SecurTrac(TM) Version 2.5.1 Copyright (C) 1999-2015 Extracomm Inc. All Rights Reserved. *** Important Note *** Please shut down the Domino server before proceeding with the installation. *** Requirements *** This version of SecurTrac requires Lotus Domino Server 7.0.2 or a later version. Domino 7.x,8.x,9.x are also supported *** List of Files *** The SecurTrac 2.5.1 package consists of the following files: nSecurTrac.exe - SecurTrac Domino Add-In Program nSctNMgr.dll - SecurTrac Dynamic Link Library (Extension manager) nSctAmgr.dll - SecurTrac Domino Add-In Program ndbsct.dll - SecurTrac Dynamic Link Library (DBLookup function) nSctDSapi.dll - SecurTrac Dynamic Link Library (DSAPI) SctCfg.NTF - SecurTrac Configuration Database Template SctLog.NTF - SecurTrac Log Database Template SctPolicyLog.NTF- SecurTrac Policy Log Database Template SctQuar.NTF - SecurTrac Quarantine Database Template SctWsif.nsf - SecurTrac Web Service Database SctDocAG.NSF - SecurTrac Administration Guide Database com.extracomm.securtrac.plugin.feature_1.0.2.jar - SecurTrac Plugin Jar File com.extracomm.securtrac.plugin_1.0.2.jar - SecurTrac Plugin Jar File .project - SecurTrac Plugin File site.xml - SecurTrac Plugin XML File *** Support *** Please send any feedback to: support@extracomm.com This version is fully functional for 30 days without a licence key. *** Revision History *** SecurTrac 2.5.1 What's New? 1. In Database Monitor, Rich Text field logging has been enhanced. It shows both the original and new value. Bug fixes and updates 1. In some cases, if temp file doc.xml cannot be deleted, the old file doc.xml will be attached. Fixed. 2. In mail monitor, if user selects "Open initiated by delegate will be treated as a normal open" option, it will cause server crash. This bug was introduced in SecurTrac 2.5. Fixed. 3. Occasionally, SecurTrac creates duplicate server settings document in SecurTrac configuration database. Fixed. SecurTrac 2.5 What's New? 1. Added the ability to exclude people in the Mail Monitor. 2. When a new SecurTrac Log Database file is created, it will copy the previous SecurTrac log database ACL to new SecurTrac log database. 3. The SecurTrac Log database now supports DAOS. 4. SecurTrac can detect multiple IP Addresses being used from the same user id. 5. SecurTrac can lookup hostname and mac address information from a Windows DHCP server. 6. Added support for different Log Database management options for specific SecurTrac log databases. This is configured in the Server Settings document. 7. When installing SecurTrac, it is now possible to replicate SCTCfg.nsf from an existing SecurTrac server to the new local SecurTrac server. 8. Enchanced Dictionary function in the Mail Policy Monitor. It provides more flexibility for filtering. 9. Added Name List function in the Mail Policy Monitor. 10. Added Monitor Summary Report in the User Activity Monitor. 11. Added a new exclude path option in the Mail Monitor list. 12. Added a parameter to skip logging released e-mail from the SecurTrac quarantine database. Bug fixes and updates 1. In Domino 9, accessing mail via iNotes generated an unexpected open log. Fixed. 2. Detect wrong hostname in Mail Policy function. Fixed. 3. If using Pattern, Dictionary, Attachment List functions in the Mail Policy Monitor, the server sometimes hanged. Fixed. 4. When using Office 2013, the SecurTrac Log database statistical view "Graph" option was not work properly. Fixed. 5. Fixed "This document has been altered since the time it was signed! Intentional tempering may have occured." issue. SecurTrac 2.4.4 What's New? 1. SecurTrac can now detect use of the Full Access Administration privilege on a Domino Server. This feature is supported in SecurTrac Mail, Database, Domino Directory and User Activity Monitors. 2. Added the ability to detect text changes in the Message body of an existing e-mail that has been updated. Results are stored on "Message Body - Text Changes" tab of the SecurTrac Mail Monitor log. This applies to Update actions only in the Mail Monitor. 3. Added the ability in Database Monitor to exclude certain database files and/or folders from being monitored. SecurTrac 2.4.3 What's New? 1. In the Mail Policy Monitor, two new actions have been added: (i) Ability to remove attachment(s) when the specified criteria has been matched and (ii) Send an email notification to the sender. 2. More Design element types have been added for selection in the Domino Directory Monitor & Database Monitor. - Additional document types have been added for selection in the Domino Directory Monitor. Bug fixes and updates 1. Mail Policy Monitor: Some incoming and outgoing e-mails were not recognized correctly. 2. Mail Monitor: Logs could not be generated in certain cases when larger sized e-mail messages were in MIME format. 