What's new in Cayosoft Guardian V3

10081

A recovery plan for the standby Active Directory forest is added to Cayosoft Guardian. The new recovery plan automatically creates a copy of your production Active Directory forest in the Azure cloud, isolates it from your production Active Directory, and maintains it up-to-date on a scheduled basis. The standby forests in the Azure cloud can be used immediately in case of emergency without the need to go through a time-consuming forest recovery process.   

Active Directory, Forest recovery

4937

Now the Where property of a Change History record contains a more precise location of a changed object. A related Where query filter in the Change History allows searching for a changed object within a specific location such as a Managed system, an Active Directory container, an Azure AD Administrative Unit, and/or a Microsoft 365 Team.   

Active Directory,

Azure AD, Change History

5360, 5892

Cayosoft Guardian now offers audit and protection for Azure AD roles assigned with Azure AD Privileged Identity Management. All changes in temporary or permanent, eligible or active role assignments are now tracked and categorized. 

Service

6105

The discovery status is now displayed in Change History as a new column. Cayosoft Guardian collects events from Windows Security Event Log on each domain controller and correlates these events with previously collected change history records. Once a corresponding event is found for a change history record, Cayosoft Guardian updates the values of the Discovery status, Initiator, and When in this change history record. When is updated with an event time registered by a managed system. If the corresponding event is not found, Cayosoft Guardian stops the search after a predefined timeout and updates the value of the Discovery status. In this case, the Initiator field remains empty and the When value indicates when Cayosoft Guardian collected the change from a connected managed system.

Change History

9203

Additional verification checks were added to an Active Directory forest recovery plan to ensure that the recovered forest is fully functional.

Forest recovery

9643

Cayosoft Guardian now offers audit and protection for Active Directory-integrated DNS zones and records. 

Active Directory, DNS

9756

Cayosoft Guardian now provides better protection for the integrity of the backup files by calculating the CRC32 hash of backup files. This data is used to verify the backup file's integrity before recovery.

Forest recovery

9769, 10244, 10109, 10128, 10129, 10108

Multiple enhancements were introduced for backup plans such as support for synchronization of the backup files to the Azure cloud storage using REST API, automatic selection of domain controllers to be backed up, built-in notifications via email or Teams, additional plan settings related to local backups created on domain controllers, and the option to execute retention rules with a backup plan. 

Forest recovery

9889

With the new version of the Cayosoft Guardian, the database maintenance job is no longer performed on a scheduled basis. Execute database maintenance job manually if necessary. 

Service

9991

Now multiple archive databases from different SQL servers can be added simultaneously and the search can be executed across all connected archives.

Change History, Archive

10132

Jobs now have notification rules that allow sending notifications on job start and completion results. Fine-tuned notification rules are added for various execution results. Communication channels must be configured in order to receive notifications.

Service

10080

Service

10088, 10089

A number of potential security issues were fixed based on the results of the penetration tests. 

Security

10103

Service

10603

Now Cayousoft Guardian shows SID (Security Identifiers) in the SIDHistory attribute in a user-friendly format.

Change History

10303

An issue has been resolved when changing the recovery method resets the value of the target IP address in the domain controller settings of the recovery plan.

UX

10312

An issue has been resolved when a backup job fails with an error if group policy settings do not allow storage of passwords and credentials for network authentication.

Service

10130, 9994, 10084, 10603

UX

10413

Environments with HTTP proxy requiring Windows integrated authentication are now supported in Cayosoft Guardian. 

Azure AD

10514

An issue has been resolved where a retention rule in Cayosoft Guardian didn't delete backup files located on a network share.   

Service

10516

Forest Recovery

10518

An option to skip the check for backup file integrity was added to the recovery plan. While the backup file validity check (CRC) ensures backup integrity, disabling the option might result in a significant reduction in the verification and recovery duration.

Forest Recovery

105520

An increased timeout and additional retries were added for this scenario.

Forest Recovery

10279

An issue has been resolved where a rollback of a change or a deletion of Azure AD named location fails with a warning. 

Azure AD

10294

An issue has been resolved where Cayosoft Guardian service crushes with an error if an Active Directory object in a connected managed system contains a reference to itself as a value in specific Exchange-related attributes such as authOrig, unauthOrig, dLMemSubmitPerms, dLMemRejectPerms attributes.

.

Service

10156

Cayosoft Guardian can be configured with read-only access to Azure AD and Microsoft 365 services.  

A script is provided to add a tenant to Cayosoft Guardian in read-only mode. The script creates an Azure AD enterprise application with read-only permissions and configures Cayosoft Guardian to use a service account with a Global Reader role. In read-only mode, rollback action is disabled in the Change History for all Azure-related changes.   

Service,

Azure AD,

Security

10040

An issue has been resolved where rollback of AD Group Policy Container creation failed with errors. 

Usability

An event category Update permission(s) name was changed to Update EXO mailbox permission(s).

An issue has been resolved when a backup plan failed when SysVol did not contain a temporary folder.

An issue has been resolved when alerting rule for Conditional access policies generated excessive alerts on Azure AD system changes.

7927

Cayosoft Guardian now supports archiving of older records to a separate database. Archiving allows to control active database size, to keep performance at the expected level, and at the same time to preserve records for a long-term period. Also, Cayosoft Guardian now supports configuration where multiple services to collect data, and data collected by one service can be easily accessed via the web portal of another service. For example, Cayosoft Guardian can be installed in multiple locations and provide a consolidated view of all changes in a central location. 

7333, 9940, 9575, 9939, 9901, 9932,

9791

New classification categories and filters in Change history deliver better capabilities for creating more precise searches and reports, provide administrators with better visibility and insight into changes in Active Directory and Azure AD. Now, Cayosoft Guardian automatically converts specific attributes changes and values of some frequently changing attributes to a human-readable event category or a virtual attribute. Also, change records now contain object location for Active Directory objects and administrators can search change records of objects located within specific containers.

Usability,

Security,

Azure AD, Active Directory

The performance of alerting rules and reports improved in some scenarios. Also, the performance of collection jobs targeted at Active Directory was optimized for highly-loaded environments. 

All collected change records now can be forwarded to the Windows event log and collected by a third-party SIEM solution such as Microsoft Sentinel or Splunk.