of deployment, the Technical Service Provider can configure the system to use the tenant-specific data for each of the tenants.
Kafka Server Messaging
To provide an easier data streaming process and enhanced performance, all transactions and alerts are now directed through Kafka, a standard messaging system. RSA recommends implementing use of the Kafka server instead of MQ Bridge for data streaming, as MQ Bridge is nearing end of life.
Action Server Improvements
This release of Web Threat Detection includes significant performance improvements to the Action server. In addition, this release has combined the Action server and Transaction Scoring for Adaptive Authentication server into one Action server for a streamlined process.
This release includes and upgrade to the Cassandra database, providing improved stability and security.
Hourly Rules Functionality
As part of the planned future removal of hourly rules from the product, starting in this release, hourly rules cannot contain custom actions.
Fraud Action Script
The updateFaiEdsFeed script fetches RSA FraudAction EDS files and includes them in the Web Threat Detection EDS directory for seamless integration with RSA FraudAction services.
This release includes the following additional utility scripts:
- TrxAndUsersCount script
Counts the number of transactions and number of unique users per tenant per month, on both multi-tenant and single tenant installations. The script can be used by Technical Service Providers to measure the volumes of traffic and users per tenant.
- KafkaConsumerTool script
Extracts both encrypted and unencrypted messages from the Kafka server, and sends the output to the shell console.
For additional documentation, downloads, and more, visit the RSA Web Threat Detection page on RSA Link.
RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.