Central Governance 1.1.2 Release Notes

New features and enhancements

Manage different configurations for Transfer CFT in flows with multiple sources/targets

Flow properties for Transfer CFT can be specialized at the product level in flows with multiple sources and/or targets. A toggle per type of flow properties enables or disables this functionality. By default, it is disabled.

Configure Cipher suites and the minimum SSL/TSL version for Transfer CFT flows

Transfer CFT configuration and policy pages allow configuring the cipher suite list and the minimum SSL/TLS version used by the product in secured flows.

Enable setting an empty or a custom PeSIT password for Transfer CFT

Transfer CFT configuration and policy pages allow you to change the default PeSIT password that is used by the product in flows.

Added Transfer CFT events to Visibility via TLS

Added the ability to configure Transfer CFT to send events to Visibility via a secured connection for Transfer CFT 3.1.3 SP6 and higher.

Added API workflow elements

Added APIs for flow relays, protocols, and A2A flow operations for sources and targets.

Embedded Axway Sentinel 4.2.0 SP2 Patch2 as the Central Governance Visibility service for file-transfer monitoring

Added APIs to

  • Update tags
  • Deploy flows on specific Transfer CFTs
  • Search flows having a specific component (e.g. search flows that have the “SAP” Application as source)
  • Remove products

SecureTransport: Resubmit the transfer

The resubmit command was added in Flow monitoring and Flow reports. This command enables you to re-trigger the transfer on SecureTransport. In this release, resubmission is supported only on failed transfers. Additionally, new flow parameters enable you to configure the file archiving settings on the SecureTransport from Central Governance to allow resubmitting transfers.

Support for Windows 10 browsers

Added support for all browsers on Windows 10 including Windows Edge.

Minor enhancements

  • Added a new port for a secure connection (HTTPS) for audit events sent to Visibility.
  • Display the version after a SecureTransport upgrade or update.
  • Added a Link field in flows. This new field in a flow's general properties allows client defined documentation to be accessed via an html link.
  • Added a Tags filter in Flow reports to filter flows by Tags.
  • You can now use the Partner template ID %HOSTNAME% value for the Unmanaged Product partners in Transfer CFT flows.

Govern Gateway 6.17.1 (Restricted Availability)

Central Governance can manage Axway Gateway 6.17.1, in addition to Axway Transfer CFT 3.1.2 and higher, and SecureTransport 5.3.1 and higher.

Known issues

The following are known issues in this version.

SecureTransport

Flow limitations when using SecureTransport

The following are limitations and workarounds when using SecureTransport in flows.

Flows with SecureTransport as source

Cannot deploy flows with an Application linked to a SecureTransport 5.3.3 as the source.

Receiver pulls files from SecureTransport over PeSIT

If files are available to pull but the flow manager changes the Partner’s PeSIT login in the flow and re-deploys it, then the partner can no longer download the available files. This is because the files are in /<PeSIT identifier>/OLD_PESIT_LOGIN and remain there indefinitely unless removed manually. The same situation can occur if the PeSIT identifier is changed in the flow.

SecureTransport receives files over PeSIT and receiver pulls files from SecureTransport over PeSIT

If the same PeSIT identifier and SecureTransport PeSIT login is configured in the flow both before and after the SecureTransport relay the result is only one transfer profile representing the PeSIT flow (name= <PeSIT identifier>). This is because receive properties for file encoding and record format configured in the first part of the flow are overwritten at deployment by properties setting the receiver as pulling files from SecureTransport.

SecureTransport upgrade

When upgrading SecureTransport 5.3.1 to 5.3.3 from outside of Central Governance, and the SecureTransport is registered with Central Governance, you should run a script prior to starting the upgrade. For script details, refer to the Central Governance User’s Guide Guide > SecureTransport registration > Detect updated version.

Replace an unmanaged product with a managed SecureTransport in SSL flows

Rather than have a flow with an unmanaged product sending files to Transfer CFT via SSL, replace the unmanaged product with a registered SecureTransport. When changing the flow, you must provide a private certificate for SecureTransport to authenticate to Transfer CFT. You cannot use the same certificate used for the unmanaged product being replaced. You must upload a certificate chain containing a new SSL certificate in the client communication profile.

Visibility

Commands on Transfer CFT disabled in "View all flows” report on MS SQL Server

Transfer CFT commands are not available by default when Central Governance uses MS SQL Server as the Application database.

Workaround:

  1. In View all flows, click Edit document. Go to Design tab. Add the State Attribute in the design table, and deselect the Visible option.
  2. Save report changes.

SecureTransport resubmit

The resubmit command is supported starting as of SecureTransport 5.3.3. In Flow reports the resubmit command is available for SecureTransport 5.3.1, however the command fails on execution.

Flows with file processing execution failure are reported as successful in Visibility

When a flow execution fails at a post-processing step on a relay or target, the flow is seen as successful in Visibility because from the source standpoint the flow is seen as “Completed”. The State order defines that “Completed” state is after “Post-processing” state.

Transfers in error are not visible in the Flow report

If Central Governance is configured with an external MS SQL Server, the transfers that do not have a set start date are not displayed in the View all flows Flow report, for example SecureTransport transfers that are in a Failed state.

Workaround:

Edit the report in the Dashboard Design. In the Filter tab add in the Start date field “if Start date is null”, as for the End date.

Identity and access management limitations

  • The user interface only supports ASCII characters. You cannot use non-ASCII characters.
  • You cannot rename an organization.
  • When you rename a role that has been assigned to users, the privileges associated with the role are suspended until a user accesses the User List page.
  • When using an identity store of type Active Directory, group hierarchy is not supported. This means when mapping an internal role to an external super-group, the user linked indirectly to the super-group does not inherit the rights. As a workaround, map the internal role to the sub-group directly linked to the user.
  • After accessing the separate user interfaces for Central Governance services — Access and Security, Visibility and Dashboards — there is no way to log out of those UIs, in the same way that you can log out of the Central Governance UI. You can exit the other UIs individually by closing their browser tabs, or closing the browser to end all UI sessions. Logging out of Central Governance also makes the other UIs inactive.

Tools

XML import/export

Command line import/export is not available in XML format due to XML parser library security vulnerabilities.

Related documentation

Central Governance has documentation covering all aspects of the product. This includes:

  • Central Governance Installation Guide
  • Central Governance User's Guide
  • Central Governance Security Guide
  • Capacity Planning Guide, which focuses on managing Transfer CFTs with Central Governance

Documentation is available on the Help Center tab in the Central Governance user interface.

Support services

The Axway Global Support team provides worldwide 24 x 7 support for customers with active support agreements.
Email support@axway.com or visit support.axway.com.

Related Links