This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
SandraCarielli
Beginner
Beginner
‎2011-06-29 01:52 PM

Event Explorer 4.0.3 Q&A

Event Explorer 4.0.3 was released today.  Any questions?  Post here!

0 Likes
Reply
19 Replies
RSAAdmin
Beginner
Beginner
‎2011-06-29 04:01 PM

EE 4.0.3 mentions NICP authentication support and the release notes direct you to the 4.0 SP4 release notes (not listed under the main enVision documentation folder on SCOL, by the way). The SP4 release notes do not contain the word NICP. What is this feature? David
0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2011-06-29 06:38 PM

It is explained in the release notes for SP4 Patch 2 which I think was released today or yesterday.

 

 

Paul

 

 

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2011-06-30 12:04 AM

Interesting. Reading through the patch notes, I'm still not entirely clear what uses the NIC Protocol to connect. Is this just for multi-site and EE communications? What is the risk involved with the previous (NIC0) version of the protocol? David
0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2011-06-30 07:36 AM

From reading the patch notes, EE connections use NICP to connect to the NIC server service which could be on a DSRV or on the single appliance site.  On a multi-appliance site the separate appliances also use NICP to connect to the NIC Server service on the DSRV.  NICP0 would accept non-authenticated connections and most times when a critical service allows itself to be access without authentication there is an inherent risk.

 

Again, this is just from what I read in the document.

 

Paul

 

0 Likes
Reply
SergeyBarbashi1
Beginner
Beginner
In response to RSAAdmin
‎2011-06-30 08:13 AM

Hi,

 

After installing Event Explorer 4.0.3, I can't run it, Event Explorer receives next message:

 

"An error has occured. See the log file

C:\Users\klopkov\EventExplorer\.metadata\.log"

I'm attaching this ".log" file.

 

After that I've tested 4.0.2, 4.0.1 version but the result is the same.

 

OS - Windows 7.

 

Does anybody had the same problem?

.log
0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to SergeyBarbashi1
‎2011-06-30 09:11 AM

When you launch the Event Explorer desktop icon, are you running it as administrator?

 

George

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2011-06-30 09:18 AM

Understood. It would be helpful to have more explanation of this from RSA directly. Specifically, what can be done over this protocol? Could someone connect to a non-authenticated NICP session and retrieve all data? Can data be modified or submitted via this protocol? Is data encrypted over this protocol (either v0 or the new v1)? This is a very short and unhelpful write up (by RSA) for what has the potential to be a serious vulnerability. David
0 Likes
Reply
SergeyBarbashi1
Beginner
Beginner
In response to RSAAdmin
‎2011-06-30 09:25 AM

George,

 

Yes, I'm runnig it as administrator.

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to SergeyBarbashi1
‎2011-06-30 11:21 AM

I just installed (upgrading from 4.0.2 to 4.0.3) on a Windows 7 Desktop and am not having an issue with running it.  Your best option would probably be to open up a support case. 

 

Paul

 

 

0 Likes
Reply
© 2021 RSA Security LLC or its affiliates.
All rights reserved.