3. Mail Monitor: In some cases logs could not be generated if the e-mail message was in MIME format. This only happened in the Windows 64-bit version of SecurTrac. 4. Mail Monitor: If an e-mail message was sent to both a Lotus Notes user and an Internet user, the message was not quarantined properly. This only happened in the Windows 64-bit version of SecurTrac. 5. SecurTrac was found to have compatibility issues with latest version of Symantec Mail Security for Domino. 6. In the Formula Wizard, the Type-ahead of Name field has been disabled. 7. In some cases the SecurTrac Monitor Report failed to run. 8. Database Monitor: In some database replication cases, the "after-values" were displayed as null instead of displaying the unchanged values. SecurTrac 2.4.2 What's New? 1. A new Mail Monitor option that allows you to monitor based on Mail Database Path in addition to by User name. Having this option, mail activity can now be monitored for Mail-in databases, mail archive databases or mail databases without a Person document. Updates and Fixes: 1. When a document has been deleted, in some cases it may generate warning messages in the SCTMessageLog.txt file. Fixed. 2. When Lotus Traveler updates/deletes a mail document, SecurTrac does not display mobile icon in the mail log view of the SecurTrac log database. Fixed. 3. If the User Activity Monitor is not enabled, some open mail actions performed by Lotus Traveler are not logged. Fixed. 4. Some configuration object memory segments are not released and causes memory leaks. Fixed. 5. In the Database Monitor, when People to Monitor contains person that has a Fowarding Address set in their corresponding Person document, the People to Monitor option does not function properly. Fixed. 6. When SecurTrac logs a Text/RichText field which contains double Enter characters, it may cause a server crash. 7. The Credit Card Mail Policy pattern sample has been updated. SecurTrac 2.4.1 What's New? 1. Uses new Notes API function to retrieve IP address. The SCT.DAT database is no longer used to store Notes session information. Hence the SCT.dat database size should remain minimized. 2. SecurTrac Log Document Connections Details section: SCTSessionProtocol field has been removed. A new SCTSessionPortName field is now used to store the Port Name used by the Notes session. SCTSessionAuthEM field has been removed. SecurTrac will no longer show if the connection is a passthru or direct Notes connection. 3. Enhanced IP session caching mechanism. When reverting to use the old method for retrieving session information, the enhanced caching mechanism will improve the import speed of logs from the SLL folder into the SCTLog.nsf database. To revert to old method of IP address logging, set SCTSecAuthentication=1 in the domino server Notes.ini. 4. If user does not turn on the User Activity monitor, SecurTrac will NOT cache database information. This will improve performance. 5. A new Domino console command has been introduced to compact SecurTrac databases. Syntax: tell securtrac compact 'db1.nsf' 'db2.nsf' .... 'db10.nsf' Note: if there is more than one database specified, you need to put quotes around the database name. 6. A new Domino console command has been introduced to easily determine the SecurTrac version being used. Syntax: tell securtrac version 7. When SecurTrac is upgraded, SecurTrac will retain the existing ACL settings for SecurTrac templates and SctWsif.nsf database. 8. The SecurTrac Build number is now also shown in the SecurTrac server settings document. 9. A new SecurTrac statistic has been added:"Outgoing Database Documents". This shows number of documents in the Outgoing Log database. Updates and Fixes: 1. During a SecurTrac first time setup of ACLs for the SecurTrac templates, if the administrator field in the server document is empty, full administrator field will be used instead to populate the ACLs. SecurTrac 2.4 What's New? 1. A new Mail Policy function to audit/quarantine/copy/delete any e-mail that routes through a Domino server has been incorporated. Company e-mail security policies can be enforced by this feature. 2. A new formula wizard has been added in the Database/Domino Directory/Mail monitors to easily specify a criteria to match without the need to know formula language programming. 3. Now it is possible to use regular expression patterns, dictionary words and file attachments lists to build sophisticated selection criteria. 4. A built-in regular expression tester has been incorporated for administrators to validate regular expression patterns to ensure they work before deployment. 5. Using DSAPI, leverage an enhanced IP address capture function, where the IP address will be captured for http access in addition to Lotus Notes client access. 6. Users accessing e-mail via Lotus Traveler or Blackberry devices can now be accurately logged. 