January 2025 Quarterly Release

For help upgrading to the latest version, contact your Cloudhouse Representative. The following table describes each component available to upgrade within this release of Cloudhouse Guardian (Guardian).

Tip: For more information on the known issues currently present within Guardian, see Known Issues .

Release Date	Guardian Platform	Guardian Web	Linux Agent	Windows Agent
23rd January 2025	V4	V3.51.0	V5.39.0	V5.19.0

New Features

Here's what's new in Guardian as part of the January 2025 quarterly release.

Automated Change Reconciliation Using the Freshservice Integration

The Automated Change Reconciliation functionality is now available to streamline your change management process between Cloudhouse Guardian (Guardian) and Freshservice. The change reconciliation automation allows you to track and manage node changes by providing detailed comparisons between pre and post-change states, improving policies compliance and reducing the effort required for manual validation. For more information, see Freshservice Automated Change Reconciliation.

Connection Manager Support for Failing Job Runs

Previously, if a Connection Manager lost connectivity or was restarted during a job run, the job run was unable to be completed as the connection could not be re-established. Instead, the job status may be set to 'In Progress' in the Job History tab (Control > Job History) for 24 hours and then fail. Now, if a Connection Manager loses connection or is restarted during a job run, the remaining tasks will be re-attempted up to three times. If the task then fails to complete after three attempts, the job run is set to 'Failed'. You can use the error log to troubleshoot the cause of the issue and re-schedule the job. For more information, see Job History.

Other Enhancements

Below are the additional enhancements included within the January 2025 quarterly release.

AWS Integration

The following enhancements have been made to the Add AWS Integration page:

The Allow Existing [node type] Nodes to Be Removed checkbox has been removed.

Tip: This enhancement was introduced in the October 2024 Quarterly Release.
The following permissions are now required to detect and scan AWS, VPC, and IAM nodes:
- VPC: ec2:DescribeNetworkAcls.
- IAM: iam:GetUserPolicy, iam:GetRolePolicy, iam:GetGroupPolicy.

For more information, see AWS Integration.

Guardian Web V3.51.0

The following enhancements have been made to V3.51.0 of the Guardian Web application:

Node Tagging Ignore/Remove V3 (GWB-6051).
Update CIS Benchmarks (GWB-6060).
More efficient report generation for hosted appliances (GWB-6104).

Fixed Issues

The following issues were fixed in V3.51.0 of the Guardian Web application:

Bulk editing incorrectly saved medium type as SSH and no further edits could change it back (GWB-6094).
Retrieving non-active nodes was not mapping to the correct External ID (GWB-6097).
Fixed bulk and single node edits (GWB-6098).
The File Diff and View Raw File options were displaying the wrong file name and the View Raw File option was sometimes missing (GWB-6103).

Linux Agent V5.39.0

The following enhancements have been made to V5.39.0 of the Linux Agent:

Node Tagging: Ignore/Remove V3 (GLA-853).
VPC Subnets: Added route tables, flow logs, and ACLs (GLA-860).
Added more logging around participant scans (GLA-861).
Added enforce inbound rules on PrivateLink traffic to LBv2 Properties (GLA-865).
AWS EBS updates (GLA-869).
AWS Auto Scaling instance type (GLA-871).

Fixed Issues

The following issues were fixed in V5.39.0 of the Linux Agent:

More aggressive filtering when requesting nodes from API (GLA-863).
EC2 Configuration Node Route Table Associations getting Route Table Association ID out of order and causing diffs (GLA-867).

Windows Agent V5.19.0

The following enhancements have been made to V5.19.0 of the Windows Agent:

Updated vulnerabilities for the Windows Agent (GWA-468).
Updated Framework version (GWA-469).
Updated Restsharp version (GWA-469).