InTrust can now work in environments where TLS 1.2 is used exclusively.
This version of InTrust includes the new Knowledge Pack for Trend Micro InterScan Web Security Virtual Appliance. It provides task-based auditing and real-time monitoring capabilities based on Syslog messages forwarded from InterScan Web Security virtual appliances to Linux hosts. Real-time collection of such events is not supported.
From this version on, InTrust no longer supports the Microsoft Excel format for scheduled Repository Viewer reports and export of results from Repository Viewer. Instead of continued support for two similar formats, InTrust now has better support for CSV, making sure CSV files open correctly in Excel.
In this release, the product is rebranded Quest InTrust.
Windows Server 2016 can now be audited and monitored, and InTrust components can be installed on this operating system.
InTrust Deployment Manager has received some important updates:
Printable reports generated by Repository Viewer can now use pie chart and column graph representation.
You can run relevant searches in IT Security Search from multiple contexts in InTrust:
To run a search, click the query URL or shortcut menu item provided. This search returns data that is relevant to the event at hand so that you can perform quick analysis.
You can customize templates for notifications and real-time alerts to include named fields that don't occur in the original events but are calculated by InTrust. This makes it easy to include information from such important fields as Who, Whom, When, What, Where, Where From and so on, no matter which original event fields are mapped to them.
The classic notification operators available in extended InTrust deployments have received a major enhancement. In addition to explicitly specifying accounts as recipients, you can supply scripts that decide who to notify based on events that trigger real-time monitoring alerts. One such script is shipped with InTrust: "Manager Address Discovery". This script finds out the initiator of the captured event and discovers the email address of that user's manager.
You can provide your own scripts to suit your needs.
Debian GNU/Linux 8 can now be audited and monitored.
This release extends the Active Roles auditing and monitoring capabilities of InTrust to version 7.