7. The Notes sidebar has been enhanced. It can search all related logs for the selected database in addition to the selected document. 8. Enhanced mail logging. Users sending e-mail by third party e-mail clients, such as Microsoft Outlook Express can now also be logged. The sender's Internet e-mail address will be looked up in the Domino directory. 9. When customizing e-mail notifications, there is no longer a need to manually specify reserved keywords. You can now select the reserved keywords from pre-defined list. 10. A new option has been incorporated into the Mail monitor to allow "open" actions originating from delegated users to be treated as normal "Open" instead of an "Illegal Open". 11. Most monitors now have their own report options. In each monitor, users can now select to receive summary report on a daily/weekly/monthly basis. 12. E-mail notification Importance can now be set in addition to delivery priority. 13. When Domino Groups were used within a SecurTrac Monitor to identify which users should be monitored, if the members field was updated in the Domino Group(s), those changes were not immediately reflected in SecurTrac. An enhancement has been made where SecurTrac will reload corresponding monitors, if changes to the members field were made to any of the specified Domino Groups being used within any SecurTrac monitors. SecurTrac 2.3.3 What's New? 1. In the SecurTrac Server Settings document, a new option to enable the DAOS database setting for the SecurTrac log database on a Domino 8.5 server has been added. 2. License checking module has been changed and a new console command "tell securtrac unlocklogs" to unlock logs has been incorporated. 3. A new Notes.ini parameter SCTLogRouteMailAsSendMail=1 has been added. 4. In a Database/Domino Directory monitor, a new Exception option to ignore Hidden Resource design element changes has been added. 5. When configuring a Log Summary Report, a new option to include the Report Summary in the notification email has been added. Updates and Fixes: 1. In some cases, when a user deleted a document through the Notes client, the IP address information was not captured. This has been fixed. 2. Cannot log design changes, when the design element is modified by a Notes Agent. This has been fixed. 3. If an email contains many attachments and logging of attachment is enabled, it may cause a Domino server crash. This has been fixed. 4. Fixed a problem caused by Domino file caching when SecurTrac writes to a remote Domino server SecurTrac log. SecurTrac 2.3.2 What's New? 1. A new option has been added in the Database/Domino Directory/Mail monitor to export the original database ACL into DXL format. From the SecurTrac log, the administrator can rollback the modified ACL back to the version that is stored in the SecurTrac log document. 2. In a SecurTrac notes.ini monitor log, changed parameter names are now stored in a field called "ModifiedParameters". This makes future log analysis much easier. 3. A new option has been added that allows for the delivery priority of SecurTrac real-time e-mail alert notifications to be set. 4. A new option has been added in the database/domino directory monitor to log internal $fields. 5. A Free version SecurTrac has been introduced and is now supported. 6. The previously released SecurTrac Plug-in for Lotus Notes 8 is now included with SecurTrac 2.3.2 and will be installed by default. 7. SecurTrac will automatically check the LOG_MAILROUTING parameter when logging of routed e-mail messages is enabled in the SecurTrac mail monitor. (The SecurTrac installer will no longer add the Log_mailrouting=40 in Notes.ini and the administrator has to change it manually in the Domino Server Configuration document.) 8. A new Open Log Database button has been added in the SecurTrac Configuration database, allowing the administrator to very easily open the latest SecurTrac log database or any other SecurTrac log database. 9. SecurTrac Configuration and Log database frame is now re-sizable. 10.Set Alarm Level button has been added to the view level Action Bar. Updates and Fixes: 1. In a Database monitor log, header fields are always stored as Text. Previously, the header field data type was the same as the source field which may inherit the Reader Names or Author Names attribute. 2. If a document update/delete action fails, SecurTrac still generated a log for that action. This has been fixed. 3. If the Domino server was started by the Domino Server Controller, SecurTrac could not start properly. This has been fixed. 4. In the SecurTrac log database, Mail Empty Trash Log has been renamed to Mail Deleted Log. SecurTrac 2.3.1 What's New? 1. The throughput of log import process from SecurTrac working folder to the log database has been improved. 2. Mail Delete log will show action "Delete (Recall)" if mail document is deleted by Domino 8 mail recall feature. 