PingIntelligence 4.4.1 is a cumulative maintenance release for PingIntelligence 4.4. For a summary of the features introduced in the 4.4 release, see PingIntelligence 4.4 - December 2020.
PingIntelligence 4.4.1 provides the following enhancements and resolved issues.
PingIntelligence for APIs now supports RHEL(Red Hat Enterprise Linux) 7.9 and Ubuntu 18.04 LTS.
New in PingIntelligence Dashboard
- Attack management -The new Attack management page provides a consolidated view of Indicators of Attacks( IoAs ) and enables efficient management of attacks on a per client basis. For more information, see Attack lists.
- Training settings - The new Training Settings page allows you to configure training variables or reset training of an API. For more information, see Configuring training settings.
- Enhanced SSO support using OIDC applications in PingOne - PingIntelligence for APIs Dashboard now supports Single Sign On ( SSO ) for user authentication through PingOne, which also provides authorization information for an end-user after successful authentication. For more information, see Configuring SSO with PingOne.
- Enhanced role selection - PingIntelligence Dashboard now supports role selection based on PingFederate group. For more information, see Configure authentication - SSO with PingFederate.
- Configurable time zone support - PingIntelligence for APIs Dashboard can now be configured to run either in local or UTC time zones. For more information, see Configure time zone in PingIntelligence Dashboard.
New in API Behavioral Security( ABS ) AI Engine
- ABS AI Engine can now be configured to run either in local or UTC time zones. For more information, see Configure time zone in ABS .
- Enhanced query manipulation attack detection by improved training process that supports more thorough detection of query manipulation attacks.
New in sideband integration policies
- PingAccess policy - The updated PingIntelligence sideband policy can now be selectively applied to individual resources of an application in PingAccess. For more information, see PingAccess sideband integration.
- Apigee policy - The updated PingIntelligence sideband policy can now extract user information from any existing OAuth policy in the Apigee gateway. It can also capture the token information, even if the token is stripped by the gateway before sending to the backend API service. For more information, see PingIntelligence Apigee Integration.
- AWS policy - The updated PingIntelligence sideband policy supports improved performance by setting connection keep-alive parameter between ASE and AWS API gateway. For more information, see PingIntelligence AWS API Gateway Integration.
New in Automated deployment
- A new variable is added for configuring the distribution type of Elasticsearch used by PingIntelligence for APIs Dashboard. For more information, see Change Dashboard default settings.
- A new variable setting for configuring the time zone across PingIntelligence for APIs components is added. For more information, see Configure hosts file.
Following issue was resolved in PingIntelligence 4.4.1 release:
|ASE - PI4API-2414||Resolved an issue where ASE and ABS AI Engine used different IP Addresses in X-Forwarded-For (XFF) headers as client IP Address. After the fix, the first valid IP Address in the first XFF header will be used as the client IP Address by both ASE and ABS. If no valid IP Addresses are in the XFF header, the source IP Address of the API request will be used as the client IP Address.|