Here are descriptions of the more relevant changes in EVSS 14.1

PrivateGSM changes

GUI improvements

The whole Secure Call experience has been re-designed so to offer a better interaction between User and Device. This improvement has been made necessary requested by feedback received after our features (Secure Messaging, Presence, customers after we introduced many new relevant features like Secure Messaging and Presence and we improved Conferences and In-Call advanced features like 3-way calls) ran in extensively on the field. 

PrivateServer changes

New Privacy section in console

Privacy settings has been improved and grouped in a new subsection of the Main Menù called "Privacy Settings". It's our intention to provide Privacy settings easier to be found and used. In this new section we put "Data Retention Policies" subsection, which now includes System Events and Security Events, as well as Secure Message introduced in 14.0. We also created a subsection named "Data Masking" where Service Administrator can decide if to record logs about Call Detail Record and Secure Messages or completely disable such logging. A new option has been added which is Log Masking and it let you have service usage stats without recording and showing service users' detailssensitive metadata. 

Improved Security management 

Present 14.1 version introduces improvements on Security management , both visible and under the hood. focused on Certificate Management that has been completely revised and partially rewritten. 

Certificate's Private Key is more protected now: it's never displayed in console interface and it's exportable by a conveniente Shell Script only via SSH Console connection via password protected pk12 file. Also Certificate's Private Key is no more included in backup archives. It's planned to build up from this release a resa esportabile via file pk12 protetto da password via console ssh

Backup chiave privata: chiave privata dei certificati non più mostrata in interfaccia e resa esportabile via file pk12 protetto da password via console ssh. Inoltre stiamo scrivendo la gestione dei CSR direttamente da console. Infine chiave privata non più esportata nei backup. Implementato da qlke parte il principio dei 4 occhi?

Better Auditing system providing also integration with Archsite

aggiunto framework auditing modulare di alto livello configurabile e in particolare è stata aggiunta la compatibilità con HP-ArchSite. (Sec Event Management) o SIEM -> check wikip. Most sensitive information in Certificates is Private Key so our efforts were concentrated on creating a better protection for it, both during TLS KeyPair creation and PrivateServer data backups. Since present version certificate's Private Key cannot be exported or displayed in Web Console and it cannot be exported via backup archives. Private Key is exportable only using a specific Shell Script (and thus after accessing the appliance via SSH connection) that produces password protected pk12 files. Service Operators/Administrator is be able to create new Private Keys and related CSR and add signed Certificates without directly accessing Private Keys themselves.  

Better Auditing system providing SIEM and integration with HP-ArcSight

PrivateServer in version 14.1 includes a modular auditing framework that replaces previous one. New Auditing is a configurable high level one and we also added to it compatibility with HP-ArcSight and SIEM.