3. Document/Mail Update log will show action "Update (Undelete)" if the document (soft deletion) is undeleted/restored by the user. 4. Mail message size will be recorded in field "SCTDocSize" in all mail logs (except Route log). 5. SecurTrac will determinte the actual path of Domino log database (log.nsf) if it is a linked file. Updates and Fixes: 1. In Intrusion Detection monitor, console messages logged to Mail Routing Events were not logged. Fixed. 2. If folder name was used to specify database path in Database Monitor and multiple Database Monitors were used, some Database Monitors might not be functional. Fixed. 3. In Mail Send log or Document Create log, attachment content might not be logged properly. Fixed. 4. If "ExcludeTaskList" was specified in Notes.ini, console messages might not be logged by Intrusion Detection Monitor. Fixed. 5. In Intrusion Detection monitor, if multiple monitors were used and "Ignore changes to the following parameter(s)" was used, the specified parameter might not be logged. Fixed. 6. Server crash when Domino closed a database. Fixed. 7. "Ignore the following fields(s) changes" setting was not working in Domino Directory Monitor. Fixed. SecurTrac 2.3 What's New? 1. New in the Database Monitor is a feature to monitor database Agent activity on the Domino Server. 2. Exception options have been enhanced in both the Database & Domino Directory Monitor - Groups can now be used to specify monitoring exceptions. - a new option "don't generate log if there is no change in field values" has been implemented. - a new option "Ignore the following fields(s) changes" has been implemented. - a new option for ignoring Private View, Private Agent or Agent Data changes has been implemented. 3. E-mail notification content is now customizable (user defined). 4. SecurTrac can now log detected events to a remote SecurTrac server. 5. A new type of monitor called "User Activity Monitor" can be used to monitor user activities. 6. In the Database monitor, a new option to has been implemented to restrict monitoring to specified users only. 7. A new SecurTrac server console command to immediately import the temp files from the SCTWork folder into the SecurTrac log database has been implemented (Tell securtrac import) 8. A new SecurTrac server console command to save SecurTrac configurations in a file for troubleshooting purposes has been implemented. (Tell securtrac dumpconfig) 9. A new SecurTrac server console command to force reloading of SecurTrac configurations has been implemented. (Tell securtrac reloadconfig) 10. For document deletions, the SecurTrac log will show whether or not the document was a "soft" or "hard" deletion. 11. A new option has been added in the Database/Domino Directory/Mail monitor to export the original document/design element into DXL format. From the SecurTrac log, the administrator can rollback the modified document/design element back to the version that is stored in the SecurTrac log document. 12. A new option was added in the Database/Domino Directory ACL monitor to show complete ACL entries in addition to the changed entries. 13. Exception options have been enhanced in Mail Monitor settings - Groups can be used when specifying users. - a new option "don't generate log if it is a Sent Copy" has been implemented. - a new option "don't generate log if it is a SeurTrac generated notification" has been implemented. 14. Improved log database management. The Administrator can specify to purge or rollover the log database based on size or time. 15. A new option has been added in the Database Monitor to log user document Print/Forward actions. 16. Wildcard ?? can be used to specify a database path in the Database Monitor. 17. The log database interface has enhanced for more effective use. 18. Enhanced statistics for different log types. The data can be exported to Excel and presented graphically with a single click. 19. A new Server Settings view to monitor all SecurTrac enabled servers at a glance. 20. The Administrator can opt to receive SecurTrac server statistics manually or automatically(by schedule). 21. SecurTrac parameters can be configured in the new SecurTrac server document. Previously, all parameters had to be set in the Notes.ini 22. A new SecurTrac log summary report can be scheduled to run daily/weekly/monthly. 23. In the Database Monitor, you can set it to monitor specified field changes. In other words, logs will be triggered only when specified fields change. 24. In the Design Element change log, it will show whether the design element is Private or Public(shared). 25. In the log document, there are now links to the monitor document that triggered the event. 26. In the Database ACL audit report, it now calculates and shows the effective access for specified users or groups.